Cyberoam Cr50ing (utm Appliance)
No Longer Available
Overview:
Cyberoam Unified Threat Management appliances offer assured security,
connectivity and productivity to small and medium enterprises (SMEs) by allowing
user identity-based policy controls.
Cyberoam?s User Layer 8 Technology treats user-identity as the 8th Layer or the
HUMAN layer in the protocol stack. It attaches user identity to security, taking
organizations a step ahead of conventional solutions that bind security to
IP-addresses. This adds speed to an organization?s security by offering instant
visibility into the source of attacks by username rather than IP address ?
allowing immediate remediation to restore security or allowing proactive
security. Layer 8 technology functions along with each of Cyberoam security
features to allow creation of identity-based security policies.
Cyberoam?s future-ready Extensible Security Architecture (ESA) offers an
extensible platform that can grow with the future security needs of an
organization without degrading system performance. ESA supports feature
enhancements that can be developed rapidly and deployed with minimum efforts.
Layer 8 Identity-based policies Role-based access at remote locations
Visibility into who is doing what
Comprehensive UTM Security Stateful Inspection Firewall
Intrusion Prevention System
Anti-Virus & Anti-Spyware
Anti-Spam
Web Filtering
Application Visibility & Control
On-appliance Reporting
Secure Remote Access IPSec VPN
L2TP
PPTP
SSL VPN
WAN Connectivity & Availability Bandwidth Management
Multiple Link Management
3G / WiMAx Support
Advanced Networking Multi-core Architecture
Extensible Security Architecture
Wi-Fi Security Wireless Standards IEEE 802.11 n/b/g (WEP, WPA, WPA2, 802.11i ,
TKIP, AES, PSK, 802.1x EAP)
Up to 8 bssid Access Points
Centralized Security Management CCC Appliances
Cyberoam iView Open Source Solution ? Logging & Reporting
Cyberoam iView Appliances ? Logging & Reporting
Specifications:
Specification
Interfaces
Copper GbEPorts 8
Configurable Internal/DMZ/WANPorts Yes
Console Ports (RJ45) 1
USB Ports 2
Hardware Bypass Segment# 2
System Performance*
Firewall Throughput (UDP) 3,250
Firewall Throughput (TCP) 3,000
New sessions/second 30,000
Concurrent sessions 1,000,000
IPSec VPN Throughput 400
No. of IPSec Tunnels 200
SSL VPN Throughput 300
WAF Protected Throughput (Mbps) 300
Anti-Virus Throughput 1,000
IPS Throughput 750
UTM Throughput 550
Stateful Inspection Firewall
- Layer 8 (User - Identity) Firewall
- Multiple Security Zones
- Access Control Criteria (ACC) - User - Identity, Source & Destination
Zone,MACand IP address, Service
- UTM policies - IPS, Web Filtering, Application Filtering, Anti-Virus,
Anti-Spam and Bandwidth Management
- Layer 7 (Application) Control &Visibility
- Access Scheduling
- Policy based Source &DestinationNAT
- H.323, SIPNATTraversal
- 802.1q VLAN Support
- DoS &DDoSAttack prevention
- MAC&IP-MAC filtering and Spoof prevention
GatewayAnti-Virus & Anti-Spyware
-Virus,Worm,Trojan: Detection &Removal
- Spyware, Malware, Phishing protection
-Automatic virus signature database update
- Scans HTTP, HTTPS, FTP, SMTP, POP3, IMAP, IM, VPN Tunnels
- Customize individual user scanning
- Self Service Quarantine area
- Scan and deliver by file size
- Block by file types
-Add disclaimer/signature
Gateway Anti-Spam
- Inbound/Outbound Scanning
- Real-time Blacklist (RBL), MIME header check
- Filter based on message header, size, sender, recipient
- Subject line tagging
- IP address Black list/White list
- Redirect Spam mails to dedicated email address
- Image-based Spam filtering usingRPDTechnology
- Zero hour Virus Outbreak Protection
- Self Service Quarantine area
- Spam Notification through Digest
- IP Reputation-based Spam filtering
Intrusion Prevention System
- Signatures: Default (4500+), Custom
- IPS Policies: Multiple, Custom
- User-based policy creation
-Automatic real-time updates from CRProtect networks
- ProtocolAnomaly Detection
-DDoS attack prevention
Web Filtering
- InbuiltWeb Category Database
- URL, keyword, File type block
- Categories: Default(82+), Custom
- Protocols supported: HTTP, HTTPS
- Block Malware, Phishing, Pharming URLs
- Schedule-based access control
- Custom block messages per category
- Block JavaApplets, Cookies,Active x
- CIPA Compliant
- Data leakage control via HTTP, HTTPS upload
Application Filtering
- Inbuilt Application Category Database
- 11+ Application Categories: e.g. Gaming, IM, P2P, Proxy
- Schedule-based access control
- Block
- P2Papplications e.g. Skype
-Anonymous proxies e.g. UItra surf
- ?Phone home? activities
- Keylogger
- Layer 7 (Applications) & Layer 8 (User - Identity) Visibility
Web Application Firewall
- Positive Protection model
- Unique "Intuitive Website Flow Detector" technology
- Protection against SQL Injections, Cross-site Scripting (xSS), Session
Hijacking, URL Tampering, Cookie Poisoning
- Support for HTTP 0.9/1.0/1.1
- Extensive Logging & Reporting
Virtual Private Network
- IPSec, L2TP, PPTP
- Encryption - 3DES, DES, AES, Twofish, Blowfish, Serpent
- HashAlgorithms - MD5, SHA-1
- Authentication - Preshared key, Digital certificates
- IPSecNATTraversal
- Dead peer detection and PFS support
- Diffie Hellman Groups - 1,2,5,14,15,16
- External Certificate Authority support
- Export RoadWarrior connection configuration
- Domain name support for tunnel end points
- VPNconnection redundancy
- Overlapping Network support
- Hub &SpokeVPNsupport
SSL VPN
-TCP&UDPTunneling
- Authentication - Active Directory, LDAP, RADIUS, Cyberoam
- Multi-layered Client Authentication - Certificate, Username/Password
- User &Group policy enforcement
- Network access - Split and Full tunneling
- Browser-based (Portal)Access - Clientless access
- Lightweight SSLVPNTunneling Client
- Granular access control to all the Enterprise Network resources
- Administrative controls - Session timeout, Dead Peer Detection, Portal
customization
- TCP- based Application Access - HTTP, HTTPS, RDP, TELNET, SSH
Instant Messaging (IM) Management
-Yahoo and Windows Live Messenger
-Virus Scanning for IM traffic
-Allow/Block Login
-Allow/Block FileTransfer
-Allow/BlockWebcam
-Allow/Block one-to-one/group chat
- Content-based blocking
- IM activities Log
-Archive files transferred
- CustomAlerts
WirelessWAN
-USBport 3G/4G and Wimax Support
- PrimaryWANlink
- WANBackup link
Bandwidth Management
- Application and User Identity based Bandwidth Management
- Guaranteed &Burstable bandwidth policy
- Application &User Identity basedTraffic Discovery
- MultiWANbandwidth reporting
- Category-based bandwidth restriction
User Identity and Group Based Controls
-Access time restriction
-Time and Data Quota restriction
- Schedule based Committed and Burstable Bandwidth
- Schedule based P2Pand IM Controls
Networking
- Failover - Automated Failover/Failback, Multi-WAN failover, 3GModem failover
- WRRbased load balancing
- Policy routing based onApplication and User
- IP Address Assignment - Static, PPPoE, L2TP, PPTP & DDNSClient,
ProxyARP,DHCPserver,DHCPrelay
- Support for HTTPProxy
- Dynamic Routing: RIP v1& v2, OSPF, BGP, Multicast Forwarding
- Parent Proxy support withFQDN
- ?IPv6 Ready? Gold Logo
High Availability
- Active-Active
- Active-Passive with State Synchronization
- Stateful failover
- Alerts on appliance status change
Administration & System Management
-Web-based configuration wizard
- Role-based access control
- Firmware Upgrades viaWeb UI
- Web 2.0 compliant UI (HTTPS)
- UI Color Styler
- Command Line Interface (Serial, SSH,Telnet)
- SNMP(v1, v2c, v3)
- Multi-lingual support: Chinese, Hindi, French, Korean
- Cyberoam Central Console (Optional)
- Network Time Protocol Support
User Authentication
- Internal database
- Active Directory Integration
- Automatic Windows Single Sign On
- External LDAP/RADIUS database integration
- Thin Client support - Microsoft Windows Server 2003 Terminal Services and
Citrix xenApp - Novell eDirectory
- RSASecurID support
- ExternalAuthentication - Users andAdministrators
- User/MAC Binding
- MultipleAuthentication servers
Logging/Monitoring
- Graphical real-time and historical monitoring
- Email notification of reports, gateway status, viruses and attacks
- Syslog support
- Log Viewer - Firewall, IPS, Web filter, Anti Virus, Anti
Spam,Authentication, System andAdmin Events
Logging/Monitoring
- IntegratedWeb-based Reporting tool
- 1000+ drilldown reports
- 45+ Compliance Reports
- Historical and Real-time reports
- Multiple Dashboards
- Username, Host, Email ID specific Monitoring Dashboard
- Reports - Security, Virus, Spam, Traffic, Policy violations, VPN, Search
Engine keywords
- Multi-format reports - tabular, graphical
- Exportable formats - PDF, Excel
-Automated Report Scheduling
IPSecVPNClient**
- Inter-operability with major IPSecVPNGateways
- Supported platforms: Windows 2000, WinxP 32/64-bit, Windows 2003 32-bit,
Windows 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 RC1 32/64-bit
- Import Connection configuration
Certification
- ICSAFirewall - Corporate
- CheckmarkUTMLevel 5 Certification
-VPNC- Basic andAESinteroperability
- ?IPv6 Ready?Gold Logo
Hardware Specifications
Memory 2GB
Compact Flash 4GB
HDD 250GB or higher
Compliance
-CE
-FCC
-UL
Dimensions
HxWxD(inches) 1.7 x 14.6 x 17.3
HxWxD(cms) 4.4 x 37.2 x 44
Weight 5 kg, 11.02 lbs
Power
Input Voltage 100-240 VAC
Consumption 99W
Total Heat Dissipation (BTU) 338
Environmental
OperatingTemperature 0 to 40 ?C
Storage Temperature -25 to 75 ?C
Relative Humidity (Non condensing) 10 to 90%