Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identity-based Unified Threat Management One Identity – One Security.

Similar presentations


Presentation on theme: "Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identity-based Unified Threat Management One Identity – One Security."— Presentation transcript:

1 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identity-based Unified Threat Management One Identity – One Security

2 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Agenda Evolution of IT Security Challenges of Unified Threat Management Introduction to Cyberoam UTM Cyberoam Product Walk-thru Cyberoam Credentials Awards & Accreditations

3 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Increase in Threats & its Total damage cost

4 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Basic security began with firewalls As threats increased, other solutions were introduced Virus attacks rose in number and intensity 6 % business s contained viruses – IBM Thats a staggering cost of $281-$304 per PC became more prevalent Spam rose Average spam messages per day – 18.5 Time spent deleting them – 2.8 mintues. Average time lost in a day – 51.8 mts 14 % spam recipients actually read spam 4 % buy products advertised by spam 21 % spam in Jan 2005 was porn Slammer fueled the need for Intrusion Detection & Prevention High number of employees start accessing the Internet Connectivity to branches, partners and remote workers But multiple solutions brought in their share of problems 25 % systems to be infected with spyware by this year– Forrester 65 % companies say they will invest in anti-spyware tools and upgrades Phishing mails grew 5,000 % last year Pharming makes an entry 1 in 5 employees view online pornography at work 70 percent of adult websites are hit between 9 am and 5 pm percent of employees' Internet activity is not business related Blended threats emerge to exploit extensive Internet usage Slammer Hit on Saturday, January 25, 2003, 0030 Lost revenue spilled over halfway into the next week Total cost of the bailout: more than $1 billion Till today, no accountability has been established Firewalls enjoyed a monopoly until the starting of the 21 st century Initial Firewalls were Stateless Firewalls which could not control the initiation of communication Later Stateful became more prevalent Evolution of Internet security solutions

5 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Current Challenges due to Multiple Internet Security Solutions Higher purchase cost of Individual Appliances Problems in handling multiple Maintenance & Subscription Contracts Requirement of highly Technical man power to maintain Multiple Appliances & Solutions Difficult for a single network admin to handle increasing complexity of LAN Networks Excessive time taken to understand threat patterns with Individual Reports by Appliances Inadequacy in handling new blended attacks Need For Single Unified Appliance for all Internet Security Problems

6 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam UTM : Unified Threat Management A solution to fight against multiple attacks and threats

7 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam A true UTM Appliance should have following features in single solution: 1. Firewall 2. VPN 3. Intrusion Prevention System 4. Gateway Level Anti-virus for Mails, Website, File Transfers 5. Gateway level Anti-spam 6. Content Identification & Filtering 7. Bandwidth Management for Applications & Services 8. Load Balancing & Failover Facilities UTM Unified threat management (UTM) refers to a comprehensive security product which integrates a range of security features into a single appliance.

8 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Benefits of UTM Appliances Reduced complexity All-in-one approach simplifies product selection, integration and support Easy to deploy Customers, VARs, VADs, MSSPs can easily install and maintain the products Remote Management Remote sites may not have security professionals – requires plug-&-play appliance for easy installation and management Better Man Power Management Reduction in dependency and number of high-end skilled Human resources Managed Services Security requirements & day to day operations can be outsourced to MSSPs

9 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Lack of user Identity recognition and control Inadequate in handling threats that target the user – Phishing, Pharming Unable to Identify source of Internal Threats Employee with malicious intent posed a serious internal threat Indiscriminate surfing exposes network to external threats 50 % of security problems originate from internal threats – Yankee Group Source of potentially dangerous internal threats remain anonymous Unable to Handle Dynamic Environments Wi-Fi DHCP Unable to Handle Blended Threats Threats arising out of internet activity done by internal members of organization External threats that use multiple methods to attack - Slammer Lack of In-depth Features Sacrificed flexibility as UTM tried to fit in many features in single appliance. Inadequate Logging, reporting, lack of granular features in individual solutions Challenges with Current UTM Products Need for Identity based UTM…

10 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Patent pending: Identity-based technology User

11 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Layer 8 Firewall (Patent-pending Technology)

12 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Cyberoam is the only Identity-based Unified Threat Management appliance that provides integrated Internet security to enterprises and educational institutions through its unique granular user-based controls. Cyberoam – Identity Based Security

13 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam CRi series for SOHO (Small Office-Home Office) & ROBO (Remote Office-Branch Office) CR 25i CRi series for Small to Medium Business CR 50i CR 100i CRi series for Medium Enterprises CR 250i CR 500i CRi series for Large Enterprises CR 1000i CR 1500i Cyberoam Appliances

14 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identity - based UTM

15 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Cyberoam Product walk thru

16 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Cyberoam Unified Threat Management Features Cyberoam offers comprehensive threat protection with: Identity-based Firewall VPN Gateway Anti-Virus Gateway Anti-Spam Intrusion Prevention System Content Filtering Bandwidth Management Multiple Link Management On-Appliance Reporting

17 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Normal Firewall Rule matching criteria - Source address - Destination address - Service (port) - Schedule Action - Accept - NAT - Drop - Reject - Identity Cyberoam - Identity Based UTM Unified Threat Controls (per Rule Matching Criteria) - IDP Policy - Internet Access Policy - Bandwidth Policy - Anti Virus & Anti Spam - Routing decision However, fails in DHCP, Wi-Fi environment

18 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identity-based Security Identity vs. Authentication Stateful Inspection Firewall Centralized management for multiple security features Multiple zone security Granular IM, P2P controls Enterprise-Grade Security All the security features can be applied to each FW rule Identity-based Firewall

19 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam

20 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Gateway Anti-Virus

21 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Scans HTTP, FTP, SMTP, POP3, IMAP traffic on a combination of Source, Destination, Identity, Service and Schedule. Self-service quarantine area Identity-based HTTP virus reports Updates every ½ hour Spyware and other malware protection included Blocks Phishing s. Gateway Anti- Virus Features

22 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Gateway Anti-Spam

23 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Spam filtering with (RPD) Recurrent Pattern Detection technology Virus Outbreak Detection (VOD) for zero hour protection Self-Service quarantine area Content-agnostic Change recipients of s Scans SMTP, POP3, IMAP traffic Gateway Anti-Spam Features

24 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Cyberoams Integration with Commtouch Protects against Image-based Spam and spam in different languages The spam catch rate of over 98% false positives in spam Local cache is effective for >70% of all spam resolution cases RPD (Recurrent Pattern Detection)

25 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Intrusion Prevention System (IPS)

26 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Multiple and Custom IPS policies Identity-based policies Identity-based intrusion reporting Ability to define multiple policies Reveals User Identity in Internal Threats scenario IPS Features

27 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Cyberoams Customizable IPS Policy

28 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identity-Based Content Filtering

29 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Database of millions of sites in 82+ categories Blocks phishing, pharming, spyware URLs HTTP upload control Ability to control & Block Applications such as P2P, Streaming, Videos/Flash Local Database for the content filter reduces latency and dependence on network connectivity. Customized blocked message to educate users about organizational policies and reduce support calls Web and Application Filtering Features

30 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identity Based Policies

31 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Internet Access Policies for Individuals and Groups

32 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Educate Users with Custom Denied Messages and Reduce Your Support Calls James

33 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Key Features Pasted from Application and Identity-based bandwidth allocation Committed and burstable bandwidth Time-based, schedule-based bandwidth allocation Restrict Bandwidth usage to a combination of source, destination and service/service group Identity-based Bandwidth Management

34 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Advanced Multiple Gateway Features Auto failover Complex rule support for auto failover checking. Weighted round robin load balancing Policy routing per application,user, source and destination. Gateway status on dashboard No restriction on number of WAN Ports Schedule based bandwidth assignment

35 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam External Authentication

36 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Authentication and External Integration

37 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Traffic Discovery

38 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identity Based On Appliance Reporting

39 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Cyberoam Reports are placed on Appliance Other UTMs Reporting Module/ Device

40 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Policy violation attempts

41 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identification of User Surfing Patterns

42 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Application Wise Usage reports

43 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam User Wise Usage reports

44 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Web Category Visit wise Report

45 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Category – Data Transfer reports

46 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Documents Uploaded across Organization

47 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Mail Spam Summary Report (On Appliance)

48 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Traffic Discovery

49 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Reports in Compliance with: CIPA HIPAA GLBA SOX FISMA PCI

50 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam

51 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Networking Features Features Active- Passive High Availability Stateful Failover VPN Failover Dynamic Routing (RIP, OSPF, BGP)

52 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam ASIC Vs. Multi-core Architecture

53 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam What is ASIC: Built to handle certain tasks faster than general purpose processors For e.g: Packet Filtering Drawbacks: Serial Processing ASICs cannot be reprogrammed to address new attacks ASICs accelerate traffic, but for complex tasks (VOIP, , web traffic), tasks are sent to secondary processor - thus depending on processor performance With each attack (not programmed) closed Systems become slower & Slower ASICs (Application Specific Integrated Circuits) - Closed Systems

54 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam What is Multi-core: More than one processors working together to achieve high processing power. Benefits: Purpose-built Hardware True Parallel Processing Each processor is programmed to run tasks parallel In case of a new attack, Cyberoam appliances do not suffer from performance degradation associated with switching from ASIC- based acceleration to general-purpose processors. Multicore Processor-based Cyberoam

55 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Cyberoam – Appliance Details

56 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Cyberoam in Numbers More than virus signatures in the anti-virus database URLs categorized in categories Spam Detection F alse Positives Intrusion Detection and Prevention Signatures 370, Million 82+ * 98% * 0.007% 3500+

57 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identity-based Firewall VPN Bandwidth Management Multiple Link Management On Appliance Reporting 8*5 Tech Support & 1 Year Warranty Subscriptions Gateway Anti-Virus Subscription (Anti-malware, phishing, spyware protection included) Gateway Anti-spam Subscription Web & Application Filtering Subscription Intrusion Detection & Prevention (IDP) Subscription services are available on 1 Year, 2 Year or 3 Year subscription basis Basic Appliance – One time sale

58 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Cyberoam can be deployed in two modes: Deployment Modes Bridge / Transparent Mode Gateway / Route / NAT Mode Proxy Mode

59 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Cyberoam in Gateway Mode

60 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Default Gateway: Cyberoam in Bridge Mode Users Router Network: x/24 Firewall INT IP: /24

61 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Reduces operational complexity and deployment time Minimizes errors and lowers administration cost Enables the MSSPs to have different personnel for managing different customer deployments Ease of use with view of multiple devices and network status at a glance Cyberoam Central Console - CCC

62 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Overview of Cyberoams Security Approach: Who do you give access to: An IP Address or a User? Whom do you wish to assign security policies: Username or IP Addresses? In case of an insider attempted breach, whom do you wish to see: User Name or IP Address? How do you create network address based policies in a DHCP and a Wi-Fi network? How do you create network address based policies for shared desktops? Cyberoam: Identity-based Security

63 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Cyberoam Credentials

64 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam IDC believes that identity-based UTM represents the next generation in the burgeoning UTM marketplace. When enterprises realize the value of having identity as a full component of their UTM solution the increased internal security, protection against insidious and complex attacks, understanding individual network usage patterns, and compliance reporting - Cyberoam will benefit as the innovator. Source: Unified Threat Management Appliances and Identity-Based Security: The Next Level in Network Security, IDC Vendor Spotlight (2007)

65 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Emerging Vendor of the Year

66 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Certifications UTM Level 5 Anti-Virus Anti-SpywareAnti-Spam URL FilteringFirewall VPN IPS/IDP Premium ICSA Certified Firewall VPNC Certified for Basic VPN & AES Interoperability Cyberoam holds a unique & complete UTM certification Certifications Applied ICSA Certification for High Availability

67 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Enterprise SMB Fully loaded, with many great features packs a more serious punch can restrict or open internet access by bandwidth usage, surf time or data transfer. console is well organized and intuitive to navigate flexible and very powerful this appliance is a good value for almost any size environment. Five Star Rated – Two Years Running July 2007 – UTM Roundup Cyberoam CR250i March 2008 – UTM Roundup Cyberoam CR1000i

68 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam deserves credit for its flexible configuration options, extensive security, content filtering, and bandwidth management features.

69 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam LORD OF THE NETWORKS If there is no network security and discipline in small or large networks, the chaos may result with serious work and data loss. Cyberoam CR25i, which was sent to our test center, is a good solution for networks. This UTM (unified threat management) appliance has 100% control over the users in your network in addition to its firewall, package inspection and other similar features. It prevents you from the threats of anti-viruses and other harmful softwares with built in Kaspersky solution. It also provides you antispam feature. In addition to its advanced security features, you can manage your network in terms of identity based bandwith management, application control, site visiting logs. Normally you need a separate PC or similar device so as to record logs. But there is a hard disk of 80 GB in this appliance for this feature. (It was written 160 GB on original copy of the magazine by mistake.) You can also visit the website and inspect the online demo before buying the product. RESULT Cyberoam CR25i is a successful solution for security and network management especially for small business companies. Other advantages: - Advanced features - Flexible licensing options - Free of charge service

70 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Product Excellence Award in the 3 categories: (2007) Integrated Security Appliance Security Solution for Education Unified Security Tomorrows Technology Today Finalist American Business Awards 2007 Finalist Network Middle East Award Best Security Product Best SMB Networking Vendor VAR Editors Choice for Best UTM (2007) Finalist Global Excellence in Network Security Solution CRN – Emerging Tech Vendors 2007 Awards

71 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam GLOBAL PRESENCE (Over 55 Countries)

72 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Partial Clientele

73 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Business alliances

74 Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Thank you!


Download ppt "Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identity-based Unified Threat Management One Identity – One Security."

Similar presentations


Ads by Google