Unified Threat Management

Stateful Inspection Firewall:

Firewall security extended to Layer 8

Cyberoam's hardware firewall offers stateful and deep packet inspection for network, application and user identity-based security. Cyberoam UTM Firewall thus protects organizations from DoS, DDoS and IP Spoofing attacks.

Cyberoam’s patent pending, Layer 8 Human Identity-based firewall appliance enables work-profile based policies and a single interface for policy creation across all the UTM features, providing ease of management and high security with flexibility.

Feature	Description	Benefit
Human Layer 8 Identity-based Security	Identity-based policy creation Access Control Criteria (ACC) - User-Identity, Source & Destination Zone, MAC and IP address, Service	Secures dynamic IP environments like Wi-Fi and instances where users share the endpoints User identity-based decision making prevents errors associated with IP address-based policies Simplifies audit requirements with instant user identification
FUSION Technology	Policy creation for multiple security features through single interface Firewall well-integrated with VPN, IPS, Anti-Virus & Anti-Spyware, Anti-Spam, Web Filtering, Bandwidth Management, Multiple Link Management	Blends Security, Connectivity, Productivity Provides integrated perimeter security
Thin Client Support	Thin client authentication with session IDs Supports Citrix –XenApp server, Microsoft Windows Server (Microsoft TSE) Identity-based policies in thin client environment	Supports SaaS deployments and Cloud environment
Enterprise-Grade Security	High Availability with stateful failover Multiple Security Zones Dynamic Routing VLAN support Virtual host capability Multi-casting Multi-core technology allows high-speed parallel processing ICSA-certified Firewall Checkmark Level 5 Certified	Faster up-times, reduced latency, simplified configuration, supports rapid network growth Supports creation of work profile-based groups across distributed locations Enables secure hosting of servers inside LAN and DMZ, efficient use of limited public address pool to host services Supports applications that work on real-time updates like stock updates for financial institutions High throughput
Centralized Management	Centralized Security with CCC	Simplified security management
Logging & Reporting	Layer 8 Identity-based Reporting Firewall logs Centralized logging and reporting with Cyberoam iView and CCC	Meets compliance requirements for CIPA, HIPAA, PCI DSS

VPN (SSL VPN & IPSec):

Threat-free Remote Access

Cyberoam offers the option of IPSec, LT2P, PPTP and SSL VPN over its UTM appliances, providing secure remote access to organizations.

The VPNC-certified Cyberoam communicates with most third party VPNs, making it compatible with existing network infrastructures and providing secure access with remote workers, partners, suppliers and customers.

Feature	Description	Benefit
IPSec VPN	Supports IPSec, L2TP, PPTP VPN Establishes road warrior, Net-to-Net, Host-to-Net VPN connections Full Support to IPSec and IKE Network authentication and encryption through DES, 3DES and AES Automatic failover of VPN connectivity for IPSec and L2TP connections across multiple ISP gateways	Flexibility with range of VPN options compared to dedicated VPN appliance Strong security Assured VPN connectivity, hence higher security levels
SSL VPN	On-appliance SSL VPN Web, application and client-based access modes	Anywhere, Any Time, Any Device VPN connectivity Flexible options Eliminates the need to install VPN clients over individual devices
Layer 8 Identity-based VPN Access	Identity and work profile-based access policies to employees, partners, customers Control over ‘Who Accesses What’	Data Leakage Prevention Prevents unauthorized access Control over access to individuals Meets regulatory compliance requirements
Threat-Free Tunneling Technology	Scans IPSec, L2TP, PPTP, SSL VPN traffic for malware, spam, inappropriate content and intrusions	Ensures secure endpoints and network Comprehensive protection from threats entering from devices
Layer 8 Identity-based Reporting	Reporting with username Options of on-appliance reporting, centralized reporting through CCC and Cyberoam iView	Provides instant user identification and prompt corrective action Meets regulatory and security compliance

Cyberoam also provides dedicated SSL VPN appliances for high performance secure remote access for enterprises.

Intrusion Prevention System:

Maximum security against emerging threats

Cyberoam Intrusion Prevention System protects against network and application-level attacks, securing organizations against intrusion attempts, malware, Trojans, DoS and DDoS attacks, malicious code transmission, backdoor activity and blended threats.

Cyberoam’s signature-based Intrusion Prevention System carries thousands of automatically updated signatures, enabling protection against the latest vulnerabilities.

Feature	Description	Benefit
Multiple Protocol Support	HTTP, FTP, SMTP, POP3, IMAP, P2P, IM support Automatically detects, blocks, drops suspicious traffic	Security against network, application and human layer attacks
IPS Policy Tuner	Layer 8 Identity-based Intrusion Prevention System (IPS) policies customizable to identity and work profile Identity-based alerts	Role-based access to users and groups Minimizes noise related to false positive alerts, traffic latency and improved performance
Signature Updation	Regular updates by the Cyberoam Internet Threat Response Team Customized signatures by organizations HTTP Proxy signatures	Protection against latest vulnerabilities Zero-hour protection during an outbreak prevents user masking through anonymous proxies
Centralized Security	Centralized custom signature creation and implementation at remote offices with CCC	Zero-hour protection for distributed networks Simplified security with lower cost of operations
Logging & Reporting	Human Layer-8 Identity-based logging and reporting with username, source, destination, period of activity Dashboard, Top alerts, attackers and victims with severity of attacks Centralized logging reporting with Cyberoam iView and CCC	Meets compliance requirements for CIPA, HIPAA, PCI DSS Meets requirements of forensic analysis Rapid corrective action with high security
Cost-Effective	Offers single, per-appliance subscription as opposed to per-user subscription	Comprehensive yet cost-effective security

Anti-Virus & Anti-Spyware:

Prevent blended threats

Cyberoam Gateway Anti-Virus and Anti-Spyware solution offers web, email and Instant Messaging security against malware, including viruses, worms, spyware, backdoors, Trojans and keyloggers.

Cyberoam’s Check Mark Level 5 certified anti-virus is tightly integrated with IPS, Web Filtering and Anti-Spam, securing organizations against blended attacks and maintaining high levels of security.

Feature	Description	Benefit
Broad Security Cover	Malware scan over incoming and outgoing traffic Virus, worm, Trojan detection and removal Spyware, malware, phishing protection Scan and deliver by file size Block by file types Multiple protocol support: HTTP, HTTPS, FTP, IM, P2P, SMTP, POP3, IMAP, VPN tunnels Millions of signatures in database Half-hourly signature updates White lists and black lists for protection	Reduces window of vulnerability Prevents misuse of the encrypted HTTPS / SSL traffic for malware propagation Blocks attachments of executables, media files, password-protected attachments
Zero-Hour Protection	Virus Outbreak Detection (VOD) based on detection of outbreak pattern Signature-less protection	Protects against early-hour vulnerability of massive virus outbreaks Eliminates security gaps related to signature update delays
Layer 8 Identity-based Security	Identity-based on-appliance reporting Differential policy creation based on user’s business need	Instant identification of source or destination of attack based on user identity, leading to high security Minimizes accidental and intentional bypass by preventing harmful websites from appearing in search results
Self-Service Virus Quarantine	Quarantine of virus-infected emails through Cyberoam Anti-Spam User right to check quarantine mails	Real-time Email Security Prevents mail loss Saves IT administrator time Meets quarantine requirements of regulatory compliance
Centralized Security	Automated policy updates through CCC Centralized logging and reporting with CCC and Cyberoam iView	High security for remote networks Simplifies remote security management
Cost-Effective	Single, per-appliance subscription as opposed to per-user subscription	Comprehensive yet cost-effective security

Anti-Spam:

Real-time, most accurate Spam Protection

Cyberoam Anti-Spam solution offers real-time spam protection over SMTP, POP3, IMAP protocols, protecting organizations from zero-hour threats and blended attacks that involve spam, malware, botnets, phishing, Trojans and more.

Cyberoam’s Check Mark Level 5 certified Anti-Spam solution offers 98% protection against zero-hour attacks with .0001% false positive rate, minimizing the threat of business mail loss.

Feature	Description	Benefit
Spam Filtering	IP reputation-based filtering RBL Lists, MIME header check Based on message header, size, sender, recipient	Screens out the 90% spam in incoming mail Saves bandwidth
Recurrent Pattern Detection	Automated spam protection based on distribution pattern Extracts and analyzes relevant message patterns Signature-less technique Detects, blocks emerging spam outbreaks\ Blocks attachment-based spam – PDF, XL, MP3 etc. Content agnostic, multi-language, multi-format protection – Blocks foreign language, image spam	Zero-hour protection with no wait for signature updates Narrow window of exposure High spam catch rate
Virus Outbreak Detection (VOD)	Signature-less detection from Cyberoam Anti-Virus and Anti-Spyware	Closes early-hour vulnerability gap of massive virus outbreaks over email Protects against the initial peak of attack Comprehensive Email Security
Identity-based Security	Layer 8 Identity-based requirement Copy and route mail to pre-defined mail addresses	Data Leakage Prevention Granular protection based on user work profile
Email Management	Granular email management with message and attachment size, subject line etc.	Minimizes exposure to threats and legal implications Increases productivity Lower cost of compliance Quick recovery for disaster management
Self-Service Quarantine Area	Quarantines malware-infected mails Sends Spam Digest to users User right to check quarantine mails	Meets security and regulatory compliance requirements Saves IT administrator time
Email Logging and Reporting	Data archiving Extensive Layer 8 Identity-based reporting – Top spam receivers, senders, applications of spam Real-time logs and reports Options of on-appliance reporting, centralized reporting from CCC and Cyberoam iView	Meets regulatory compliance, audit, forensic requirements

Web Filtering:

Complete Visibility & Control over HTTP & HTTPS

Cyberoam’s award-winning Web Filtering offers one of the most comprehensive URL databases with millions of URLs grouped into 82+ categories. Available with the Cyberoam UTM and Cyberoam Wi-Fi Appliances range, it blocks access to harmful websites, preventing malware, phishing, pharming attacks and undesirable content that could lead to legal liability and direct financial losses.

Cyberoam’s Layer 8 Identity-based policies offer granular web access controls, preventing data and productivity loss. Comprehensive web coverage coupled with granular Layer 8 controls make Cyberoam Web Filtering the right choice for large enterprises and small organizations

Feature	Description	Benefit
Web Categorization	On-appliance database 82+ Web categories Custom categories Automatic updates through WebCat – The Website Categorization Engine	Lowers response time and reduces privacy concerns Comprehensive and company-specific web filtering
Web Filtering Options	URL Keyword File type Database	Comprehensive web filtering & content filtering
Web Security	Blocks third-party proxy and tunnelling software Blocks Google cache pages Blocks embedded URLs in websites Enforces ‘safe search’ in search engines Blocks malware, phishing, pharming URLs Blocks Java Applets, Cookies, Active X	Integrated with Anti-Virus & Anti-Spyware and IPS to deliver comprehensive Web & Content Security Minimizes accidental and intentional bypass by preventing harmful websites from appearing in search results
HTTPS Controls	Visibility into encrypted HTTPS Traffic Prevents unauthorized file upload and download over HTTP and HTTPS Blocks unauthorized, malicious and illegal HTTPS websites	Data Leakage Prevention Prevents misuse of this encrypted medium to carry out malware attacks and unauthorized data transfer Controls legal liability
Regulatory Compliance	Implements Internet Safety Policy Active member of Internet Watch Foundation (IWF), UK Prevents Data Leakage	Enables CIPA compliance and supports E-Rate Funding HIPAA PCI DSS
Layer 8 Identity-based Controls	Username, group, work-requirement based policies Schedule-based access control User authentication through ADS, RADIUS, SSO, local and thin client	High security with high flexibility Prevents productivity loss Integrates with a range of existing authentication mechanisms
Best-of-breed Replacement	Offers single, per-appliance subscription as opposed to per-user subscription Custom messages to user with reason for blocked website Category-based bandwidth allocation and prioritization Data and bandwidth quota based on web categories and time of the day	Right replacement for best-of-breed solutions with comprehensive, yet cost-effective security Educates users regarding best practices in web usage Ensures bandwidth to business-critical applications Prevents productivity loss

For complete information about how Cyberoam protects your organization from all web and application threats, please visit Web & Content Security.

Bandwidth Management:

Enhance network performance and productivity

Cyberoam Bandwidth Management offers Layer 8 Identity-based bandwidth control, preventing congestion, bandwidth abuse and optimizing bandwidth and delivering higher ROI.

The solution prioritizes business-critical applications and users with granular Layer 7 and Layer 8 controls, supporting Cloud and SaaS deployments while lowering capital expense involved in bandwidth purchase.

Feature	Description	Benefit
Layer 7 and Layer 8 Bandwidth Allocation	Prioritizes business-critical applications and users for bandwidth allocation Prioritization based on source, destination, user, service, service group	Assured QoS for business-critical applications like VoIP, CRM A bandwidth manager that supports bandwidth requirement for Cloud, SaaS applications Prevents congestion and bandwidth abuse
Web Category-based Allocation	Bandwidth allocation based on website categories: webmail, social media, gaming, entertainment etc. Upload, download limits Layer 8 Identity-based policies with category-based allocation	Enhanced productivity with Web Filtering
Time-based Allocation	Bandwidth scheduling by time of the day Committed bandwidth to business-critical applications during scheduling	Balances peaks and troughs in bandwidth consumption Assured QoS for business-critical applications
Committed & Burstable Bandwidth	Committed bandwidth to critical users at all times Policies to assign idle bandwidth to other applications automatically	Optimal use of idle bandwidth Limits capital expense in excess bandwidth purchase Delivers ROI
Logging & Reporting	Multiple WAN link bandwidth reporting Options of on-appliance reporting and centralized reporting with CCC and Cyberoam iView	Supports optimal use of bandwidth with visibility into bandwidth usage Identifies network attacks through excess bandwidth consumption patterns Helps meet regulatory compliance

Application Visibility & Control:

Prioritize applications with Layer 7 & Layer 8 Visibility & Controls

Cyberoam offers Application Visibility & Control with Layer 7 policies and reporting, preventing data leakage and sophisticated application-layer threats, including malware, phishing, botnets. The feature supports business applications, secure collaboration, Cloud and SaaS deployments with Layer 7 and Layer 8 identity-based policies.

Cyberoam Application Visibility & Control supports policies based on a combination of User-Time-Bandwidth-Application offering granular controls with flexibility. Organizations can control applications using standard Port 80, 443, non-standard ports, port hopping or tunnel through encrypted SSL traffic, ensuring Application Security.

Feature	Description	Benefit
Application Security	Inbuilt application category database Blocks anonymous proxies Eg. UItra surf Prevents “Phone home” activities and keyloggers Layer 7 & Layer 8 Visibility	Prevents sophisticated application-based threats
User and Time-based controls for Application Access	Controls usage of social applications Eg., Facebook, YouTube, iTunes, gaming, BitTorrent based on Time and Layer 8 Identity-based policies Controls P2P applications, Eg. Skype and IM applications Schedules non-critical applications during non-peak hours Enables creation of White (Business-Critical), Black (Non-Productive), Grey (Social, Entertainment) application categories for prioritization	Enhanced productivity through flexibility Balanced bandwidth usage Supports business-critical applications Ensures Application Security with comprehensive IM, P2P controls
Bandwidth Control for Applications	Prioritize bandwidth allocation to critical applications Eg. Salesforce, Sharepoint, CRM, ERP, etc. Control bandwidth allocation to non-business applications	Delivers Application QoS Ensures optimal bandwidth utilization
Layer 8 Identity and Bandwidth-based Application Control	Control application usage based on user, user group, source, destination and bandwidth	Supports bandwidth and user-critical applications Eg. VoIP Enhanced productivity Optimizes bandwidth usage

3G / WiMAX Connectivity:

Secure, Uninterrupted WAN Connectivity

Cyberoam UTM appliances support 3G and WiMAX WAN connectivity, offering assured security over wireless WAN links.

Cyberoam support to WWAN connectivity enables organizations to implement high security levels in remote locations which may not have wireline connectivity. Automatic failover from wireline to wireless WAN links ensures high availability in WAN connectivity.

Feature	Description	Benefit
WWAN Connectivity	Supports 3G and WiMAX connectivity Configures Wireless WAN as primary or back-up link	Offers assured connectivity Supports flexible alternative to wired WAN links Delivers cost-effective redundancy Ensures continuity in business processes
Any Where Deployment	Simple USB modem plug-in into Cyberoam UTM appliance	Simple, instant deployment Supports security at temporary offices and remote locations where wireline WAN may be unavailable

Instant Messaging Archiving & Controls:

Making the public IM private

Cyberoam’s IM Archiving and Control limits communication and file transfer over IM, preventing data leakage, phishing, malware, viruses, Trojans, worms, botnets and other malicious attacks.

Cyberoam’s Instant Messaging Controls implement Layer 8 Identity-based policies to control access to IM applications like Yahoo Messenger and Windows Live Messenger. It offers granular logs and reports, providing visibility and archiving facility that meet regulatory compliance requirements.

Feature	Description	Benefit
Layer 8 Identity-based Policies	Controls who chats with whom through whitelists and blacklists Blocks chat conversations Sets rules to prevent users from chatting with specific users or domains	Enhances security and productivity Converts unsecured public IM akin to secure private IM
Controls File Transfer, Voice, Video Chat	Identity- and group-based policies to control: File transfer Voice chat Video chat	Prevents malware entry, viruses, worms
Filters Conversations	Keyword-based chat filtering, Eg. Social Security and Credit Card Numbers, etc.	Data Leakage Prevention Ensures safe chatting in schools and libraries, meeting CIPA requirements
Application Security	Enables virus scanning over IM	Enhances Application Security
IM Archiving and Reporting	Archives IM activity Layer 8 Identity-based logs and reports for audit and forensics Reports based on time, users, keywords used in chat Custom alerts Choice of report availability with on-appliance reporting, centralized reporting over CCC and Cyberoam iView	Helps meet regulatory compliance requirements

Multiple Link Management:

For an ‘Always-on’ Network

Cyberoam’s Multiple Link Management supports WAN redundancy and delivers assured WAN availability and reliable connectivity.

With Cyberoam’s management of WAN connectivity, organizations have assured access to business applications involved in collaboration, Cloud and SaaS deployments. It optimizes multiple links, delivering ROI and minimizing overload.

Feature	Description	Benefit
Automated Load Balancing	Automatically distributes traffic over multiple links Weighted round robin load balancing of links Supports routing of traffic based on speed and cost of WAN link	Ensures optimal usage of WAN links Lowers capital expense involved in high-cost links Delivers high ROI
Layer 8 Identity-based Routing	Defines routing path based on User Source IP Protocol	Balances network load Assured QoS to applications and users
Automatic Link Failover	Automatic detection of failed WAN link and routing to working link Multiple test methods to detect failure to reach applications, Eg. Inventory Management, ERP, CRM – Detects outages at gateway and along the path of WAN link	Continuous service and application availability
Wireless WAN Technologies	Supports configuration of 3G and WiMAX as back-up or primary links	Creates WAN redundancy Eliminates the risk of wireline outages Provides security where wireline connectivity may not be available

On-Appliance Reporting:

Real-time visibility into network activities

Cyberoam’s on-appliance reporting delivers Layer 8 Identity-based visibility into user and network activity, offering real-time information regarding who is doing what across central and remote locations.

Cyberoam UTM appliances deliver in-depth reporting over the appliance, eliminating the need for an independent reporting solution and minimizing the resultant security investment and operational expense.

Feature	Description	Benefit
Human Layer 8 Identity-based Security	User identity-based reports in dynamic Wi-Fi and shared endpoint environments in healthcare, educational institutions, retail stores and call centers Visibility into who is doing what Visibility into who is accessing which application	Instant identification of the source or destination endpoint under attack or perpetuating an attack Helps prevent data leakage Supports regulatory compliance requirements of CIPA, HIPAA, PCI DSS, GLBA Shorter audit cycles
Security Reporting	Firewall & Internet activity VPN activity Intrusion Prevention reports Spam reports Virus reports Web activity Search Engine Query reports Mail activity IM activity FTP activity	Real-time view of network activity Supports instant security action
Compliance Reporting	HIPAA GLBA SOX PCI DSS FISMA	Supports compliance to regulatory requirements
Personalized View	Create custom dashboard Bookmark important reports View custom trends Create custom reports	High flexibility to meet organizational requirements
Report Formats	View Formats – Tabular, Graphical Print Formats – CSV, PDF	High flexibility to meet organizational requirements Report sharing with the relevant departments and management
On-Appliance Reporting	Free reporting module over Cyberoam UTM appliances	Eliminates need for separate reporting solution Minimizes security investment and operational expense involved in maintenance

IPv6 Ready:

Ready for the new Internet

Cyberoam is “IPv6 Ready” Gold logo certified, making it future-ready when the current IPv4 Internet addressing system moves to IPv6 to meet the high demand for IP addresses

Cyberoam supports organizations’ preparedness for the transition, with its IPv6-ready security solutions.

Cyberoam has been certified with “IPv6 Ready” Gold logo by the IPv6 Forum.
The Gold logo assures organizations of a smooth transition to IPv6 with Cyberoam’s ability to identify and process IPv6 traffic.
Cyberoam’s Gold logo is a result of 3000+ rigorous test cases which are part of an International Testing Program by the IPv6 Forum.

Wi-Fi Appliances:

Secure Wi-Fi connectivity

Cyberoam Wi-Fi security appliances protect home and remote offices and public Wi-Fi access providers from intrusions, identity theft through MAC spoofing, DoS attacks and malware entry.

Cyberoam CRwi Wi-Fi appliances offer Layer 8 Identity-based security, providing high levels of security with flexibility in wireless LANs. The appliances support 802.11n/b/g wireless standards. They combine the features of a router and Cyberoam’s complete set of UTM features, offering reduced TCO to organizations.

Feature	Description	Benefit
Layer 8 Identity-based Wi-Fi Access	User identity-based access to Wi-Fi Unique employee and guest policies based on: Username or group Schedule Categories of web access Data transfer limit Bandwidth availability Application Layer 7 Policies	Eliminates the security gaps in pre-shared keys used by organizations Higher security levels as guest access rights are time bound Enhances data and network security
Multiple Virtual Access Points	Allows up to 8 virtual access points – creates segregated networks in the same physical area Creates Wi-Fi zones by functions or groups, separating them from guest zones Controls guest Internet and network access	High security with flexibility, Eg. Sales, marketing, finance, design grouped into different zones Data leakage prevention and security of sensitive network resources by separating and controlling guest access
MIMO Technology	Uses MIMO Controls wireless bandwidth and coverage	Higher throughput Customization to suit business needs
Layer 8 Identity-Based Reporting	Extensive logging and reporting with username Trace of guest user and employee activity Choice of options with on-appliance reporting, centralized logs and reports with CCC and Cyberoam iView	Quick identification that enhances security Meets regulatory compliance requirements

	Unified Threat Management:
	Stateful Inspection Firewall VPN (SSL VPN & IPSec) Intrusion Prevention System Anti-Virus & Anti-Spyware Anti-Spam Web Filtering Bandwidth Management	Application Visibility & Control 3G / WiMAX Connectivity IM Archiving & Controls Multiple Link Management On-Appliance Reporting IPv6 Ready Wi-Fi Appliances

Quick Product Search: