Comprehensive Network Security CYBEROAM Comprehensive Network Security Our Products Cyberoam – Endpoint Data Protection Data Protection & Encryption Device Management Application Control Asset Management Unified Threat Management Cyberoam Central Console (CCC) SSL VPN 1
Cyberoam Unified Threat Management Gateway Integrated security over single platform Unique Identity-based Layer 8 approach penetrates through each security module 2
KEY QUESTION TO ASK: How do you Identify users and grant access?
How do you Identify users and grant access? “Certain employees are using their hand- held devices like Iphones & Blackberrys to access internal resources in my company. Some are working from home.” “Our Network works on Citrix, and we would like to block certain users from accessing particular applications and apply unique policy for each user across the network.” “How can I create special privilege for the technical team to access only specific servers / applications in my DMZ zone?”
How do you Identify users and grant access? “How can I know have information of which users logging when and what he is accessing from network or even from HOME. (Work from HOME)” “How can I have AAA (Authenticate, Authorize and Audit) in my single security device.”
SOLUTION – Unique Identity Based Cyberoam Firewall Cyberoam features: Stateful Inspection Firewall Application based Firewall Identity based Firewall Admin can define the policies based on Username or IP Addresses and follows wherever he goes Admin can bind the policies with user-name, IP address, MAC and session id (For Windows Terminal Sever and Citrix) as well Terminal Server XenServer
Cyberoam’s Layer 8 Technology treats User Identity as the 8th layer in the protocol stack. Cyberoam UTM applies User Identity based Security Policy Controls across Layer 2 – Layer 7
KEY QUESTION TO ASK: HOW DO YOU PROVIDE ACCESS PRIVILEDGES TO USERS?
How do you enable access policies for your users? “Blanket policies for all departments do not work for us anymore.” “I want my HR department to have access to Job & Recruitment websites.” “I want to apply a daily download quota to certain users in my network” “I want to block certain websites for a specific group of users. Although, these websites are hosted on HTTPS” “I want to allow IM access to our Senior Management & Sales Team”
How do you enable access policies for your users? “How can I give access to FACEBOOK to specific users only one hr a day that too after office hrs?” “How can I manage B/W to social networking websites to (for eg: Facebook) 2kbps so that business application gets right b/w?” “How to block P2P applications, Proxy applications or Secured application like Ultrasurf acoross my organization?” “How can I monitor/log DATA Transfer over HTTPS?”
SOLUTION: WEB CONTENT & APPLICATION FILTER Block, Control & Monitor internet access & application access of Users. Over 44 million+ websites in 82+ categories Blocks and inspect HTTPS websites Google Cached pages All known proxies such as Ultrasurf etc. Educate healthy-usage policy by providing customized messages on blocked websites. Premium
COMPLETE CONTROL WITH USER IDENTITY 12
Username / IP Address SOLUTION: APPLICATION CONTROL Blocks over 5000+ Applications Username / IP Address 13
SOLUTION: IM MANAGEMENT & CONTROL Log & Monitor leading Instant Messengers Yahoo, Windows Live Filter content over IM: Blacklist certain keywords or regular expressions Block File transfer over messengers
IM Controls for Yahoo MSG: Logging of Chat Conversations Who can chat with whom! Data Leak Protection (File Transfer Control) 15
KEY QUESTION TO ASK: HOW DO YOU OPTIMIZE NETWORK & RESOURCE AVAILABILITY?
How do you optimize Network & Resource Availability? “We want to allot dedicated bandwidth to our VOIP/CRM/ERP” “My CEO – wherever he logs in – Wifi/Lan/Handheld – should receive committed bandwidth at all times and hours.” “I want to assign burstable (128kbps – 1 Mbps) to users/group and burst it when the B/W is free from other users”
How do you optimize Network & Resource Availability? “How can I provide Dedicated B/W to Video Conferencing/ Backup device for only 2 hrs on specific date?” “We would like to prioritize applications that utilize applications. CRM should have highest priority.” “How can I analyze that which application / User is using how much B/W in real time?”
SOLUTION: BANDWIDTH MANAGEMENT Allocate/Restrict bandwidth to specific application or users/groups Allocate/Restrict bandwidth to specific categories Schedule bandwidth allocation/restriction Allocate dedicated bandwidth or as per availability (burstable)
Web mail IM ERP CRM You Tube Application Firewall Casual Traffic Sales force Application Firewall Crowd of Applications Bandwidth Management 20
SOLUTION: TRAFFIC DISCOVERY Real-time visibility into bandwidth utilization by User Protocol Application Provides visibility of unproductive usage of resources and threat incidence
Traffic Discovery: Live Traffic Analysis including Bandwidth, Data Transfer Connection Information Filter traffic for specific application Live traffic filtering by Application, User, IP Address Traffic Filtering by Firewall Rule-ID, IP Address, Port etc. 22
KEY QUESTION TO ASK: HOW DO YOU ENSURE BUSINESS CONTINUITY?
How do you ensure Business Continuity? “Internet access should not be interrupted even though one of our link fails” “We want the traffic of our finance department to route via a separate gateway” “How can I ensure my VPN connectivity is having 100% uptime?” “How can I use my 3G modem as back-up link when ADSL goes down?”
SOLUTION: MULTIPLE LINK MANAGER Automated Link Load balancing assures ROI/investment Support for more than 2 ISP links Supports Wireless WAN (3G USB modems, Wimax) Link Failover Policy-based routing: Source ID/Users/Protocols VPN Failover High Availability Active Active Active Passive
Active-Active gateway load balancing ISP1 (MPLS) (10 mbps) ISP2 (ADSL) (5 mbps) ISP3 (3G) (1 mbps) Failover Link Sales Dept. Dev. Dept. Finance Dept. 26
KEY QUESTION TO ASK: HOW DO REMOTE WORKERS ACCESS YOUR NETWORK?
How do remote workers access your network? “I want a connect all branches to my HO using secure and stable connection with zero downtime” “I would like to grant our employees secured access to internal resources from hand-held devices like iPhone” “I want my work-from-home employees/Roaming users to have limited access to only specific application ” I want to SCAN my Remote/Roaming users traffic before they connect to my NETWORK?
SOLUTION: VIRTUAL PRIVATE NETWORK (VPN) Secure & Seamless connectivity between branch offices Threat Free Tunneling (TFT) Technology Scans traffic entering VPN tunnel for: Malware Spam Inappropriate content Intrusion attempts Supports IPSec, L2TP, PPTP technologies (client-based) SSL-VPN enables access to internal resources from any device (Does not require a client)
SSL VPN User Portal 30
KEY QUESTION TO ASK: ARE DESKTOP ANTI-VIRUS & ANTI-SPAM SUFFICIENT?
Are Desktop Anti-virus & Anti-spam sufficient? “I want to optimize my bandwidth by blocking spam at the source/gateway itself” “I want to provide users the ability to release/tag their messages from/to the quarantine area” “Even HTTPS websites/applications need to be scanned for viruses” “I want my F/W/UTM to use trusted AV and use all the signatures of Virus and give 100% protection” “How can I create User based Anit-SPAM rules? “ “How can I comply SOX?”
SOLUTION: GATEWAY ANTI-MALWARE Contains 4 million+ signatures Signatures are updated automatically every 30 mins. OEM Tieup with industry’s best anti-virus Kaspersky Labs Block attachments based on extension (*.exe, *.bat etc.) Scans HTTP, FTP, SMTP, POP3 HTTPS, IMAP Instant Messenger traffic Anti-Virus Anti-Spyware
SOLUTION : GATEWAY ANTI-SPAM Detects & blocks 98% of all spam False positive rate of 1 in a million. Unique Recurrent Pattern Detection (RPD) technology blocks all types of spam including excel,pdf, multi-lingual spam etc. Self-Service Quarantine Area for users, allowing them to check quarantined emails and reduce administrator overhead Users Receive daily/weekly/monthly spam digest IP Reputation filtering: Stops 85% of spam at Gateway Does not let it enter the network Saves bandwidth & resources Premium
How do you safe-guard your network from Hacking attempts? “How can I protect my network from DDOS & SQL Injection attacks?” “I wan to block a specific (custom) application for Specific users by creating signature in my firewall?” “How do I get immediate intimation on a hacking attempt on my network?”
SOLUTION: INTRUSION PREVENTION SYSTEM (IPS) More than 3500+ signatures to block a plethora of intrusion attempts. Complete protection against DOS, DDOS, Syn Flood attacks and more. Identity-based IPS policies per user or group Overview of threat status: Top alerts, top attackers, top victims
KEY QUESTION TO ASK: DO YOU HAVE COMPLETE VISIBILITY OF YOUR NETWORK?
Do you have complete visibility of your network? “I want to identify the most dangerous users in my network” “I would like to discover which users receive the most spam” “Can I find out what people are surfing on the net in my company?” “I want to monitor IM conversations of employees in my company” “I want to monitor what files are being uploaded on the net” “I want know know what google searches are being made”
SOLUTION: ON-APPLIANCE REPORTING More than 1000+ on appliance reports. No Additional Purchase needed of hardware/service to access reports. Collects logs and assists in Network Forensics Reports in compliance with CIPA – Children’s Internet Protection Act HIPAA – Health Insurance Portability & Accountability Act GLBA – Gramm-Leach-Bliley Act SOX – Sarbanex-Oxley FISMA – Federal Information Security Management Act PCI – Payment Card Industry Data Security Standards Powered By:
User Dashboard 40
Combined Report 41
Top Categories 42
Top Web Users 43
Search Engine – Google Search Results 44
Top Spam Recipients 45
Cyberoam Authenticates Cyberoam Layer 8 Advantage Other UTMs User Login Cyberoam Authenticates User IP Address MAC Id Session Id Cyberoam Authorizes Access Time Internet Quota Security Policies Web Filtering Layer 7 Controls QoS IM Controls Cyberoam Audits Identity - based Logs + Reports MAC Id Session Id Cyberoam has been the pioneer for bringing User Identity in UTMs and continues to lead in this area. There are few other UTMs that talk about identity but are no where close to Cyberoam’s User Identity approach. Let’s see the level of detail Cyberoam provides for User Identity and Cyberoam’s Layer 8 advantage over all others. Cyberoam’s approach to User Identity is based on its AAA formula i.e. Authentication, Authorization, Auditing once a user logins. Cyberoam provides facility to authenticate a user based on User name, IP Address and even MAC Id and Session Id…… Cyberoam Authorizes a User to work based on listed features and more … Cyberoam Audits a user based on detailed Identity based Logs and Reports While Cyberoam satisfies all the A’s of the AAA approach, all other UTMs stop at Authentication level or at most some level of detail in the Authorization Level. At Authentication stage, most other UTMs do not even have facility to authorize on Mac Id and Session ID.
Cyberoam UTM solves Organizational Concerns Keeping these business concerns in mind, Cyberoam UTM has developed features that enables organizations to grow by assuring Security, Connectivity and Productivity. Cyberoam UTM approaches all its features for organizations benefits. ……………………………………………………….. In further slides, we will talk about each of these features.
DEPLOYMENT MODES CYBEROAM
BRIDGE MODE Default Gateway: 192.168.0.1 Router Users Router Network:192.168.0.x/24 Firewall INT IP: 192.168.0.1/24 Default Gateway: 192.168.0.1
GATEWAY MODE DMZ Zone Router IP:61.0.5.1/29 Users Network:192.168.0.x/24 Router IP:61.0.5.1/29 Users Mail Server IP:172.16.1.3 Gateway: 172.16.1.1 Database Server IP:172.16.1.4 Gateway: 172.16.1.1 Switch Web Server IP:172.16.1.2 Gateway: 172.16.1.1 Console INT IP:192.168.0.1/24 DMZ IP: 172.16.1.1/24 EXT IP: 61.0.5.2/29 Gateway IP: 61.0.5.1 DMZ Zone Default Gateway: 192.168.0.1
OVERVIEW: CYBEROAM APPLIANCE RANGE & SUBSCRIPTION SERVICES
CYBEROAM UTM APPLIANCE RANGE Large Enterprises CR 1500i CR 1000i CR 750ia CR 500ia Small to Medium Enterprises CR 300i CR 200i CR 100ia CR 50ia Remote Offices CR 35ia CR 25ia CR 15i CR 15wi 52
SUBSCRIPTION MODEL Subscription bundle Basic Appliance Bundled Subscriptions Identity-based Firewall VPN Free SSL-VPN Bandwidth Management Multiple Link Management On Appliance Reporting Basic Anti-Spam (RBL Service) 8x5 Tech Support & Warranty Gateway Anti-Virus Subscription (Anti-malware, phishing, spyware protection included) Gateway Anti-spam Subscription Web & Application Filtering Subscription Intrusion Prevention System (IPS) 24 x 7 Tech Support & Warranty Subscription bundle Total Value Subscription (TVS) – Includes all the licenses Security Value Subscription (SVS) – Includes all licenses except Gateway level Antispam 53
PRICING HARDWARE One Time Payment Need to renew 8x5 to get updates and keep the appliance under warranty SOFTWARE Yearly Renewal Required AV/AS/CF/IPS Database needs to update regularly to provide up-to-date protection
HOW TO CHOOSE A CYBEROAM MODEL? USER MODEL MATRIX Please Note: Chart is an approximation Only. Number of users may vary on the network load & configuration.
SAMPLE QUOTE Product Description List Price (US$) Qty Final Price (US$) Cyberoam 300i Appliance - Firewall, Bandwidth Management , Multiple Gateway & Load Balancing including 1 year of 8x5 Support & Warranty SKU : 01-CRI-300-01 3 Year Antivirus-Antispam for CR 300i 3 Year Web & Application Filtering for CR1500i 3 Year IPS for CR1500i 3 year TVS ( AV+AS+IPS+WAF with 8*5 support) 3 year SVS (AV+IPS+WAF with 8*5 support) Total
IMPORTANT RESOURCES FOR CYBEROAM PARTNERS http://partner.cyberoam.com Partner Portal >> Knowledge-base
IMPORTANT RESOURCES FOR CYBEROAM PARTNERS Stay updated with Cyberoam Newsletters http://www.cyberoam.com/newsletters.html
IMPORTANT RESOURCES FOR CYBEROAM PARTNERS Register for Cyberoam Webinars Register for Cyberoam Cerfication http://training.cyberoam.com
www.cyberoam.com/presalessupport/ DEDICATED CONSULTANTS FOR PARTNERS Cyberoam Presales Consultants are available 24x7 for Channel Partners Dedicated Support Email Chat Telephone: Toll Free for some regions Presales Consultants help you with Installation Support, Network Consultation Documentation Support for Tenders/RFPs Feature Requests Training/Certification requests
CYBEROAM CREDENTIALS
Analysts Speak: “IDC believes that identity-based UTM represents the next generation in the burgeoning UTM marketplace. When enterprises realize the value of having identity as a full component of their UTM solution the increased internal security, protection against insidious and complex attacks, understanding individual network usage patterns, and compliance reporting - Cyberoam will benefit as the innovator.” Source: Unified Threat Management Appliances and Identity-Based Security: The Next Level in Network Security, IDC Vendor Spotlight 62
“Completeness of Vision” Gartner ranks Cyberoam as a “Visionary” in July 2009 Magic Quadrant for SMB Multifunction Firewalls Cyberoam ranks 5th in “Completeness of Vision” Fortinet Sonicwall WatchGuard Astaro Cyberoam 63
Gartner Market Scope (Q2 2008) SMB Multifunction Firewalls 64
2008 - Emerging Vendor of the Year Cyberoam has been awarded the 2008 Asia Pacific Frost & Sullivan Emerging Company of the Year Award in the Network Security Market 65
Cyberoam Certifications Premium Premium Anti-Virus Anti-Spyware Anti-Spam URL Filtering Firewall VPN IPS/IDP UTM Level 5: Cyberoam holds a unique & complete UTM certification ICSA Certified Firewall ICSA Certified High-Availability VPNC Certified for Basic VPN & AES Interoperability 66
Cyberoam is IPV6 Certified IPv6 (Future Ready Connectivity) ‘IPv6 Ready’ gold logo Cyberoam identifies and processes IPv6 traffic Third-party validation International Testing Program with 3000+ rigorous test cases IPv6 compliance to become mandatory in government and other enterprises Driven by diplomatic initiatives 67
SC Magazine Five Star Rating – Five Times in a Row! July 2010 – UTM Group Test Cyberoam CR50ia A Solid Product and the Price is Right CR50ia is more than a Usual UTM April 2009 – Product review Cyberoam CR200i A lot of functionality, including good integration support, in a single easy-to-use appliance” also includes a solid web content filter and blocking for applications such as IM and P2P“ December 2008 – Product review Cyberoam CR100i “Cyberoam delivers a wealth of features for the price, which include versatile identity- and policy-based security measures ” March 2008 – UTM Roundup Cyberoam CR1000i “Fully loaded, with many great features” “packs a more serious punch” July 2007 – UTM Roundup Cyberoam CR250i “flexible and very powerful” “this appliance is a good value for almost any size environment”. 68
Awards ZDNET Asia- IT Leader Of the Year 2008 Winner Network Middle-East Awards 2010 2008 – Best Content Filtering Tomorrow’s Technology Today 2007 Most Valued Principal ChannelWorld VARIndia Editor’s Choice for Best UTM (2007) SMB Product of the Year Channel's Favorite Security Company (2008) Best Integrated Security Appliance Best Security Solution for Education Best Unified Security CR50ia (2010), CR15i (2009) CR50ia (2009) CR15i (2009) CR1500i (2009)
Partial Clientele 70
Partial Clientele 71
Product Line Unified Threat Management Cyberoam Central Console (CCC) SSL VPN Cyberoam End Point Data Protection 72
ABOUT ELITECORE
About Elitecore Technologies Established in 1999 400+ Employees ISO 9001:2000 certified company Backed by World’s Largest Private Equity Group ($90bn) Sales, Distribution Channel & Customers across 75+ countries Communication - Networks – Security Cyberoam - Network to Endpoint Security CRESTEL - Telecommunication OSS BSS EliteAAA - Telecommunication 24online - Bandwidth Management Solution 74
LET’S RECAP THROUGH SOME SCENARIOS
Scenario 1 What solution will you recommend to the IT Manager? A Finance Company has offices at different cities Head Office: 150 Employees Branch Offices: 15 Employees each IT Managers’ Challenge: Wants to deploy security solution for their network Wants to store all reports at central location What solution will you recommend to the IT Manager?
Scenario 1: The Solution At Head Quarters CR200i AV & AS IPS for Mail Server Web & App Filter iView & CCC At Branch Offices CR15wi
Scenario 2 What will you recommend to the IT Manager? A Retail Marketing Company Head Office: 50 Employees IT Managers’ Challenge: Wants marketing executives to have secured access to their CRM What will you recommend to the IT Manager?
Scenario 2: The Solution At Head Quarters CR50ia SSL VPN CRM Access to Marketing Executives
Scenario 3 An Educational Institution 1500 Students accessing Internet 2 ISP Links with 50 Mbps bandwidth on each links IT Managers’ Challenge: Wants to grant user access based on profile. Control access of unwanted & bandwidth guzzling websites Games Music Youtube, Facebook P2P Load Balancing on both Links. No Auto Failover Available Staff is getting lot of spam & virus infected emails. Mail server gets listed in spam database due to student infected laptops sending 1000s of emails
Solution: Scenario 3 At Head Quarters 2 x CR1500i for redundancy One link for Hosted Servers Second for Internet Browsing AV & AS for: Outgoing & Incoming Mail traffic CF For: Blocking Im’s, P2P, Music etc.
Scenario 4 What will you recommend to the IT Manager? A Small Company Head Office: 50 Employees 3 Remote Offices: 15 Employees DSL Line Connectivity at all 4 Places IT Managers’ Challenge: All remote offices need to be connected to main office securely What will you recommend to the IT Manager?
Solution: Scenario 4 All remote offices: Dynamic DNS Support Site-to-Site VPN Tunnel is established
Question/Answer Session 84