Main Page
From Wiki Cyberoam Indonesia
Cyberoam’s new Version X firmware comes with powerful features that strengthen the existing Cyberoam UTM to offer management efficiencies and seamless security, connectivity and productivity to organizations. The most significant features of Version X include an Extensible Security Architecture (ESA), Application Layer 7 Management, 3G/WWAN connectivity, security for HTTPS/SSL traffic, Instant Messaging Archiving & Control, Next-Gen UI, and IPv6 support.
The Version X features will enable Cyberoam UTM appliances to reinforce security and make organizations future-ready for emerging security requirements. The new firmware GUI will remove the clutter from managing UTM appliances. Identity-based policy control, easy management, faster reboot time and a much faster GUI access with Version X will add speed to organizational security.
With Version X features, Cyberoam UTM offers security that is future-ready! Cyberoam’s Extensible Security Architecture (ESA) keeps organizations well ahead of security threats by supporting feature enhancements that can be rapidly developed and deployed with minimum effort. It’s “IPv6 Ready” Gold logo secures organizations for the imminent IPv6 transition. In the age of Cloud computing, organizations need much more than conventional application layer firewalls that just control applications. Cyberoam’s Application Layer 7 Management is a step ahead as it enables businesses by correctly prioritizing applications for the best level of service, taking into account the specific application, the time of day, the bandwidth being consumed and the particular user.
For any progressive business, Instant Messaging can be both – a productivity-enhancer and an easy path for bandwidth and productivity loss. Version X enables organizations to apply policy controls as liberal or restrictive as they need. This allows organizations to convert public IMs to their own private IMs, cutting costs without compromising on security. For maximum uptime and connection integrity, Version X supports 3G and WiMax USB modems for network failover.
Contents |
Next-Gen UI
A security software GUI is as important a security tool as the software itself. A GUI that is not-easy-to-use, not-easy-to-learn and cumbersome results in security risks and errors that ultimately affect organization’s security.
Cyberoam UTM has incorporated the principles of usability and Web 2.0 technology to provide a security software GUI that is easy to use and lets the security administrators feel in control. Given the ubiquitous nature of UTMs in organizations, the aim of this Next-Gen UI is to enable administrators to deploy and configure Cyberoam UTM rapidly and by themselves.
Integration of Web 2.0 technology in Cyberoam’s Next-Gen UI enables it to offer easy navigation, custom controls and intuitive interface to security administrators. This reduces the frequency and severity of errors while using this GUI and enables administrators to recover from errors easily and quickly.
The new GUI supports unified security by allowing creation of rules for all security features – Anti-Malware, Anti-Spam, Intrusion Prevention System, Bandwidth Management, Content Filtering, and more, from the firewall page.
Benefits of Cyberoam’s Next-Gen UI:
- Minimize security errors
- Simplify policy creation and editing
- Speed up response time
- Reduce down time
Future Ready
Organizations are today under attack from new and more sophisticated threats. With these come additional security solutions, security feature enhancements and technology, creating a more complex security system in organizations that may bring down its performance.
Cyberoam UTM’s Extensible Security Architecture (ESA) is built on an extensible platform which can organically grow with future security needs of an organization. This means the UTM solution rapidly adapts itself to mitigate newly-evolving threats from sources such as Web 2.0, VoIP, streaming media, IM, P2P etc. without degrading system performance.
Also, the ESA has the ability to prolong the life and performance of the legacy UTM appliance by supporting future feature enhancements, for which the development can be done very rapidly and with minimum deployment effort. This is a vast improvement over fixed configuration ASIC architecture and hard-coded custom chips whose capability cannot be upgraded as quickly.
Cyberoam’s extensible architecture works in tandem with its Multi-core technology that accelerates parallel processing of multiple security features in Cyberoam UTM to ensure security is not achieved at the cost of performance.
IPv6-Ready
Cyberoam assures security to organizations for the imminent IPv6 transition with “IPv6 Ready” Gold logo that certifies Cyberoam’s ability to identify and process IPv6 traffic. IPv6 – short for "Internet Protocol Version 6" – is the next-generation protocol that will replace the current version Internet Protocol, IP Version 4 (IPv4).
Till now, IPv4 served the so-called computer market with a main focus on connectivity of computers in the large business, government or education markets. The next phase is likely to see demand from markets like the mobile personal computing gadgets and the equipment control market to be networked, resulting in an exponential growth of devices that will need to be connected over the Internet in future.
The global internet routing based on 32-bit addresses of IPv4 is becoming increasingly strained and the Internet will eventually run out of network numbers. IPv6 increases the IP address size from 32 bits to 128 bits, increasing the number of unique IP addresses from 4.3×109 to 3.4×1038.
The “IPv6 Ready” logo is a result of 3000+ rigorous test cases which are a part of an International Testing Program. The tested product needs to pass 100% each of the appropriate conformance and interoperability test assertions. Only on fulfilling these stringent criteria is a product certified as “IPv6 Ready” and awarded a logo.
Compliance with IPv6 has become mandatory in government and other enterprises. In fact, countries like Japan, India, United States, China, France, Spain, Australia and Malaysia have already taken steps in this direction to become “IPv6-enabled” nations.
Layer 7 Management
In the age of Cloud computing, applications residing within the organization’s data centers are today moving out on the cloud, competing with external applications for bandwidth. The growth in number and variety of applications compounded with their availability over the web and acceptance of Software as a Service (SaaS) as mainstream applications is soon to bring about fight for bandwidth for accessing these applications. There is a need to resolve the tussle for users’ time, space and bandwidth between cloud and external applications.
Cyberoam UTM offers visibility and controls over the Application Layer 7 and User Layer 8, enabling the firewall to identify applications and users. Cyberoam integrates firewall with the 4 elements of who (users), which (application), when (time) and what (bandwidth) and ensures the creation of the most efficient, straightforward set of firewall rules to make bandwidth available for critical applications and staggering non-critical application usage.
Cyberoam helps organizations control who is accessing which application, when and using what amount of bandwidth leading to high levels of productivity as well as cost containment by optimizing bandwidth consumed within the organization.
Cyberoam Layer 7 & 8 Visibility & Controls:
- Application QoS
- Identifies applications and users
- Offers application-user-time-bandwidth control
- Delivers assured access to applications
- Delivers productivity gains
- Controls bandwidth costs
- Delivers network and data security
Instant Messaging
Instant Messaging allows speed and ease of communication over emails in organizations to enhance productivity and efficiency. However, most Instant Messaging traffic travels unencrypted over the network, increasing risk of data loss. The lack of audit logs and reports leaves them vulnerable to misuse, raising a threat to productivity and regulatory compliance. For organizations, blocking Instant Messengers is a difficult solution due to their port-agile nature. They can hop ports to tunnel their traffic through an available port through the firewalls, by-passing security that firewalls can provide.
Cyberoam Instant Messaging Controls
Cyberoam offers Identity-based controls for Yahoo Messenger and Windows Live Messenger. Cyberoam scans malware and logs and controls access, conversation, file transfer and voice/webcam between users in the network, giving assurance of security to organizations wary of using public IMs for business productivity.
Cyberoam’s identity-based IM controls offers granular controls to organizations on who can chat with whom that enables a check on productivity. Organizations can ensure data security by blocking file transfers and video/webcam access between users through identity-based controls.
Content Filtering over IM
Cyberoam Instant Messaging controls allow content filtering to blacklist specific keywords and regular expressions that pose a security concern. This feature supports organizations, particularly educational institutions, to remain regulatory compliant by blocking inappropriate content reaching students. Using this feature, organizations can also set policies applicable for business chat for their users.
3G/WiMAX
Constant connectivity to corporate applications and network resources is critical for productivity and fast decision-making in organizations.
Cyberoam supports 3G/WiMAX connectivity by allowing a USB 3G/WiMAX modem to work as primary and failover/back-up link in a business environment to offer seamless connectivity to organizations.
Primary Link
Cyberoam's 3G/WiMAX connectivity serves as a primary link that is cost-effective, flexible and a dependable alternative to wired connection in small organizations, remote branch offices and temporary office set-ups
Failover/Back-up Link
Cyberoam's 3G/WiMAX connectivity ensures continuous up-time through a high-speed wireless WAN connection that can function as a failover/back-up link in large organizations, remote offices, retail stores, mobile users, and more. It assures all-time availability of business-critical applications and transmission of mission-critical data to ensure business continuity even in case of network failure.
