8/8/2019 Cyberoam15 i

1/2

Data SheetUnified Threat Management

Identity-based Security in UTMCyberoam attaches the user identity to security, takingenterprises a step ahead of conventional solutions that bindsecurity to IP-addresses. Cyberoam's identity-basedsecurity offers full business flexibility while ensuringcomplete security in any environment, including DHCP andWi-Fi, by identifying individual users within the network-whether they are victims or attackers.

www.cyberoam.com

Features Benefits

Gateway Anti-Virus& Anti-Spyware

!

!

!

Scans HTTP, FTP, IMAP, POP3 and SMTP trafficDetects and removes viruses, worms and TrojansInstant user identification in case of HTTP threats

!

!

!

!

Complete protection of traffic over all protocolsHigh business flexibilityProtection of confidential information

Real-time security

Virtual Private Network !!

!

!

Threat Free TunnelingIndustry standard: IPSec, L2TP, PPTP VPNVPN High Availability for IPSec and L2TP connectionsDual VPNC Certifications - Basic and AES Interop

!

!

!

!

Safe and clean VPN trafficSecure connectivity to branch offices and remote usersLow cost remote connectivity over the InternetEffective failover management with defined connectionpriorities

Stateful Inspection Firewall(ICSA Labs Certified)

!

!

!

!

Powerful stateful and deep packet inspectionFusion technology blends all the components of Cyberoam intoa single firewall policyPrevents DoS & flooding attacks from internal & external sourcesIdentity-based access control for applications like P2P, IM

!

!

!

!

Application layer protectionProvides the right balance of security, connectivity andproductivityFlexibility to set policies by user identityHigh scalability

On-Appliance Reporting !!

Complete Reporting Suite available on the Appliance

Reporting by username

!

!

!

Reduced TCO as no additional purchase required

Instant and complete visibility into patterns of usageInstant identification of victims and attackers in internal network

Multiple Link Management!

!

!

Security over multiple ISP links using a single applianceLoad balances traffic based on weighted round robin distributionLink Failover automatically shifts traffic from a failed link to aworking link

!

!

!

!

Easy to manage security over multiple linksControls bandwidth congestionOptimal use of low-cost linksEnsures business continuity

Bandwidth Management !

!

Committed and burstable bandwidth by hierarchy,departments, groups & usersCategory-based Bandwidth restriction

!

!

Prevents bandwidth congestionPrioritizes bandwidth for critical applications

Content &

Application Filtering

!

!

!

!

!

!

Automated web categorization engine blocks non-work sites

based on millions of sites in over 82+ categoriesURL Filtering for HTTP & HTTPS protocolsHierarchy, department, group, user-based filtering policiesTime-based access to pre-defined sitesPrevents downloads of streaming media, gaming, tickers, adsSupports CIPA compliance for schools and libraries

!

!

!

!

!

!

!

Prevents exposure of network to external threats

Blocks access to restricted websitesEnsures regulatory complianceSaves bandwidth and enhances productivityProtects against legal liabilityEnsures the safety and security of minors onlineEnables schools to qualify for E-rate funding

Intrusion PreventionSystem - IPS

!

!

!

!

Multi-policy capability with policies based on default & customsignatures, source and destinationPrevents intrusion attempts, DoS attacks, malicious code,backdoor activity and network-based blended threatsBlocks anonymous proxies with HTTP proxy signaturesBlocks phone home activities

!

!

!

!

Low false positivesReal-time Security in dynamic environments like DHCP and Wi-FiOffers instant user-identification in case of internal threats Apply IPS policies on users

Gateway Anti-Spam !!

!

!

!

!

Scans SMTP, POP3 and IMAP traffic for spamDetects, tags and quarantines spam mailEnforces black and white listsVirus Outbreak ProtectionContent-agnostic spam protection including Image-spamusingRecurrent Pattern Detection (RPD ) TechnologyIP Reputation-based Spam filtering

TM

!

!

!

!

!

!

Enhances productivityHigh business flexibilityProtection from emerging threatsHigh scalabilityZero hour protection incase of virus outbreaksMulti-language and Multi-format spam detection

Description

Cyberoam UTMCyberoam CR15i is the identity-based security appliance that works on Layer 8,delivering real-time protection against evolving external and internal threats to SmallOffice-Home Office (SOHO) and Remote Office-Branch Office (ROBO) users.

Small, remote offices with limited security like firewall, anti-virus are exposed toInternet threats. Cyberoam delivers comprehensive protection from malware, virus,spam, phishing, pharming and more. Its unique identity-based security protects usersfrom internal threats that lead to data leakage. Cyberoam features include StatefulInspection Firewall, VPN (IPSec), Gateway Anti-Virus and Anti-Spyware, GatewayAnti-Spam, IPS, Content Filtering, Bandwidth Management, Multiple LinkManagement and can be centrally managed with Cyberoam Central Console.

Comprehensive Network Securityfor Small and Remote Offices

Cyberoam CR15iCERTIFIED

VPN

InteroBasi

AESInterowww.check-mark.com

8/8/2019 Cyberoam15 i

2/2

Bandwidth Management

User Identity and Group Based Controls

Networking

Administration & System Management

User Authentication

Logging/Monitoring

On-Appliance Reporting#

VPN Client

Certification

Dimensions

ower

Application and User Identity based Bandwidth Management YesGuaranteed & Burstable bandwidth policy YesMulti WAN bandwidth reporting YesCategory-based Bandwidth restriction Yes

Access time restriction YesTime and Data Quota restriction YesSchedule based Committed and Burstable Bandwidth YesSchedule based P2P and IM Controls Yes

Multiple Link Auto Failover YesWRR based Load balancing YesPolicy routing based on Application and User YesDDNS/PPPoE Client Yes

Dynamic Routing: RIP v1& v2, OSPF, BGP, Multicast Forwarding YesParent Proxy support with FQDN YesDHCP Server and Relay Yes

Web-based configuration wizard YesRole-based administration YesMultiple administrators and user levels YesUpgrades & changes via Web UI YesMulti-lingual support: Chinese, Hindi, French YesWeb UI (HTTPS) YesCommand line interface (Serial, SSH, Telnet) YesSNMP (v1, v2c, v3) YesCyberoam Central Console YesNTP Server Support Yes

Local database YesWindows Domain Control & Active Directory Integration Yes Automatic Windows Single Sign On YesExternal LDAP/RADIUS database Integration YesUser/MAC Binding Yes

Graphical real-time and historical monitoring YesEmail not ificat ion of repor ts, vi ruses and at tacks YesSyslog support Yes

Intrusion events reports YesPolicy violations reports YesWeb Category reports (user, content type) YesSearch Engine Keywords reporting YesData transfer reporting (By Host, Group & IPAddress) YesVirus reporting by User and IPAddress YesCompliance Reports 45+

IPSec compliant YesInter-operabil ity wi th major IPSec VPN Gateways YesSupported platforms: Windows 98, Me, NT4, 2000, XP, Vista YesImport Connection configuration Yes

ICSA Firewall - Corporate YesVPNC - Basic and AES interoperability YesCheckmark UTM Level 5 Certification Yes

CE YesFCC Yes

H x W x D (inches) 1.7 x 6 x 9.1H x W x D (cms) 4.4 x 15.3 x 23.2Weight 1.5 kg, 3.307 lbs

PInput Voltage 100-240VACConsumption 13.2WTotal Heat Dissipation (BTU) 45

Compliance

EnvironmentalOperating Temperature 0 to 40 CStorage Temperature -20 to 75 CRelative Humidity (Non condensing) 10 to 95%Cooling System - Fan Fanless

Support for HTTP Proxy Yes

nterfaces

System Performance*

Gateway Anti-Virus & Anti-Spyware

Virtual Private Network

0/100 Ethernet Ports 30/100/1000 GBE Ports -

Configurable Internal/DMZ/WAN Ports Yes

USB Ports 1Hardware Bypass Segments -

68-bit Triple-DES/AES throughput (Mbps) 15/25Antivirus throughput (Mbps) 20

P (Mbps) 0UTM (Mbps) 5

Console Ports (RJ45/DB9) 1SFP (Mini GBIC) Ports -

Firewall throughput (Mbps) 90New sessions/second 2,000Concurrent sessions 30,000

S throughput 4throughput 1

Multiple Zones security with separate levels of access rulenforcement for each zone Yes

Rules based on the combination of User, MAC, Source &Destination Zone and IP address and Service YesActions include policy based control for IPS, ContentFiltering, Anti virus, Anti spam and Bandwidth Management Yes

Access Scheduling YesPolicy based Source & Destination NAT YesH.323 NAT Traversal Yes02.1q VLAN Support Yes

DoS & DDoS Attack prevention YesMAC & IP-MAC filtering and Spoof prevention Yes

Virus, Worm, Trojan Detection & Removal YesSpyware, Malware, Phishing protection Yes

Automatic virus signature database update Yes

Scans HTTP, FTP, SMTP, POP3, IMAP, VPN Tunnels YesCustomize individual user scanning YesScan and deliver by file size YesBlock by file types Yes

Add disclaimer/signature Yes

Real-time Blacklist (RBL), MIME header check YesFilter based on message header, size, sender, recipient YesSubject line tagging YesP address Black list/White list Yes

Redirect spam mails to dedicated email address Yesmage-based spam filtering using RPD Technology Yes

Zero hour Virus Outbreak Protection Yes

Signatures: Default, Custom YesPS Policies: Multiple, Custom Yes

User-based policy creation YesAutomatic real-time updates from CRProtect networks Yes

Protocol Anomaly Detection YesBlock

- P2P applications e.g. Skype Yes- Anonymous proxies e.g. UItra surf Yes- Phone home activities Yes- Keylogger Yes

nbuilt Web Category Database YesURL, keyword, File type block YesCategories: Default(82+), Custom YesProtocols supported: HTTP, HTTPS YesBlock Malware, Phishing, Pharming URLs YesCustom block messages per category YesBlock Java Applets, Cookies, Active X YesCIPA Compliant YesData leakage control via HTTP upload Yes

PSec, L2TP, PPTP YesEncryption - 3DES, DES, AES, Twofish, Blowfish, Serpent Yes

Hash Algorithms - MD5, SHA-1 YesAuthentication - Preshared key, Digital certificates YesPSec NAT Traversal Yes

Dead peer detection and PFS support YesDiffie Hellman Groups - 1,2,5,14,15,16 YesExternal Certificate Authority support YesExport Road Warrior connection configuration YesDomain name support for tunnel end points YesVPN connection redundancy YesOverlapping Network support YesHub & Spoke VPN support Yes

Stateful Inspection Firewall

Gateway Anti-Spam

ntrusion Prevention System

Content & Application Filtering

Specification

Only for the previous dayAntivirus, IPS and UTM performance is measured based on HTTP traffic as per RFC 3511 guidelines. Actual performance may vary depending on the real network traffic environments.

www.cyberoam.com I sales@cyberoam.com Elitecore Product

Toll Free NumbersUSA : |APAC/MEA : | Europe :

+1-877-777-0368 : 1-800-301-00013

+1-877-777-0368 +44-808-120-3958India

Copy r igh t 1999-2009El i t ec o reTechno l og ie s L td . A l lR ig h t sR ese rv ed .Cyberoam and Cyberoam logo are registered trademark of Elitecore Technologies Ltd. AlthoughElitecorehasattemptedtoprovideaccurateinformation,Elitecoreassumesno responsibilityforaccuracyor completeness of information neither is this a legally binding representation. Elitecore has the right tochange,modify,transferorotherwiserevisethepublicationwithoutnotice. PL-10-96034-091117 Unified Threat Managemen