Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

FIT 10 - Hargun - Cyberoam


Published on

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

FIT 10 - Hargun - Cyberoam

  1. 1. HARI GUNAWAN<br />FIT 04 Juni 2010<br />PT. Jerbee Indonesia<br />
  3. 3. SPAM
  4. 4. SPYWARE
  5. 5. HACKING
  7. 7. ROOTKITS</li></ul>INTERNAL<br /><ul><li>MALICIOUS INTENT
  9. 9. IDENTITY THEFT</li></li></ul><li>Unified Threat Management (UTM) <br />Evolution of the traditional firewall into an all-inclusive security product that has the ability to perform multiple security functions in one single appliance: network firewalling, network intrusion prevention and gateway antivirus (AV), gateway anti-spam, VPN, content filtering, load balancing and on-appliance reporting.<br />
  10. 10. Unified Threat Management (UTM) <br />Firewall <br /> VPN <br /> Intrusion Detection & Prevention<br /> Gateway Level Anti-virus for Mails, Website, File Transfers<br /> Gateway level Anti-spam<br /> Content Identification & Filtering <br /> Bandwidth Management for Applications & Services<br /> Load Balancing & Failover Facilities<br />
  11. 11. Benefits of UTM Appliances<br />Reduced complexity <br />All-in-one approach simplifies product selection, integration and support<br />Easy to deploy<br />Customers, VARs, VADs, MSSPs can easily install and maintain the products<br />Remote Management <br />Remote sites may not have security professionals – requires plug-and-play appliance for easy installation and management<br />Better Man Power Management<br />Reduction in dependency and number of high end skilled Human resources<br />Managed Services<br />Security requirements & day to day operations can be outsourced to MSSPs<br />
  12. 12. Challenges with Current UTM Products<br />Lack of user Identity recognition and control <br /><ul><li>Inadequate in handling threats that target the user – Phishing, Pharming</li></ul>Unable to Identify source of Internal Threats<br /><ul><li>Employee with malicious intent posed a serious internal threat
  13. 13. Indiscriminate surfing exposes network to external threats
  14. 14. 50 % of security problems originate from internal threats – Yankee Group
  15. 15. Source of potentially dangerous internal threats remain anonymous</li></ul>Unable to Handle Dynamic Environments<br /><ul><li>Wi-Fi
  16. 16. DHCP</li></ul>Unable to Handle Blended Threats <br /><ul><li>Threats arising out of internet activity done by internal members of organization
  17. 17. External threats that use multiple methods to attack - Slammer</li></ul>Lack of In-depth Features<br /><ul><li>Sacrificed flexibility as UTM tried to fit in many features in single appliance.
  18. 18. Inadequate Logging, reporting, lack of granular features in individual solutions</li></ul>Need for Identity based UTM…<br />
  19. 19. Identity is missing on firewall, antivirus & Anti-spam<br />
  20. 20. Products<br /><ul><li>Cyberoam UTM
  21. 21. CyberoamiView (Open source Logging & Reporting)
  22. 22. Cyberoam Central Console (Centralized Management)
  23. 23. CyberoamEndPoint Data Protection</li></li></ul><li>Cyberoam Unified Threat Management (UTM) <br />Layer 8 Firewall (Patent-pending Technology)<br />
  24. 24. User<br />Patent Pending: Identity-Based Technology<br />
  25. 25. Cyberoam is the only Identity-based Unified Threat Management appliance that provides integrated Internet security to enterprises and educational institutions through its unique granular user-based controls. <br />
  26. 26. Web and Application Filtering Features<br /><ul><li>Database of millions of sites in 82+ categories
  27. 27. Blocks phishing, pharming, spyware URLs
  28. 28. HTTP upload control & reporting
  29. 29. Block & Control Applications such as P2P, Streaming, Videos/Flash
  30. 30. Local Content Filter Database to reduces latency and dependence on network connectivity.
  31. 31. Customized blocked message to educate users about organizational policies and reduce support calls</li></li></ul><li>Identity-based Bandwidth Management<br /><ul><li>Application and Identity-based bandwidth allocation
  32. 32. Committed and burstable bandwidth
  33. 33. Time-based, schedule-based bandwidth allocation
  34. 34. Restrict Bandwidth usage to a combination of source, destination and service/service group </li></li></ul><li>Authentication and External Integration<br />
  35. 35. Advanced Multiple Gateway Features<br /><ul><li> Active-Active Auto Link Failover & Load Balancing
  36. 36. Active-Passive Auto Link Failover
  37. 37. Source & Destination Routing
  38. 38. Support for more than 2+ ISP links
  39. 39. Schedule based bandwidth assignment
  40. 40. Gateway Alerts on Dashboard
  41. 41. Bandwidth Utilization Graphs</li></li></ul><li>Educate Users with Custom Denied Messages and Reduce Your Support Calls<br />James<br />
  42. 42. Gateway Anti- Virus Features<br /><ul><li> Scans WEB, FTP, Pop3, SMTP & IMAP traffic
  43. 43. Self-service quarantine area
  44. 44. Signature update ever 30 Mins
  45. 45. Identity-based HTTP virus reports
  46. 46. Disclaimer Addition to outbound emails
  47. 47. Spyware and other malware protection including “Phishing” emails
  48. 48. Block attachment based on Extensions (exe, .bat, .wav etc)</li></li></ul><li>Gateway Anti-Spam Features<br /><ul><li> Spam filtering with (RPD) Recurrent Pattern Detection technology
  49. 49. Virus Outbreak Detection (VOD) for zero hour protection
  50. 50. Self-Service quarantine area
  51. 51. Content-agnostic
  52. 52. Change recipients of emails
  53. 53. Scans SMTP, POP3, IMAP traffic</li></li></ul><li>RPD (Recurrent Pattern Detection)<br /><ul><li>Protects against Image-based Spam and spam in different languages
  54. 54. The spam catch rate of over 98%
  55. 55. 1 in Million false positives in spam
  56. 56. Local cache is effective for >70% of all spam resolution cases</li></li></ul><li>Intrusion Prevention System (IPS)<br />IPS Features<br /><ul><li> Multiple and Custom IPS policies Identity-based policies
  57. 57. Identity-based intrusion reporting
  58. 58. Ability to define multiple policies
  59. 59. Reveals User Identity in Internal Threats scenario</li></li></ul><li>Cyberoam in Numbers<br />More than virus signatures in the anti-virus database<br />500,000<br /> 82+ <br />URLs categorized in categories<br /> More than 50 Million <br />More than 5500+<br />* 98%<br />IPS Signatures<br />Spam Detection<br />False Positives<br />* 1 in million<br />
  60. 60. Other Network / System Features<br /><ul><li>High Availability (Active-Active / Active-Passive)
  61. 61. Stateful Failover
  62. 62. VPN Failover
  63. 63. Dynamic Routing (RIP, OSPF, BGP)
  64. 64. NTP Support
  65. 65. Multiple Configurable Syslog Server Support
  66. 66. GUI based Real Time Firewall Log
  67. 67. Roll Back (Roll back to last upgraded version)</li></ul>… And Much More<br />
  69. 69. iView<br />(Cyberoam Aggregated Reporting & Logging Software)<br /><ul><li>Subscription free On-Appliance Reporting
  70. 70. Real-time Monitoring and Alerting
  71. 71. Over 1100+ Drilldown Reports
  72. 72. Reports in HTML, MHTML, PDF, & CSV formats & Email Alerts
  73. 73. Web 2.0 GUI and Reporting interface.</li></li></ul><li>
  74. 74.
  75. 75.
  76. 76. Instant Messaging Logging & Control<br /><ul><li>Yahoo & Windows Live Messaging
  77. 77. Control Who Communicates with Whom
  78. 78. Control Webcam usage
  79. 79. Control Voice Usage
  80. 80. Individual as well as Group Control</li></li></ul><li>Control communication medium<br />(chat, video, voice)<br />Archive Communication<br />Data Protection<br />Control who can chat with whom<br />Productivity<br />
  81. 81. Cyberoam Central Console – CCC Series<br /><ul><li>Reduces operational complexity and deployment time
  82. 82. Minimizes errors and lowers administration cost Enables the MSSPs to have different personnel for managing different customer deployments
  83. 83. Ease of use with view of multiple devices and network status at a glance</li></li></ul><li>
  84. 84. Cyberoam for End Point Data Protection<br />1. Need for Data Protection<br />2. Data Protection & Encryption<br />3. Device Management<br />4. Application Control<br />5. Asset Management<br />
  85. 85. Need for Data Protection<br />60% corporate data lies unprotected on endpoints<br />Lost USBs<br />Medical records of 741 patients lost by a hospital<br />9000 USB sticks found in people's pockets at the local dry cleaners in UK<br />Lost Multimedia Discs<br />Personal information of 11.1mn customers of leading oil refinery (USA) found on streets<br />Wrong Email Attachment<br />Bank employee accidentally sent sensitive <br />customer details to wrong email address<br />Lost iPods<br />12,500 handheld devices forgotten at the back of taxis every 6 months in UK<br />
  86. 86. What Places Data At Risk?<br />Removable Devices<br />USBs, CDs/DVDs, MP3, Digital cameras<br />Unintentional<br />Malicious<br />Insiders<br />Applications<br />Unauthorized transfer of sensitive data; <br />Malware-laden email for information access; <br />Sensitive data sent to wrong person<br />Web, Mail, IM, P2P, Printing, FTP<br />Data At Risk<br />• Business plans, RFP / Tender quotes<br />• Intellectual property related to R&D<br />• Product launch dates and roadmap<br />• Customer data<br />
  87. 87. CyberoamEnd Point Data Protection<br />Protect your Data. Protect your Assets. <br />
  88. 88. Cyberoam End Point Data Protection<br /><ul><li>Comprehensive End Point Data Protection Suite
  89. 89. Modules
  90. 90. Data Protection & Encryption
  91. 91. Device Management
  92. 92. Application Control
  93. 93. Asset Management</li></li></ul><li>Data Protection & Encryption<br />Prevent Data Leakage – Email Attachments<br /><ul><li>Control data shared as attachment in emails
  94. 94. Send customized warning message to user and alert to administrator</li></li></ul><li>Record Data Shared over Webmails<br /><ul><li>Record content of Webmail such as Yahoo, Gmail & Msn</li></li></ul><li>Prevent Data Leakage - Attachments over Instant Messengers<br />Attachment: <br />.doc NOT ALLOWED<br />.jpg<br />.exe<br />File name: confident NOT ALLOWED<br />Size: > 2 MB<br /><ul><li>Control data shared as attachment over Instant Messengers
  95. 95. Send customized warning message to user and alert to administrator</li></li></ul><li>Operation<br />Mode of Transfer<br />File Name/Extn.<br />Back up<br />Document<br />Fixed<br />Before modifying<br />Floppy<br />Read<br />Before copying/cut to<br />CD rom<br />.jpg<br />Modify<br />.doc<br />Removable<br />Before copying/cut from<br />Delete<br />Network<br />Before deleting<br />Unknown<br />Prevent Accidental / Malicious Deletion of Data<br />Selective Action & Back-up of Document<br /><ul><li>Control operations over a document and its mode of transfer
  96. 96. Back up files before specific actions</li></li></ul><li>Printer<br />Printer Type<br />Selected files/Extn.<br />Printer<br />Printer Type<br />Selected files/Extn.<br />Attachment:.doc<br />Attachment:.doc<br />Local<br />Local<br />Attachment:.xls<br />Attachment:.xls<br />Shared<br />Shared<br />Network<br />Network<br />Virtual<br />Virtual<br />Database <br />Server<br />Database <br />Server<br />Prevent Data Leakage through Printed Files<br />Copy of Printed File Saved in Database Server<br /><ul><li>Control access to printers in the system
  97. 97. Save shadow copy of printed file</li></li></ul><li>Encrypt entire device<br />Encrypt selected files<br />Attachment:.doc<br />Attachment:.xls<br />Decrypt before reading<br />Attachment:.jpg<br />Data Sharing Through Removable Devices<br />Encrypts Data, Blocks Data Sharing<br /><ul><li>Encrypt all/selected files while writing to removable device
  98. 98. Decrypt files while reading from a removable device only in organization network
  99. 99. - Data in your lost USB device cannot be decrypted and is safe</li></li></ul><li>Chat session logs<br />Record Chat Sessions even for SKYPE<br />Back up server<br />
  100. 100. Device <br />Management<br />Device Management<br />Protect your Data by controlling data over device<br />USB Device<br />USB keyboard, mouse, modem, storage, hard disk, others<br />StorageDevice<br />Floppy, CD, Burning device, Tape, Removable device<br />Dial<br />Dial-up connection<br />Network Devices<br />Others<br />Wireless LAN adapter, PnP adapter, Virtual LAN adapter<br />Audio equipment, Virtual CDROM, any new device<br />Communication Interface Device<br />Serial ports, parallel ports, modems, Bluetooth <br /><ul><li>Allow only authorized devices</li></li></ul><li>Entertainment<br />(MP3, MP4, MPEG)<br />Pirated software<br />Screensavers<br />Password crackers<br />IM tools<br />Application Control<br />Protect your Data by Controlling Applications<br /><ul><li>Prevent data loss through unauthorized/indiscriminate use of applications
  101. 101. Granular, policy-based application controls</li></ul>- Protect sensitive data & enhance employee productivity<br />- Prevent legal liability, network outages<br />
  102. 102. QUESTION ?<br />
  103. 103. TERIMA KASIH<br />