Next-Generation Centralized Security Management for … · Next-Generation Centralized Security Management for MSSPs & Distributed Enterprises. ... Boston Mumbai Dubai New York ...
Post on 01-Sep-2018
223 Views
Preview:
Transcript
www.cyberoam.com | sales@cyberoam.com
Next-Generation Centralized Security Management
for MSSPs & Distributed Enterprises
As Enterprise and MSSP networks expand with more offices, users and experience trends like
device proliferation, application explosion, virtualization and more, they deal with greater
security risks across branch offices and customer offices. Blended attacks from malware,
trojans, phishing and pharming threats target enterprise networks at the weakest entry points-
the branch offices.
From managing distributed security appliance deployments to ensuring consistent security
policy implementation across branch office and clients, overtaxed IT Managers as well as
MSSPs seek a centralized management system that gives them the confidence to centrally
manage security for multiple sites with desired flexibility and manageability.
Cyberoam Central Console
Cyberoam Central Console (CCC) is a centralized management solution that allows Enterprises and MSSPs to
manage multiple Cyberoam network security appliance (UTM and Next Generation Firewall) deployments
across remote or branch offices and clients respectively. With a range of features, CCC simplifies security
management for actions like rapid deployment of organization-wide security policies and updates, to better
protect dispersed networks, resulting in benefits of reduced cost, complexity and time.
Next-Generation Management series of CCC
appl iances (CCC NM) del iver high
performance from underlying powerful new
hardware and fulfill demanding processing
needs to suppor t secur i ty po l icy
enforcement in large, complex and dispersed
networks.
CCC Next-Generation ManagementHardware Appliances
The virtual CCC appliances support VMware and Hyper-V
virtualization platforms and offer full set of features as
CCC hardware appliances. By allowing organizations to
leverage the virtual environment, CCC Virtual appliances
eliminate the need for dedicated hardware, reduce cost of
ownership and simplify future upgrades. The CCC virtual
appliances allow customers to manage up to 5 Cyberoam
network security appliances without any license fee.
Virtual CCC Appliances
New York BostonBoston Mumbai Dubai Dubai Boston Mumbai Dubai
Customers Branch Offices
MSSP Enterprise
ACME Inc.GGY Inc.
Internet
Internet
Cyberoam Central Console Cyberoam Central Console
MSSP Security Operations Center Corporate Headquarters
Cyberoam Central Console (CCC) Features:
CCC allows centrally managing security policies for dispersed Cyberoam security appliance deployments and
enables integrated provisioning of Firewall, IPS, Anti-virus and VPN security services across branch offices and
client offices from a single, web-based GUI. This not only simplifies security management but also enables uniform
policy implementation, giving real-time protection against threats, drastically improving response time to mitigate
security risks against newly identified threats for enterprises and MSSPs alike.
CENTRALIZED POLICY MANAGEMENT & SECURITY UPDATES1
CCC allows meaningful grouping of distributed Cyberoam network security appliances based on geography,
Cyberoam security appliance models, firmware version, organizations (especially for MSSPs) and service
subscriptions. Enhanced with Web 2.0 benefits, the Dynamic Views in CCC provide at-a-glance information on the
dashboard that helps in managing, searching and sorting appliances for quick monitoring and action. CCC offers
flexibility in sorting appliance views on the dashboard by allowing customizable selection criteria for sorting.
INTELLIGENT GROUPING OF APPLIANCES2
Centralized Policy Enforcement
Based on Geography
ApplianceGroup
Template
Geography_wise ( #2 )
Geography_wise
State : Singapore ( #2 )
Country : APAC ( #2 )
ACME_SG_01
ACME_SG_02
Policy
Based on Appliance Models
ApplianceGroup
Template Policy
All Appliance Models ( #5 )
All Appliance Models
Model : CR15wiNG ( #1 )
ACME_Corp_01
ACME_CAN
ACME_USA
ACME_SG
ACME_ANZ
Model : CR25iNG ( #4 )
Based on Client
ApplianceGroup
Template Policy
Client_wise ( #4 )
Client_wise
Company : Life Pharma Inc ( #2 )
LIFE_PHARMA_CAN
LIFE_PHARMA_SG
PROFIT_BANK_JP
PROFIT_BANK_ANZ
Company : Profit Bank Ltd ( #2 )
Grouping of security appliances
Centralized View of distributed appliance deployments
Enterprises and MSSPs can create policy templates based on best practices for re-use while setting up security
policies for new branch offices and customers, saving them considerable time and effort. For example, applying a
security policy template with VPN, Web and Application filter, IPS configuration to new branch offices; applying
Education vertical policy template for new customers in Education by MSSPs.
TEMPLATE-BASED CONFIGURATION3
CCC enables Enterprises and MSSPs to set role-based administration for CCC appliances as well as individual
/group of Cyberoam security appliances. Both enterprise businesses and MSSPs have dedicated teams for
managing and overseeing different security functions relating to various areas such as VPN, Application security,
IPS management and the like. Having role-based access enables distributing such tasks to separate users based on
region, role or responsibilities while maintaining centralized administrative control over what each administrator
can see and do through CCC console.
ROLE-BASED ADMINISTRATION4
Dashboard
Objects
Network
Firewall
Console access from GUI
Web Filter
Application Filter
IM
QoS
System
Identity
VPN
IPS
Anti Virus
Anti Spam
Logs & Reports
CCC Management
Appliance Management
Appliance Monitoring
CCC Logs
Configuration None Read-Only Read-Write
CCC access
Edit CCC User
User Name *
Password*
Access Profile *
Accessible Appliance *
admin
********** Change Password
Administrator
ACME_CAN
Select All
ACME_CAN
ACME_USA
ACME_SG
Add Appliance
Access to group of Security appliances
Gives Enterprise and MSSP administrators the power to roll-back configuration changes and helps them with an
audit trail for compliance review and to track deviations from a standard security policy
CHANGE CONTROL AND LOGGING5
Enables MSSPs and Enterprises to leverage existing Professional Services Automation (PSA) Tools, IT infrastructure
monitoring and ticketing systems, providing benefits of usability and operational efficiency
Integration with PSA tools like ConnectWise enables automatic ticket generation and resolution for key CCC alerts
on PSA interface, enabling accelerated process automation for managed security services
CCI API6
Timely notifications can be set for individual or group of Cyberoam security appliances through email alerts across
branch offices and client offices based on expiry of subscription modules, excess disk usage, IPS and virus threat
counts, unhealthy surfing hits and other parameters. CCC's alert configuration facility helps enterprises and MSSPs
reduce false alarms. For example, administrators can set an alert when the CPU usage reaches above 90% for a
specific time period (say 20 minutes) instead of setting an alert when it momentarily peaks to 90% - which can
trigger a false alarm.
CCC's Log Viewer offers logs and views of administrator actions on CCC as well as dispersed network security
appliances, which helps with investigative analysis, supports regulatory compliance as well as keeps track of
historical activities across distributed networks.
AUDIT LOGS & ALERTS7
Send email(s) alert to
Appliance(s)
Alerts criteria Any subscription module expires within
CPU usage exceeds
Memory usage exceeds
Disk usage exceeds
IPS Threats count exceeds
Web virus count exceeds
Mail Virus count exceeds
Total virus count exceeds
Spam Mail count exceeds
Unhealthy Surfing hits
Appliance Connection Status
day(s)
% since last
% since last
%
since last
since last
since last
since last
since last
since last
7
50
50
90
1000
50
50
50
50
1000
20
20
30
30
30
30
30
30
Minutes
Minutes
Minutes
Minutes
Minutes
Minutes
Minutes
Minutes
Alert From 10_103_7_1
All Appliance
ben@acme.com
Update Alert Profile
Profile Name *
Alert configuration
View Log For :
Start Date :
End Date :
C
Policy Configuration
C
Policy Configuration
Management Console
System Events
Records per page 20
Search
(1 of 10)
Time Event User Name IP Address Entity Sub Entity Action Status Appliances Message
2014-04-0416:39:44
2014-04-0416:39:40
2014-04-0416:38:56
1300539026050
1300459968004
1300539026050
admin
admin
admin
10.103.6.142
10.130.1.47
10.103.6.42
User
Alerts
Users
ClientlessUser
Alert profile
ClientlessUser
Insert
Insert
Insert
Error
Error
Error
ACME_CAN
ACME_USA
ACME_SG
Entity blocked. CCC is not able to
connect to the appliance as Remote
management through CCC is not
enabled from appliance.
Entity blocked. CCC is not able to
connect to the appliance as Remote
management through CCC is not
enabled from appliance.
Push operation blocked as appliance is
not synchronized.
CCC Logs
Archived Files
days per pageShow Page 1 of 3 Go to page : Go5
From: 2014-07-15 00:00:00To: 2014-07-25 23:59:59
Date File Details Total Size Action
2014/07/25
2014/07/20
00_23hrs.log (92.71 KB)
00_23hrs.log (1.54 KB)
92.71 KB
1.54 KB
View Data
Unload
View Data
Cyberoam Security appliance logs
Event Viewer Log Viewer
Start Date *
End Date *
Appliance
File Type Audit Logs
System Logs
Anti Virus
IPS
Authentication
Audit Logs
C
C
2014-07-15 00:00:00
2014-07-25 23:59:59
ACME_CAN
Features
Centralized policy management
and security updates
! Real-time protection against newly identified threats
! Reduced operational cost, complexity and time to manage dispersed networks
! Organization-wide uniform policy implementation
! Control over distributed networks from a central console
Web 2.0 enabled GUI ! Dynamic views for managing, searching and sorting Cyberoam security appliances
! Quicker policy setting and security management
Intelligent grouping of Cyberoam
security appliances
! Allows meaningful grouping of security appliances based on clients (for MSSPs),
geography, security appliance model and more
Template-based configuration ! Create policy templates based on best practices for re-use
! Enables enterprises to extend security policies for new branch offices in minimal time
! Enables MSSPs to apply vertical-focused policies for new clients in minimal time
Benefits
API ! Enables MSSPs and Enterprises to leverage existing Professional Services
Automation (PSA) Tools, IT infrastructure monitoring and ticketing systems, providing
benefits of usability and operational efficiency
! Integration with PSA tools like ConnectWise enables automatic ticket generation and
resolution for key CCC alerts on PSA interface, enabling accelerated process
automation for managed security services
Alerts and audit logs ! Timely notifications for alerts like reminders for security subscription expiry, threats
count crossing a threshold, appliance connection status, VPN connection status
change and more
! Helps with investigative analysis; supports regulatory compliance
Integration with Cyberoam iView
(Logging & Reporting solution)
! Auto-provisioning of managed appliances in Cyberoam iView
! Automatically syncs CCC administrators in Cyberoam iView
! Reduces complexity, saves time and effort
Role-based administration ! Delegation of administrative rights based on user roles
! Security against misuse of administrator privileges
Change control & logging ! Track and roll-back configuration changes for managed Cyberoam appliances
! Audit trail for policy and device changes
- Enables compliance review
- Helps track deviations from a standard security practice
FEATURES & BENEFITS
Allows auto-provisioning of managed appliances in Cyberoam iView and automatically syncs CCC administrators in
Cyberoam iView, resulting in reduced complexity and effort for network administrators and security service
providers alike.
INTEGRATION WITH CYBEROAM IVIEW8
Toll Free Numbers
+1-800-686-2360 : 1-800-301-00013USA : | India
APAC/MEA : | Europe :+1-877-777-0368 +44-808-120-3958
www.cyberoam.com | sales@cyberoam.com
C o p y r i g h t © 1999-2014 Cyberoam Te c h n o l o g i e s Pvt. L t d. A l l R i g h t s R e s e r v e d.Cyberoam and Cyberoam logo are registered trademark of Cyberoam Technologies Pvt. Ltd. AlthoughCyberoam has attempted to provide accurate information, Cyberoam assumes no responsibility foraccuracy or completeness of information neither is this a legally binding representation. Cyberoam has theright to change, modify, transfer or otherwise revise the publication without notice.
CCCV50 CCCV100CCCV15 CCCV200 CCCV500
CCC Appliance Range
Cyberoam Product Portfolio
CCC50NM CCC100NMCCC15NM CCC500NMCCC200NM
CCC Hardware Appliance Range
CCC Virtual Appliance Range
Network Security Appliances(Hardware & Virtual)
Centralized Reporting - iView Centralized Management - CCC(Hardware, Virtual & Cloud)
top related