Interfaces Copper GbEPorts | 8 | Configurable Internal/DMZ/WANPorts | Yes | Console Ports (RJ45) | 1 | USB Ports | 2 | Hardware Bypass Segment# | 2 | System Performance* Firewall Throughput (UDP) | 4,500 | Firewall Throughput (TCP) | 3,500 | New sessions/second | 45,000 | Concurrent sessions | 1,250,000 | IPSec VPN Throughput | 450 | No. of IPSec Tunnels | 250 | SSL VPN Throughput | 400 | WAF Protected Throughput (Mbps) | 500 | Anti-Virus Throughput | 1,400 | IPS Throughput | 1,200 | UTM Throughput | 750 | Stateful Inspection Firewall - Layer 8 (User - Identity) Firewall - Multiple Security Zones - Access Control Criteria (ACC) - User - Identity, Source & Destination Zone,MACand IP address, Service - UTM policies - IPS, Web Filtering, Application Filtering, Anti-Virus, Anti-Spam and Bandwidth Management - Layer 7 (Application) Control &Visibility -Access Scheduling - Policy based Source &DestinationNAT - H.323, SIPNATTraversal - 802.1q VLAN Support - DoS &DDoSAttack prevention -MAC&IP-MAC filtering and Spoof prevention GatewayAnti-Virus & Anti-Spyware -Virus,Worm,Trojan: Detection &Removal - Spyware, Malware, Phishing protection -Automatic virus signature database update - Scans HTTP, HTTPS, FTP, SMTP, POP3, IMAP, IM, VPN Tunnels - Customize individual user scanning - Self Service Quarantine area - Scan and deliver by file size - Block by file types -Add disclaimer/signature Gateway Anti-Spam - Inbound/Outbound Scanning - Real-time Blacklist (RBL), MIME header check - Filter based on message header, size, sender, recipient - Subject line tagging - IP address Black list/White list - Redirect Spam mails to dedicated email address - Image-based Spam filtering usingRPDTechnology - Zero hour Virus Outbreak Protection - Self Service Quarantine area - Spam Notification through Digest - IP Reputation-based Spam filtering Intrusion Prevention System - Signatures: Default (4500+), Custom - IPS Policies: Multiple, Custom - User-based policy creation -Automatic real-time updates from CRProtect networks - ProtocolAnomaly Detection -DDoS attack prevention Web Filtering - InbuiltWeb Category Database - URL, keyword, File type block - Categories: Default(82+), Custom - Protocols supported: HTTP, HTTPS - Block Malware, Phishing, Pharming URLs - Schedule-based access control - Custom block messages per category - Block JavaApplets, Cookies,Active x - CIPA Compliant - Data leakage control via HTTP, HTTPS upload Application Filtering - Inbuilt Application Category Database - 11+ Application Categories: e.g. Gaming, IM, P2P, Proxy - Schedule-based access control - Block - P2Papplications e.g. Skype -Anonymous proxies e.g. UItra surf - “Phone home” activities - Keylogger - Layer 7 (Applications) & Layer 8 (User - Identity) Visibility | Web Application Firewall - Positive Protection model - Unique "Intuitive Website Flow Detector" technology - Protection against SQL Injections, Cross-site Scripting (xSS), Session Hijacking, URL Tampering, Cookie Poisoning - Support for HTTP 0.9/1.0/1.1 - Extensive Logging & Reporting Virtual Private Network - IPSec, L2TP, PPTP - Encryption - 3DES, DES, AES, Twofish, Blowfish, Serpent - HashAlgorithms - MD5, SHA-1 -Authentication - Preshared key, Digital certificates - IPSecNATTraversal - Dead peer detection and PFS support - Diffie Hellman Groups - 1,2,5,14,15,16 - External Certificate Authority support - Export RoadWarrior connection configuration - Domain name support for tunnel end points -VPNconnection redundancy - Overlapping Network support - Hub &SpokeVPNsupport SSL VPN -TCP&UDPTunneling - Authentication - Active Directory, LDAP, RADIUS, Cyberoam - Multi-layered Client Authentication - Certificate, Username/Password - User &Group policy enforcement - Network access - Split and Full tunneling - Browser-based (Portal)Access - Clientless access - Lightweight SSLVPNTunneling Client - Granular access control to all the Enterprise Network resources - Administrative controls - Session timeout, Dead Peer Detection, Portal customization - TCP- based Application Access - HTTP, HTTPS, RDP, TELNET, SSH Instant Messaging (IM) Management -Yahoo and Windows Live Messenger -Virus Scanning for IM traffic -Allow/Block Login -Allow/Block FileTransfer -Allow/BlockWebcam -Allow/Block one-to-one/group chat - Content-based blocking - IM activities Log -Archive files transferred - CustomAlerts WirelessWAN -USBport 3G/4G and Wimax Support - PrimaryWANlink -WANBackup link Bandwidth Management - Application and User Identity based Bandwidth Management - Guaranteed &Burstable bandwidth policy - Application &User Identity basedTraffic Discovery - MultiWANbandwidth reporting - Category-based bandwidth restriction User Identity and Group Based Controls -Access time restriction -Time and Data Quota restriction - Schedule based Committed and Burstable Bandwidth - Schedule based P2Pand IM Controls Networking - Failover - Automated Failover/Failback, Multi-WAN failover, 3GModem failover -WRRbased load balancing - Policy routing based onApplication and User - IP Address Assignment - Static, PPPoE, L2TP, PPTP & DDNSClient, ProxyARP,DHCPserver,DHCPrelay - Support for HTTPProxy - Dynamic Routing: RIP v1& v2, OSPF, BGP, Multicast Forwarding - Parent Proxy support withFQDN - “IPv6 Ready” Gold Logo High Availability - Active-Active -Active-Passive with State Synchronization - Stateful failover - Alerts on appliance status change | Administration & System Management -Web-based configuration wizard - Role-based access control - Firmware Upgrades viaWeb UI -Web 2.0 compliant UI (HTTPS) - UI Color Styler - Command Line Interface (Serial, SSH,Telnet) -SNMP(v1, v2c, v3) - Multi-lingual support: Chinese, Hindi, French, Korean - Cyberoam Central Console (Optional) - Network Time Protocol Support User Authentication - Internal database -Active Directory Integration -Automatic Windows Single Sign On - External LDAP/RADIUS database integration - Thin Client support - Microsoft Windows Server 2003 Terminal Services and Citrix xenApp - Novell eDirectory -RSASecurID support - ExternalAuthentication - Users andAdministrators - User/MAC Binding - MultipleAuthentication servers Logging/Monitoring - Graphical real-time and historical monitoring - Email notification of reports, gateway status, viruses and attacks - Syslog support - Log Viewer - Firewall, IPS, Web filter, Anti Virus, Anti Spam,Authentication, System andAdmin Events On-Appliance Cyberoam-iView Reporting - IntegratedWeb-based Reporting tool - Cyberoam-iView - 1000+ drilldown reports - 45+ Compliance Reports - Historical and Real-time reports - Multiple Dashboards - Username, Host, Email ID specific Monitoring Dashboard - Reports - Security, Virus, Spam, Traffic, Policy violations, VPN, Search Engine keywords - Multi-format reports - tabular, graphical - Exportable formats - PDF, Excel -Automated Report Scheduling IPSecVPNClient** - Inter-operability with major IPSecVPNGateways - Supported platforms: Windows 2000, WinxP 32/64-bit, Windows 2003 32-bit, Windows 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 RC1 32/64-bit - Import Connection configuration Certification - ICSAFirewall - Corporate - CheckmarkUTMLevel 5 Certification -VPNC- Basic andAESinteroperability - “IPv6 Ready”Gold Logo Hardware Specifications Memory | 2GB | Compact Flash | 4GB | HDD | 250GB or higher | Compliance -CE -FCC -UL Dimensions HxWxD(inches) | 1.7 x 14.6 x 17.3 | HxWxD(cms) | 4.4 x 37.2 x 44 | Weight | 5 kg, 11.02 lbs | Power Input Voltage | 100-240 VAC | Consumption | 99W | Total Heat Dissipation (BTU) | 338 | Environmental OperatingTemperature | 0 to 40 °C | Storage Temperature | -25 to 75 °C | Relative Humidity (Non condensing) | 10 to 90% | |