Overview:
Cyberoam Unified Threat Management appliances offer assured security, connectivity and productivity to small and medium enterprises (SMEs) by allowing user identity-based policy controls.

Cyberoam?s User Layer 8 Technology treats user-identity as the 8th Layer or the HUMAN layer in the protocol stack. It attaches user identity to security, taking organizations a step ahead of conventional solutions that bind security to IP-addresses. This adds speed to an organization?s security by offering instant visibility into the source of attacks by username rather than IP address ? allowing immediate remediation to restore security or allowing proactive security. Layer 8 technology functions along with each of Cyberoam security features to allow creation of identity-based security policies.

Cyberoam?s future-ready Extensible Security Architecture (ESA) offers an extensible platform that can grow with the future security needs of an organization without degrading system performance. ESA supports feature enhancements that can be developed rapidly and deployed with minimum efforts.
Layer 8 Identity-based policies Role-based access at remote locations
Visibility into who is doing what
Comprehensive UTM Security Stateful Inspection Firewall
Intrusion Prevention System
Anti-Virus & Anti-Spyware
Anti-Spam
Web Filtering
Application Visibility & Control
On-appliance Reporting
Secure Remote Access IPSec VPN
L2TP
PPTP
SSL VPN
WAN Connectivity & Availability Bandwidth Management
Multiple Link Management
3G / WiMAx Support
Advanced Networking Multi-core Architecture
Extensible Security Architecture
Wi-Fi Security Wireless Standards IEEE 802.11 n/b/g (WEP, WPA, WPA2, 802.11i , TKIP, AES, PSK, 802.1x EAP)
Up to 8 bssid Access Points
Centralized Security Management CCC Appliances
Cyberoam iView Open Source Solution ? Logging & Reporting
Cyberoam iView Appliances ? Logging & Reporting
Specifications:

Specification
Interfaces

Copper GbEPorts 8
Configurable Internal/DMZ/WANPorts Yes
Console Ports (RJ45) 1
USB Ports 2
Hardware Bypass Segment# 2

System Performance*

Firewall Throughput (UDP) 3,250
Firewall Throughput (TCP) 3,000
New sessions/second 30,000
Concurrent sessions 1,000,000
IPSec VPN Throughput 400
No. of IPSec Tunnels 200
SSL VPN Throughput 300
WAF Protected Throughput (Mbps) 300
Anti-Virus Throughput 1,000
IPS Throughput 750
UTM Throughput 550
Stateful Inspection Firewall

- Layer 8 (User - Identity) Firewall
- Multiple Security Zones
- Access Control Criteria (ACC) - User - Identity, Source & Destination Zone,MACand IP address, Service
- UTM policies - IPS, Web Filtering, Application Filtering, Anti-Virus, Anti-Spam and Bandwidth Management
- Layer 7 (Application) Control &Visibility
- Access Scheduling
- Policy based Source &DestinationNAT
- H.323, SIPNATTraversal
- 802.1q VLAN Support
- DoS &DDoSAttack prevention
- MAC&IP-MAC filtering and Spoof prevention

GatewayAnti-Virus & Anti-Spyware

-Virus,Worm,Trojan: Detection &Removal
- Spyware, Malware, Phishing protection
-Automatic virus signature database update
- Scans HTTP, HTTPS, FTP, SMTP, POP3, IMAP, IM, VPN Tunnels
- Customize individual user scanning
- Self Service Quarantine area
- Scan and deliver by file size
- Block by file types
-Add disclaimer/signature

Gateway Anti-Spam

- Inbound/Outbound Scanning
- Real-time Blacklist (RBL), MIME header check
- Filter based on message header, size, sender, recipient
- Subject line tagging
- IP address Black list/White list
- Redirect Spam mails to dedicated email address
- Image-based Spam filtering usingRPDTechnology
- Zero hour Virus Outbreak Protection
- Self Service Quarantine area
- Spam Notification through Digest
- IP Reputation-based Spam filtering

Intrusion Prevention System

- Signatures: Default (4500+), Custom
- IPS Policies: Multiple, Custom
- User-based policy creation
-Automatic real-time updates from CRProtect networks
- ProtocolAnomaly Detection
-DDoS attack prevention

Web Filtering

- InbuiltWeb Category Database
- URL, keyword, File type block
- Categories: Default(82+), Custom
- Protocols supported: HTTP, HTTPS
- Block Malware, Phishing, Pharming URLs
- Schedule-based access control
- Custom block messages per category
- Block JavaApplets, Cookies,Active x
- CIPA Compliant
- Data leakage control via HTTP, HTTPS upload

Application Filtering

- Inbuilt Application Category Database
- 11+ Application Categories: e.g. Gaming, IM, P2P, Proxy
- Schedule-based access control
- Block

- P2Papplications e.g. Skype
-Anonymous proxies e.g. UItra surf
- ?Phone home? activities
- Keylogger
- Layer 7 (Applications) & Layer 8 (User - Identity) Visibility
Web Application Firewall

- Positive Protection model
- Unique "Intuitive Website Flow Detector" technology
- Protection against SQL Injections, Cross-site Scripting (xSS), Session Hijacking, URL Tampering, Cookie Poisoning
- Support for HTTP 0.9/1.0/1.1
- Extensive Logging & Reporting

Virtual Private Network

- IPSec, L2TP, PPTP
- Encryption - 3DES, DES, AES, Twofish, Blowfish, Serpent
- HashAlgorithms - MD5, SHA-1
- Authentication - Preshared key, Digital certificates
- IPSecNATTraversal
- Dead peer detection and PFS support
- Diffie Hellman Groups - 1,2,5,14,15,16
- External Certificate Authority support
- Export RoadWarrior connection configuration
- Domain name support for tunnel end points
- VPNconnection redundancy
- Overlapping Network support
- Hub &SpokeVPNsupport

SSL VPN

-TCP&UDPTunneling
- Authentication - Active Directory, LDAP, RADIUS, Cyberoam
- Multi-layered Client Authentication - Certificate, Username/Password
- User &Group policy enforcement
- Network access - Split and Full tunneling
- Browser-based (Portal)Access - Clientless access
- Lightweight SSLVPNTunneling Client
- Granular access control to all the Enterprise Network resources
- Administrative controls - Session timeout, Dead Peer Detection, Portal customization
- TCP- based Application Access - HTTP, HTTPS, RDP, TELNET, SSH

Instant Messaging (IM) Management

-Yahoo and Windows Live Messenger
-Virus Scanning for IM traffic
-Allow/Block Login
-Allow/Block FileTransfer
-Allow/BlockWebcam
-Allow/Block one-to-one/group chat
- Content-based blocking
- IM activities Log
-Archive files transferred
- CustomAlerts

WirelessWAN

-USBport 3G/4G and Wimax Support
- PrimaryWANlink
- WANBackup link

Bandwidth Management

- Application and User Identity based Bandwidth Management
- Guaranteed &Burstable bandwidth policy
- Application &User Identity basedTraffic Discovery
- MultiWANbandwidth reporting
- Category-based bandwidth restriction

User Identity and Group Based Controls

-Access time restriction
-Time and Data Quota restriction
- Schedule based Committed and Burstable Bandwidth
- Schedule based P2Pand IM Controls

Networking

- Failover - Automated Failover/Failback, Multi-WAN failover, 3GModem failover
- WRRbased load balancing
- Policy routing based onApplication and User
- IP Address Assignment - Static, PPPoE, L2TP, PPTP & DDNSClient, ProxyARP,DHCPserver,DHCPrelay
- Support for HTTPProxy
- Dynamic Routing: RIP v1& v2, OSPF, BGP, Multicast Forwarding
- Parent Proxy support withFQDN
- ?IPv6 Ready? Gold Logo

High Availability

- Active-Active
- Active-Passive with State Synchronization
- Stateful failover
- Alerts on appliance status change

Administration & System Management

-Web-based configuration wizard
- Role-based access control
- Firmware Upgrades viaWeb UI
- Web 2.0 compliant UI (HTTPS)
- UI Color Styler
- Command Line Interface (Serial, SSH,Telnet)
- SNMP(v1, v2c, v3)
- Multi-lingual support: Chinese, Hindi, French, Korean
- Cyberoam Central Console (Optional)
- Network Time Protocol Support

User Authentication

- Internal database
- Active Directory Integration
- Automatic Windows Single Sign On
- External LDAP/RADIUS database integration
- Thin Client support - Microsoft Windows Server 2003 Terminal Services and Citrix xenApp - Novell eDirectory
- RSASecurID support
- ExternalAuthentication - Users andAdministrators
- User/MAC Binding
- MultipleAuthentication servers

Logging/Monitoring

- Graphical real-time and historical monitoring
- Email notification of reports, gateway status, viruses and attacks
- Syslog support
- Log Viewer - Firewall, IPS, Web filter, Anti Virus, Anti
Spam,Authentication, System andAdmin Events

Logging/Monitoring

- IntegratedWeb-based Reporting tool
- 1000+ drilldown reports
- 45+ Compliance Reports
- Historical and Real-time reports
- Multiple Dashboards
- Username, Host, Email ID specific Monitoring Dashboard
- Reports - Security, Virus, Spam, Traffic, Policy violations, VPN, Search Engine keywords
- Multi-format reports - tabular, graphical
- Exportable formats - PDF, Excel
-Automated Report Scheduling

IPSecVPNClient**

- Inter-operability with major IPSecVPNGateways
- Supported platforms: Windows 2000, WinxP 32/64-bit, Windows 2003 32-bit, Windows 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 RC1 32/64-bit
- Import Connection configuration

Certification

- ICSAFirewall - Corporate
- CheckmarkUTMLevel 5 Certification
-VPNC- Basic andAESinteroperability
- ?IPv6 Ready?Gold Logo

Hardware Specifications

Memory 2GB
Compact Flash 4GB
HDD 250GB or higher
Compliance

-CE
-FCC
-UL

Dimensions

HxWxD(inches) 1.7 x 14.6 x 17.3
HxWxD(cms) 4.4 x 37.2 x 44
Weight 5 kg, 11.02 lbs

Power

Input Voltage 100-240 VAC
Consumption 99W
Total Heat Dissipation (BTU) 338

Environmental

OperatingTemperature 0 to 40 ?C
Storage Temperature -25 to 75 ?C
Relative Humidity (Non condensing) 10 to 90%