Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Identity-Based Unified Threat Management One Identity - One Security
Jan 19, 2015
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Identity-Based Unified Threat Management
One Identity - One Security
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
What non-work related functions do you use your internet access at the office for ? (Source : www.vault.com)
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
• 70% of porn is downloaded between 9am and 5pm • The number of hacking sites grew 45% in the past year • 1 in 3 companies have detected spyware on their network
• 80% of network security managers claim their biggest security threat comes from their own employees gartner
• 5 billion music files were downloaded everyday
Source : “computer crime and security survey” The computer Security Institute (CSI)
COMPUTER CRIME AND SECURITY SURVEY
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
• Unable to allocate bandwith to the needy users • unable to allocate bandwith to user according to their needs • unable to control the heavy downloads of music & video files • Facing reduced employee productivity problem due to chatting and web browsing not related to work • Small number of users comsuming majority of the bandwith • unable to put a check on non-work related traffic
• The physical connection or the ISP goes down, organization’s vital link to internet also goes down
If YES, then you are not the only one, but sailing in the same boat of network managers across the world
NETWORK MANAGER’S PROBLEMS
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
• Allocate guaranteed bandwith per user • Automatically allocate the unutilized bandwith • Prioritize bandwith to most essential or latency-sensitive traffic • Schedule internet access based on time and day to control bandwith • Block streaming media files and recreational web surfing • Limit upload and download
• Block virus signatures and patterns
• Continuous availability of internet / internet available all times ( load balancing & auto failover )
THE SOLUTION
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Product Excellence Award in the 3 categories: (2007)
Integrated Security Appliance
Security Solution for Education
Unified Security
Tomorrow’s Technology Today 2007
2007 Finalist American Business Awards
2007 Finalist Network Middle East Award
Best Security Product Best SMB Networking Vendor
VAR Editor’s Choice for Best UTM (2007)
Finalist - 2008 Global Excellence in Network Security Solution
CRN – Emerging Tech Vendors 2007
Awards
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Example customers
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Example customer’s indonesia
1. PPATK
2. Badan Pemeriksa Keuangan
3. Asuransi JASINDO
4. MAYORA,PT
5. Polypet Karyapersada, PT
6. BANK DIPO
7. Pandu Logistics, PT
8. BUMA, PT
9. Kejaksaan Agung
10. Garuda Metalindo, PT
11. Airfast Indonesia,PT
12. Pemda DEPOK
13. Ripcurl
14. Angkasa Pura II
15. Pemkab SRAGEN
16. Pemkab KUDUS
17. PERTAMINA
18. Upgraded Brown Coal Indo, PT
19. METRASAT (TELKOM)
20. Asuransi ACA
21. Mobile 8
22. DKSH, PT
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Pengertian UTM
UTM(UNIFIED THREAT MANAGEMENT)
• Alat yang mengumpulkan solusi untuk ancaman didalam sistem jaringan
• ANCAMAN SOLUSI
Virus / Spam Anti virus / Anti spam
Bandwith ‘boros’ Bandwith Management
Internet lamban Web content filtering
Hacker IPS
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam is the only Identity-based Unified Threat Management appliance that provides integrated Internet security to enterprises and educational institutions through its unique granular user-based controls.
Cyberoam – Identity Based Security
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Identity - based UTM
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Network Challenges for OrganizationsThe Problem with Traditional Security Solutions
• Focused on protection against external threats only
• Insider threat protection not given due importance
• Ineffective against blended threats
• The users known by static IP addresses
• Lack of security in dynamic IP environments
• Lack of security for Shared desktops
• Inability to know ‘Who is Doing What’ in the network
• Sacrificed Flexibility as UTM tried to fit many features in single appliance
• Inadequate logging and reporting
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
PATENT PENDING: IDENTITY-BASED TECHNOLOGY
User
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
“Know the user by user-name not the IP address”
Easy Identification of the user
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Identity Based Policies
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
The Cyberoam Firewall
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Identity-based Security
Stateful Inspection Firewall
Centralized management
for multiple security
features
Multiple zone security
Granular IM, P2P controls
Enterprise-Grade Security
All the security features can
be applied to each FW rule
Identity-based Firewall
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Identity-Based Content Filtering
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
82 categories organized into four different groups of neutral, unhealthy, productive and non-working
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Educate Users with Custom Denied Messages and reduce your support calls
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
IDENTITY BASED BANDWITH MANAGEMENT
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Application and Identity-based bandwidth allocation
Committed and burstable (sisa b/w dpt digunakan bila tidak
sedang penuh) bandwidth
Schedule-based bandwidth allocation
Restrict Bandwidth usage to a combination of source, destination
and service/service group
Identity-based Bandwidth Management
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
External Authentication Integration
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Authentication and External Integration
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Multilink Manager Load Balancer
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Advanced Multiple Gateway Features
Auto failover
Complex rule support for auto failover checking.
Weighted round robin load balancing
Policy routing per application ,user, source and destination.
Gateway status on dashboard
No restriction on number of WAN Ports
Schedule based bandwidth assignment
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Gateway Anti-Virus
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
• Scans HTTP, FTP, SMTP, POP3, IMAP traffic on a combination of Source, Destination, Identity, Service and Schedule
Self-service quarantine area
Identity-based HTTP virus reports
Updates every ½ hour
Spyware and other malware protection included
Blocks “Phishing” emails.
Gateway Anti- Virus Features
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Gateway Anti- Virus Reports
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Gateway Anti-Spam
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Scans SMTP, POP3, IMAP traffic
Virus Outbreak Detection (VOD) for zero hour protection
Self-Service quarantine area
Spam filtering with (RPD) Recurrent Pattern Detection
technology
Content-agnostic
Narrow window of exposure
Compliance to Sarbanes Oxley (Copy
to Archive feature)
Change recipients of emails
Gateway Anti-Spam Features
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Protects against Image-based Spam and spam in different languages
The spam catch rate of over 98%
0.007% false positives in spam
Local cache is effective for >70% of all spam resolution cases
RPD (Recurrent Pattern Detection)
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Intrusion Prevention System (IPS)
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Multiple and Custom IPS policies
Identity-based policies
Automatic real-time updates
Identity-based intrusion reporting
Ability to define multiple policies
Ability to bind IPS policy to a
firewall rule.
Reveals User Identity in Internal
Threats scenario
IPS Features
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam IPS can log / block all type of applications:
Anonymous Surfing:
UltraSurf, TOR, Hotspot, FreeGate, JAP
All external proxies (Regardless of IP / Port)
P2P Applications:
BitTorrent, Limewire, Ares, Bearshare, Shareazaa
Morpheus,
File transfer over MSN, Yahoo, Google Talk
Anonymous VOIP:
Justvoip, LowRateVOIP
IPS Features
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Traffic Discovery
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Data Leakage Report (HTTP Upload)
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Traffic Discovery
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
VPN(VIRTUAL PRIVATE NETWORK)
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam supports SSL-VPN, IPSec, L2TP, PPTP
Threat Free Tunneling (TFT) VPN Firewall Management VPN Bandwidth Management VPN Protection – Antivirus / Antispam / IPS / Content Filtering / DoS
VPN Topologies: Road-Warrior (Remote Access), Site to Site Hub & Spoke
Branch Office Internet Traffic Tunneling over VPN Inter Branch Office Communication
VPN Failover
Main Mode / Aggressive Mode Identity based VPN control using xAuth Local digital certification authority (CA) and support external CA
VPN Features
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Client and Location independent access Authentication - AD, LDAP, RADIUS, Cyberoam Multi-layered Client Authentication - Certificate, Username/Password User & Group policy enforcement Network access - Split and Full tunneling End user Web Portal - Clientless access SSL VPN Tunneling Client - Granular access control to all the Enterprise Network resources Administrative controls: Session timeout, Dead Peer Detection, Portal customization
License Free SSL-VPN:
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Identity Based “On Appliance” Reporting
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam Reports are placed on the appliance
Other UTMsReporting
Module/ Device
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Deployment modes
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam can be deployed in three modes:
Deployment Modes
Bridge / Transparent Mode
Gateway / Route / NAT Mode
Proxy Mode
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam in Gateway Mode
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Default Gateway: 192.168.0.1
Cyberoam in Bridge Mode
Users
Router
Network:192.168.0.x/24
FirewallINT IP: 192.168.0.1/24
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Reduces operational complexity and deployment time
Minimizes errors and lowers administration cost
Cyberoam Central Console - CCC
Enables the MSSPs to
have different
personnel for managing
different customer
deployments
Ease of use with view
of multiple devices and
network status at a
glance
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam – Appliance Details
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
CRi series for SOHO (Small Office-Home Office) & ROBO (Remote Office-Branch Office)
CR 25i
CRi series for Small to Medium Business
CR 50iaCR 100ia
CRi series for Medium Enterprises
CR 200iCR 300iCR 500i
CRi series for Large Enterprises
CR 1000i CR 1500i
Cyberoam Appliances
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
• Identity-based Firewall• VPN• Bandwidth Management• Multiple Link Management• On Appliance Granular Reporting• 8*5 Tech Support & 1 Year Warranty
Subscriptions
• Gateway Anti-Virus Subscription (Anti-malware, phishing, spyware protection included)• Gateway Anti-spam Subscription• Web & Application Filtering Subscription• Intrusion Prevention System (IPS)
Subscription services are available on 1 Year, 2 Year or 3 Year subscription basis
Basic Appliance – One time sale
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
SUMMARY
FIREWALL VPNIPS
(ANTI HACKER)ANTI SPAMANTI VIRUS
BANDWITHMANAGEMENT
WEB CONTENTFILTERING
LOAD BALANCING
&FAILOVERSYSTEM
REPORTING
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam Demo:
http://demo.cyberoam.com
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam – End Point Data ProtectionProtect your Data. Protect your Assets.
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam for End Point Data Protection
1. Data Protection & Encryption
2. Device Management
3. Application Control
4. Asset Management
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Data Protection & Encryption
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Prevent Data Leakage – Email Attachments
Control data shared as attachment in emails Send customized warning message to user and alert to administrator
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Record Data Shared over Webmails
Record content of Webmail such as Yahoo, Gmail & Msn
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Prevent Data Leakage - Attachments over Instant Messengers
Attachment:
.doc NOT ALLOWED
File name: confident NOT ALLOWED
Size: > 2 MB
Control data shared as attachment over Instant Messengers Send customized warning message to user and alert to administrator
.exe
.jpg
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Email Capture
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Before deleting
Operation
Modify
Delete
Fixed
Floppy
CD rom
Removable
Network
Unknown
.jpg
.doc
Before modifying
Before copying/cut to
Before copying/cut from
Mode of Transfer
File Name/Extn.
Back up
Read
Document
Prevent Accidental / Malicious Deletion of Data
Selective Action & Back-up of Document
• Control operations over a document and its mode of transfer• Back up files before specific actions
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
PrinterPrinter Type Selected files/Extn.
Attachment:.xls
Attachment:.doc
Shared
Local
Network
Virtual
Database Server
PrinterPrinter Type Selected files/Extn.
Attachment:.xls
Attachment:.doc
Shared
Local
Network
Virtual
Database Server
Prevent Data Leakage through Printed Files
Copy of Printed File Saved in Database Server
• Control access to printers in the system• Save shadow copy of printed file• Bisa dicustom / ditambah lagi
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Print Capture
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Print Capture
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Encrypt entire device
Attachment:.xls
Attachment:.doc
Attachment:.jpg
Decrypt before reading
Encrypt selected files
Data Sharing Through Removable Devices
• Encrypt all/selected files while writing to removable device• Decrypt files while reading from a removable device only in organization
network
• - Data in your lost USB device cannot be decrypted and is safe
Encrypts Data, Blocks Data Sharing
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Flash disk Policy
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Record Chat Sessions even for SKYPE
Chat session logs
Back up server
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
IM Logs
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
IM Logs
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Device Management
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Protect your Data by controlling data over device
• Allow only authorized devices
Device Management
Storage Device
Communication Interface Device
USB Device
Network Devices Others
Dial Floppy, CD, Burning device, Tape, Removable device
Serial ports, parallel ports, modems, Bluetooth
Dial-up connection
USB keyboard, mouse, modem, storage, hard disk, others
Wireless LAN adapter, PnP adapter, Virtual LAN adapter
Audio equipment, Virtual CDROM, any new device
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Flash disk Policy
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Flash disk Traffic
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Application Control
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Protect your Data by Controlling Applications
• Prevent data loss through unauthorized/indiscriminate use of applications• Granular, policy-based application controls
- Protect sensitive data & enhance employee productivity
- Prevent legal liability, network outages
IM tools
Entertainment(MP3, MP4, MPEG)
Pirated software Screensavers
Password crackers
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Application Capture
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Application Capture
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Application Capture
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Asset ManagementProtect your Assets
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Need for End Point Asset Management
Organizations exposed to higher levels of threats Distributed offices Rise in malware attacks
Tracking Hardware & Software assets Management of hardware/software inventory
Sophisticated attacks – Targeting vulnerabilities Need for timely patch implementation across –
Hundreds or thousands of devices Geographic locations
Immediate need - Centralized, automated asset management
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Fighting Threats with Asset ManagementProtect your Assets
• Seamless IT infrastructure management
• Simplifies tracking of IT asset allocation, configuration, version, historical information
• Control over hardware, software costs
• Automates and centralizes
• Patch management
• Install Software Remotely
• Silently or in user-interactive mode
• Meets security compliance requirements
• Rapid and correct installation of patches• Handling bug fixes across network, geographies
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Asset Capture
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Asset Capture
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Asset Capture
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Asset Capture
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Cyberoam Trial Endpoint Data Protection:
http://cyberoam.com/cyberoam/jsp/trialversion/trialversion.jsp?prdinterest=dataprotection
Cyberoam - Unified Threat ManagementUnified Threat ManagementCyberoam
Nurjiwanto Eka Liman Technology ( ELITE )
YM : [email protected]
Email : [email protected]
Mobile : 085719597711 (021)36972525