DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM

www.cyberoam.com © Copyright 2012 Elitecore Technologies Pvt. Ltd. All Rights Reserved.

Securing You

Justinas Valentukevičius

Channel Manager Baltics

Unified Threat

Management

Future-ready Security


Securing You

Agenda of Presentation

Let’s meet - Brief introduction to Cyberoam

Layer 8, WAF and other nice features in Cyberoam UTM

Next generation firewall or maybe Next generation UTM

Announcement of NG Series and Virtual UTM

Technical live DEMO later today 15:15 PM


Securing You

About Cyberoam

Sales, Distribution Channel and Customers across 110+ Countries

800+ Employees

Elitecore technologies founded in 1999

Cyberoam UTM introduced in 2006 (Baltics in 2010)

Patent Pending Identity-based Management

Among the Top 3 UTM players in Gartner


Securing You

Cyberoam’s Holistic IT Security Portfolio

Securing the IT network

Centralized security

management for remote

/branch offices & clients

Network Monitoring &

Analysis

Virtual UTM (from

December 2012)

Unified Threat

Management

& Open

Source


Securing You

2012

Magic Quadrant for Unified

Threat Management

Cyberoam pagal Gartner


Securing You

Evolution


Securing You

Seriously, is it enough??


Securing You

Trends in Security

Basic security began with firewalls

As threats increased, other solutions were introduced

Virus attacks rose in number and intensity

6 % business emails contained viruses

– IBM

That’s a staggering cost of $281-$304

per PC

Email became more prevalent

Spam rose

Average spam messages per day –

18.5

Time spent deleting them – 2.8

mintues.

Average time lost in a day – 51.8 mts

14 % spam recipients actually read

spam

4 % buy products advertised by spam

21 % spam in Jan 2005 was porn

Slammer fueled the need for Intrusion Detection & Prevention

High number of employees start accessing the Internet

Connectivity to branches, partners and remote workers

25 % systems to be infected with

spyware by this year– Forrester

65 % companies say they will invest in

anti-spyware tools and upgrades

Phishing mails grew 5,000 % last year

Pharming makes an entry

1 in 5 employees view online

pornography at work

70 percent of adult websites are hit

between 9 am and 5 pm

30-40 percent of employees'

Internet activity is not business

related

Blended threats emerge to exploit extensive Internet usage

Slammer Hit on Saturday, January

25, 2003, 0030

Lost revenue spilled over halfway

into the next week

Total cost of the bailout: more than

$1 billion

Till today, no accountability has

been established

Firewalls enjoyed a monopoly until the

starting of the 21st century

Initial Firewalls were Stateless

Firewalls which could not control the

initiation of communication

Later Stateful became more prevalent

Evolution of Network Security


Securing You


Securing You

Where are Networks moving to?

• High speed Internet (Baltics among TOP countries)

• More devices per user – More devices connecting to Internet (BYOD)

• More web-applications being accessed

• Increase in usage of data


Securing You

What is usual here, in Baltics?

Usually we are really well technologically

educated and so we understand the need of

Enterprise solutions – and we need the best !

However…

Usually we are quite limited with our budget

WHAT WE ARE LOOKING FOR IS BEST TECHNOLOGY FOR

THE AFFORDABLE PRICE !

Usually we are relatively small in size


Securing You

Next generation security


Securing You

NGFW created a buzz in security circles

What is so different about them?

Gartner's Definition of the Next Generation Firewall (NGFW)

“A wire-speed integrated network platform that performs deep inspection of

traffic and blocking of attacks”.

Next Generation Firewall indicates “the necessary evolution of a firewall”

to deal with the changing IT environment in businesses and the consequent

evolution in security threats posing to bring these very businesses down.


Securing You

Next Generation Firewall

FW with SI and integrated with IPS, VPN, Web/application

Filtering, IM Controls and Web Application Firewall

+ Providing Anti Virus and Anti Spyware, Anti Spam,

Bandwidth Management, Multi Link Management, HA

and On-appliance Reporting.

IPS tightly integrated with FW.

Policy creation of multiple features in a single FW interface.

+ All security modules are bound together keeping

User Identity as the base.

Granular application control

Real-time Visualization

Secure Application Layer Vulnerabilities

Network Visibility based on users and not IP Addresses

Integration with AD, LDAP and RADIUS Servers.

Integrates hardware acceleration and automation into a wide

range of packet processing and application-specific

functions

+ Virtual UTM series consolidates network security in

virtualized environments

Cyberoam Next Generation UTM

Standard first-generation firewall capabilities like

packet filtering, NAT, stateful protocol inspection

and VPN capabilities

Integrated, rather than merely collocated,

network intrusion prevention

Application awareness and full stack visibility

Extra firewall intelligence

Support upgrade paths for integration of new

information feeds and new techniques to

address future threats


Securing You

Cyberoam Unified Threat Management

Gateway Integrated security

over single platform

Unique Identity-based Layer 8

approach penetrates through

each security module


Securing You

• Numbers – Hard & Boring

to remember!

Names - Used daily!!!

192.1

68.1

0.1

22

172.1

7.1

2.1

23

10.1

2.1

1.2

3

Human approach in Security


Securing You

User Login

Cyberoam

Authenticates

• User Name

• IP Address

• MAC Id

• Session Id

Cyberoam

Authorizes

• Internet surfing quota

• Schedule control

• Security Policies

• Web Filtering

• Application Visibility & Control

• QoS / Bandwidth Management

• IM Controls

Cyberoam

Audits

• Identity - based

Logs + Reports

• Compliance Reports • MAC Id

• Session Id

Cyberoam Layer 8 AAA Advantage


Securing You

Fusion Technology driven SI Firewall

- Interface for achieving Unified Security

Rules for all security features from firewall page

Identity-based policies enable security,

connectivity, productivity

- Easy to configure with Next-Gen UI

Easy navigation, custom controls, intuitive

interface

- Fewer security errors - Increases security

- Enhances administrative productivity

- Shorter learning curves

: Indicates a feature that is either unique to Cyberoam or it was

first introduced in the Industry by Cyberoam


Securing You

Virtual Private Network (VPN)

- Anywhere, any device secure remote connectivity

- Supports

IPSec, L2TP, PPTP technologies

SSL-VPN

- Client-type independent Web access mode

- Application access mode

- Client mode

Threat Free Tunneling (TFT) Technology

Scans traffic entering VPN tunnel for:

- Malware

- Spam

- Inappropriate content

- Intrusion attempts

- Maintains secure endpoint and network

environments


Securing You

Cyberoam’s Layer 8 Identity based security extended to mobile

devices

Securely connect your iPhone, iPad and Android devices to your

corporate network through VPN

Mobile VPN for iOS and Android devices

L2TP VPN (New)

Android

IPSec VPN (New)

L2TP VPN

PPTP VPN

iOS


Securing You

Cyberoam CISCO VPN for iOS


Securing You

SSL VPN user portal


Securing You

Intrusion Prevention System

- Layer 8 and IPS Tuner driven Cyberoam IPS Identity-based IPS policies per user or group

Identity-based alerts and reports

- Visibility into applications usage

- User, Source, Destination, Usage

- Overview of threat status

- Top alerts, top attackers, top victims

3500+ signatures – broadest security cover

Internet Threat Response Team

Allows multiple IPS policies


Securing You

Gateway Anti-Malware

- 4 million+ signatures

- Bi-directional scanning of web & email

- Self-service Virus Quarantine

- Reduced window of vulnerability

Broadest security cover against all malware

- Scans

HTTP, FTP, SMTP, POP3

HTTPS, IMAP

Instant Messenger traffic

- Layer 8 Impact

Identity-based virus reports

- Instant visibility into attacker/victim

Identity-based Quarantine policies Indicates feature offered only by

top-rated UTMs

Anti-Virus

Anti-Spyware


Securing You

Gateway Anti-Spam

- IP Reputation Filtering

Blocks 85% of incoming messages at gateway

- Saves bandwidth

- Near 98% spam detection

- False Positive rate of 1 in a million

Reduces fear of losing business emails

- Self-Service quarantine area

- User-based Spam Digest

Frees administrator time & management

- Manage Email recipients

Data leakage prevention and archiving

Premium


Securing You

– Protects against OWASP top

10 vulnerabilities

– SSL Offloading

– Monitoring & Reporting

Web Application Firewall Subscription

Firewalls/IPS cannot protect a web application from unknown threats

Cyberoam WAF Features include

– Positive protection model and No Signature Tables

– Intuitive website flow detector automatically

adapts to website changes


Securing You

Cyberoam iView – On-Appliance Logging & Reporting

- Ability to log and report activities

- LAYER 8 - Identity-based logging and reporting –

Pinpoints the user

- Security Management

iView dashboard- Shows network attacks on single screen

Drill-down reports – 3rd level drill-down for attack details

1000+ Reports

- Log Management

- Compliance Management

HIPAA, PCI DSS, GLBA, and more

- Forensic Analysis


Securing You

Traffic Dashboard

Dual Dashboard – Traffic and Security Dashboard

Securing You


Securing You

Security Dashboard


Securing You


Securing You

Security Dashboard


Others: Rest of records N/A: Private IP


Securing You

Graphical overview of Data transfer and Risk level

Country Maps for Source/Destination Traffic


Securing You

Web & Content Filtering

- Industry’s most comprehensive URL

database

82+ categories

44 million+ URLs

- On-appliance web category database

Faster access

Surfing pattern privacy

- Controls access to HTTP & HTTPS

hosted websites

Increases productivity

Premium


Securing You

Username / IP Address Application Based Control.

Identity based Technology - The Reason


Securing You


Securing You

IM MANAGEMENT & CONTROL

Allow or block Skype

Control access to leading Instant Messengers

(Yahoo, Windows Live)

Control over Chat, Webcam, File Transfer

Log & monitor chat

Filter content over IM: Blacklist certain keywords or

regular expressions to prevent data leakage


Securing You

Best of Breed Bandwidth Management/QoS

- Application and Identity-based bandwidth allocation

- Category wise Bandwidth management

- Restrict Bandwidth usage for a combination of source,

destination and service/service group

- Schedule-based bandwidth allocation

- Committed and burstable bandwidth


Securing You

Identity Based Policies Identity Based Policies


Securing You

Enterprise - CR 2500iNG

- CR 1500i

- CR 1000i

- CR 750ia

- CR 500ia

SME - CR 300i

- CR 200i

- CR 100ia

- CR 50ia

Small offices - CR 35ia

- CR 25ia

- CR 15i

- CR 15wi

Cyberoam UTM Product Range


Securing You

Powerful Hardware

Superior Quality

Performance Leap

Value for Money

All-New Firmware

Future-Ready

Security

The Cyberoam NG Series and Virtualization


Securing You

Cyberoam Certifications

Anti-Virus Anti-Spyware Anti-Spam URL Filtering Firewall VPN IPS/IDP

UTM Level 5: Cyberoam holds a unique & complete UTM certification

ICSA Certified Firewall VPNC Certified for Basic

VPN & AES Interoperability

ICSA Certified

High-Availability

Premium Premium

IPv6

Ready

Member of

Internet Watch

Foundation

http://cf.v6pc.jp/logo_db/approved_logo_search.php?logoid_number=02-C-000430&btm=Search

http://www.iwf.org.uk/funding/page.64.htm


Securing You

Reviews and Awards

Cyberoam CR35ia

outshines competitors in

SOHO UTM Group Test

http://review.techworld.com/hardware/3206992/cyberoam-cr50ia-utm-appliance/?view=verdict&intcmp=rv-ia-tb-4

http://pcquest.ciol.com/content/hardware/2010/110043001.asp


Securing You

Cyberoam Online Demo:

http://livedemo.cyberoam.com

(Username: guest, Password: guest)

Contact information:

Email: [email protected]

Skype: justinas.cyberoam

+370 615 43623

THANK YOU !

http://livedemo.cyberoam.com/corporate/webpages/login.jsp

mailto:[email protected]


Securing You