New Readers

 Home News and World Report Buyers Guide Global Excellence Technology Case Studies Editorial Awards About Info Security
2008 Best Deployment Scenario

 Managing Corporate Internet Access


Current Threat: Most traditional gateway security appliances look outward, protecting the enterprise only from external threats. As network boundaries continue to blur, the need for gateway appliances that offer both external and internal protection has risen. Cyberoam’s identity-based Unified Threat Management solutions advance the state of networking by providing granular visibility into network activity, accounting for both external and internal factors. With its unique identity-based solution, Cyberoam tracks who is doing whaton the network and enables IT administrators to set policies based on the access rights of each individual. 

Info Security Products Guide
this article
COMPARE and print reports
RATE products

Tomorrow's Technology Today - Unified Security

Tomorrow's Technology Today: Cyberoam’s CR Series is the next-generation identity-based Unified Threat Management appliance, which includes identity-based firewall, VPN, gateway antivirus, gateway anti-spam, intrusion detection and prevention, Web content and application filtering, bandwidth management and multiple link management features – all over a single platform.  This provides gateway-level protection against known and emerging Internet threats, including spyware, phishing, pharming, viruses, worms and Trojans.

Cyberoam blends a best-of-breed solution along with its unique user-based approach to provide the most comprehensive, twin shield protection against malicious Internet threats with a greater degree of control, flexibility and ease of management.

User-Based Policies

The single, most important differentiating feature among Cyberoam’s UTM solutions is the ability to control and track individual users throughout the entire network.  Cyberoam is the only vendor providing identity-based integrated network security available on the market today – its competitors can only provide the IP address for identification and control.  The increasingly user-based nature of Internet threats drives the need to control individual user behavior, and renders blanket policies and IP-based policies obsolete. Such policies are not adequately equipped to deal with the increasingly mobile nature of today’s industries.

Cyberoam manages individual behavior by binding user identity to security , protecting enterprises from both external threats and also from the growing number of internal threats that result in most network breaches.  As the user is proving to be one of the weakest links in the security chain today, Cyberoam embeds user identity in firewall rule-matching criteria, eliminating IP addresses as intermediate components to identify and control the user.  This offers instant visibility and proactive control over security breaches, and facilitates single-screen policy creation and dynamic change in the security policies while accounting for user movement and supporting business flexibility.

This identity-based feature especially provides greater visibility and control over multiple user-shared PC scenarios in educational, healthcare, government and financial institutions, as well as in dynamic IP environments.  Cyberoam’s user-identification is able to facilitate dynamic policy settings even in DHCP and Wi-Fi environments. 

Twin Shield Security

Cyberoam also offers twin shield security , a double-layer of protection that controls indiscriminate surfing and defends against external threats. It reduces threats to the minimum, leaving the enterprise free to focus on its business. Cyberoam’s inner shield is formed by its in-house content filtering technology, controlling indiscriminate surfing and preventing virus, worm, Trojan, spyware and phishing sites from entering a network. Firewall-VPN, Spyware Blocker, phishing-pharming prevention, antivirus and anti-spam at the gateway make up Cyberoam’s external shield, guarding the enterprise from Internet threats over multiple WAN links. 

Built-In Reporting

As Cyberoam brings suspicious traffic patterns to IT Managers as they happen, its “on-appliance” or built-in reporting capabilities also offers a range of analytical reports that reveal trends in Internet usage. This feature enables IT Managers to identify both emerging applications and pattern changes, and fine tune enterprise policies. These reports are also advantageously user-centric and can aggregate network usage by user, even if they are using multiple systems or access point into the network.

Flexible Architecture

Sound architectural flexibility makes Cyberoam a highly-scalable solution that tackles both today’s and tomorrow’s threats.  It accommodates easy plug-in of third party software as well as its own enhancements without architectural changes, delivering cost-effective and rapid reaction times to threats and the latest applications. 

Network Management and Diagnostic Tools 

Cyberoam’s inbuilt DNS server prevents phishing and pharming scams involving DNS poisoning while reducing time taken for DNS mapping.  The Cyberoam DHCP server simplifies network administration by keeping track of IP addresses, easing the task of assigning IP addresses to new systems.  Effective diagnostic tools for automatic network connectivity check through ping, trace-route and DNS check greatly facilitate network management.  Cyberoam takes auto backup of database, logs and usage through FTP and mail in addition to delivering email notifications.  Further, online upgrades of new versions and bug fixes are available, simplifying the task of network management. 

Management and Integration Support 

Cyberoam also functions as a proxy server and performs NAT service. Integration with Windows domain controller and Active Directory services enables it to offer single sign-on.  It integrates with the existing network in transparent and bridge modes, preventing attacks before they reach the intended targets without changes to routing tables and network design. 

Conclusion: Cyberoam’s CR Series provides an easy-to-use, integrated network security solution in a single platform, eliminating the need for enterprises to employ multiple security appliances.  Cyberoam reduces capital, operational costs and also meets industry mandates, (CIPA, HIPAA, Sarbanes-Oxley and PCI), helping organizations avoid the fines associated with non-compliance. 

29 Water Street
Newburyport, MA 01950
Tel: +1 978-465-8400
Download the document
From Info Security Products Guide site: CLICK HERE