1 / 88

Our Products

CYBEROAM. Comprehensive Network Security. Our Products. Cyberoam – Endpoint Data Protection. Data Protection & Encryption Device Management. Application Control Asset Management. Unified Threat Management. Cyberoam Central Console (CCC). SSL VPN. Cyberoam Unified Threat Management.

iola-pratt
Download Presentation

Our Products

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CYBEROAM Comprehensive Network Security Our Products Cyberoam – Endpoint Data Protection Data Protection & Encryption Device Management Application Control Asset Management Unified Threat Management Cyberoam Central Console (CCC) SSL VPN

  2. Cyberoam Unified Threat Management • Gateway Integrated security over single platform • Unique Identity-based Layer 8 approach penetrates through each security module

  3. KEY QUESTION TO ASK: How do you Identify users and grant access?

  4. How do you Identify users and grant access? • “Certain employees are using their hand-held devices like Iphones & Blackberrys to access internal resources in my company. Some are working from home.” • “Our Network works on Citrix, and we would like to block certain users from accessing particular applications and apply unique policy for each user across the network.” • “How can I create special privilege for the technical team to access only specific servers / applications in my DMZ zone?”

  5. How do you Identify users and grant access? • “How can I know have information of which users logging when and what he is accessing from network or even from HOME. (Work from HOME)” • “How can I have AAA (Authenticate, Authorize and Audit) in my single security device.”

  6. Terminal Server XenServer SOLUTION – Unique Identity Based Cyberoam Firewall • Cyberoam features: • Stateful Inspection Firewall • Application based Firewall • Identity based Firewall • Admin can define the policies based on Username or IP Addresses and follows wherever he goes • Admin can bind the policies with user-name, IP address, MAC and session id (For Windows Terminal Sever and Citrix) as well

  7. KEY QUESTION TO ASK: HOW DO YOU PROVIDE ACCESS PRIVILEDGES TO USERS?

  8. How do you enable access policies for your users? • “Blanket policies for all departments do not work for us anymore.” • “I want my HR department to have access to Job & Recruitment websites.” • “I want to apply a daily download quota to certain users in my network” • “I want to block certain websites for a specific group of users. Although, these websites are hosted on HTTPS” • “I want to allow IM access to our Senior Management & Sales Team”

  9. How do you enable access policies for your users? • “How can I give access to FACEBOOK to specific users only one hr a day that too after office hrs?” • “How can I manage B/W to social networking websites to (for eg: Facebook) 2kbps so that business application gets right b/w?” • “How to block P2P applications, Proxy applications or Secured application like Ultrasurf acoross my organization?” • “How can I monitor/log DATA Transfer over HTTPS?”

  10. SOLUTION: WEB CONTENT & APPLICATION FILTER • Block, Control & Monitor internet access & application access of Users. • Over 44 million+ websites in 82+ categories • Blocks and inspect • HTTPS websites • Google Cached pages • All known proxies such as Ultrasurf etc. • Educate healthy-usage policy by providing customized messages on blocked websites. Premium

  11. COMPLETE CONTROL WITH USER IDENTITY

  12. Blocks over 5000+ Applications SOLUTION: APPLICATION CONTROL Username / IP Address

  13. SOLUTION: IM MANAGEMENT & CONTROL • Log & Monitor leading Instant Messengers • Yahoo, • Windows Live • Filter content over IM: Blacklist certain keywords or regular expressions • Block File transfer over messengers

  14. IM Controls for Yahoo MSG: Data Leak Protection (File Transfer Control) Who can chat with whom! Logging of Chat Conversations

  15. KEY QUESTION TO ASK: HOW DO YOU OPTIMIZE NETWORK & RESOURCE AVAILABILITY?

  16. How do you optimize Network & Resource Availability? • “We want to allot dedicated bandwidth to our VOIP/CRM/ERP” • “My CEO – wherever he logs in – Wifi/Lan/Handheld – should receive committed bandwidth at all times and hours.” • “I want to assign burstable (128kbps – 1 Mbps) to users/group and burst it when the B/W is free from other users”

  17. How do you optimize Network & Resource Availability? • “How can I provide Dedicated B/W to Video Conferencing/ Backup device for only 2 hrs on specific date?” • “We would like to prioritize applications that utilize applications. CRM should have highest priority.” • “How can I analyze that which application / User is using how much B/W in real time?”

  18. SOLUTION: BANDWIDTH MANAGEMENT • Allocate/Restrict bandwidth to specific application or users/groups • Allocate/Restrict bandwidth to specific categories • Schedule bandwidth allocation/restriction • Allocate dedicated bandwidth or as per availability (burstable)

  19. CRM ERP Sales force You Tube IM Application Web mail Casual Traffic Application Firewall Crowd of Applications Bandwidth Management

  20. SOLUTION: TRAFFIC DISCOVERY • Real-time visibility into bandwidth utilization by • User • Protocol • Application • Provides visibility of unproductive usage of resources and threat incidence

  21. Traffic Discovery: Live traffic filtering by Application, User, IP Address Filter traffic for specific application Traffic Filtering by Firewall Rule-ID, IP Address, Port etc. Live Traffic Analysis including Bandwidth, Data Transfer Connection Information

  22. KEY QUESTION TO ASK: HOW DO YOU ENSURE BUSINESS CONTINUITY?

  23. How do you ensure Business Continuity? • “Internet access should not be interrupted even though one of our link fails” • “We want the traffic of our finance department to route via a separate gateway” • “How can I ensure my VPN connectivity is having 100% uptime?” • “How can I use my 3G modem as back-up link when ADSL goes down?”

  24. SOLUTION: MULTIPLE LINK MANAGER • Automated Link Load balancing assures ROI/investment • Support for more than 2 ISP links • Supports Wireless WAN (3G USB modems, Wimax) • Link Failover • Policy-based routing: Source ID/Users/Protocols • VPN Failover • High Availability • Active Active • Active Passive

  25. Active-Active gateway load balancing ISP1 (MPLS) (10 mbps) ISP2 (ADSL) (5 mbps) ISP3 (3G) (1 mbps) Failover Link Sales Dept. Dev. Dept. Finance Dept.

  26. KEY QUESTION TO ASK: HOW DO REMOTE WORKERSACCESS YOUR NETWORK?

  27. How do remote workers access your network? • “I want a connect all branches to my HO using secure and stable connection with zero downtime” • “I would like to grant our employees secured access to internal resources from hand-held devices like iPhone” • “I want my work-from-home employees/Roaming users to have limited access to only specific application ” • I want to SCAN my Remote/Roaming users traffic before they connect to my NETWORK?

  28. SOLUTION: VIRTUAL PRIVATE NETWORK (VPN) • Secure & Seamless connectivity between branch offices • Threat Free Tunneling (TFT) Technology • Scans traffic entering VPN tunnel for: • Malware • Spam • Inappropriate content • Intrusion attempts • Supports • IPSec, L2TP, PPTP technologies (client-based) • SSL-VPN enables access to internal resources from any device (Does not require a client)

  29. SSL VPN User Portal

  30. KEY QUESTION TO ASK: ARE DESKTOP ANTI-VIRUS & ANTI-SPAM SUFFICIENT?

  31. Are Desktop Anti-virus & Anti-spam sufficient? • “I want to optimize my bandwidth by blocking spam at the source/gateway itself” • “I want to provide users the ability to release/tag their messages from/to the quarantine area” • “Even HTTPS websites/applications need to be scanned for viruses” • “I want my F/W/UTM to use trusted AV and use all the signatures of Virus and give 100% protection” • “How can I create User based Anit-SPAM rules? “ • “How can I comply SOX?”

  32. indicates feature offered only by top-rated UTMs SECURITY»Content Security»Anti-Malware • Gateway Anti-Malware • 4 million+ signatures • Bi-directional scanning of web & email • Self-service Virus Quarantine • Reduced window of vulnerability • Broadest security cover against all malware • Scans • HTTP, FTP, SMTP, POP3 • HTTPS, IMAP • Instant Messenger traffic • Layer 8 Impact • Identity-based virus reports • Instant visibility into attacker/victim • Identity-based Quarantine policies Anti-Virus Anti-Spyware

  33. SOLUTION : GATEWAY ANTI-SPAM • Detects & blocks 98% of all spam • False positive rate of 1 in a million. • Unique Recurrent Pattern Detection (RPD) technology blocks all types of spam including excel,pdf, multi-lingual spam etc. • Self-Service Quarantine Area for users, allowing them to check quarantined emails and reduce administrator overhead • Users Receive daily/weekly/monthly spam digest • IP Reputation filtering: • Stops 85% of spam at Gateway • Does not let it enter the network • Saves bandwidth & resources Premium

  34. How do you safe-guard your network from Hacking attempts? • “How can I protect my network from DDOS & SQL Injection attacks?” • “I wan to block a specific (custom) application for Specific users by creating signature in my firewall?” • “How do I get immediate intimation on a hacking attempt on my network?”

  35. SOLUTION: INTRUSION PREVENTION SYSTEM (IPS) • More than 3500+ signatures to block a plethora of intrusion attempts. • Complete protection against DOS, DDOS, Syn Flood attacks and more. • Identity-based IPS policies per user or group • Overview of threat status: • Top alerts, top attackers, top victims

  36. KEY QUESTION TO ASK: DO YOU HAVE COMPLETE VISIBILITYOF YOUR NETWORK?

  37. Do you have complete visibility of your network? • “I want to identify the most dangerous users in my network” • “I would like to discover which users receive the most spam” • “Can I find out what people are surfing on the net in my company?” • “I want to monitor IM conversations of employees in my company” • “I want to monitor what files are being uploaded on the net” • “I want know know what google searches are being made”

  38. Powered By: SOLUTION: ON-APPLIANCE REPORTING • More than 1000+ on appliance reports. • No Additional Purchase needed of hardware/service to access reports. • Collects logs and assists in Network Forensics • Reports in compliance with • CIPA – Children’s Internet Protection Act • HIPAA – Health Insurance Portability & Accountability Act • GLBA – Gramm-Leach-Bliley Act • SOX – Sarbanex-Oxley • FISMA – Federal Information Security Management Act • PCI – Payment Card Industry Data Security Standards

  39. User Dashboard

  40. Combined Report

  41. Top Categories

  42. Top Web Users

  43. Search Engine – Google Search Results

  44. Top Spam Recipients

  45. Other UTMs Cyberoam Authenticates Cyberoam Authorizes Cyberoam Audits User Login • User • IP Address • MAC Id • Session Id • Access Time • Internet Quota • Security Policies • Web Filtering • Layer 7 Controls • QoS • IM Controls • Identity - based • Logs + Reports Cyberoam Layer 8 Advantage • MAC Id • Session Id

  46. Cyberoam UTM solves Organizational Concerns

  47. DEPLOYMENT MODES CYBEROAM

  48. Router FirewallINT IP: 192.168.0.1/24 Network:192.168.0.x/24 Users BRIDGE MODE Default Gateway: 192.168.0.1

  49. RouterIP:61.0.5.1/29 INT IP:192.168.0.1/24 DMZ IP: 172.16.1.1/24 EXT IP: 61.0.5.2/29 Gateway IP: 61.0.5.1 DMZ Zone Console Switch Switch Network:192.168.0.x/24 Database ServerIP:172.16.1.4Gateway: 172.16.1.1 Web ServerIP:172.16.1.2Gateway: 172.16.1.1 Mail ServerIP:172.16.1.3Gateway: 172.16.1.1 Users GATEWAY MODE Default Gateway: 192.168.0.1

More Related