CYBEROAM NEXT-GENERATION FIREWALLS
The mobilization of workforce has led to demand for anytime-anywhere access to network resources. This, along with increasing number of users like customers and partners connecting to an enterprise network from outside is leading to de-perimeterization of enterprise networks. Besides, trends like rise in number of network users and devices, application explosion, virtualization, and more are leading to loss of security controls for enterprises over their networks.
Cyberoam Next-Generation Firewalls (NGFW) with Layer 8 Identity-based technology offer actionable intelligence and controls to enterprises that allow complete security controls over L2-L8 for their future-ready security.
Actionable Intelligence & Controls
Cyberoam's Human Layer 8 acts like a standard abstract layer that binds with real Layers 2-7, enabling enterprises to regain lost security controls. By binding User Identity across Layers 2-7, enterprises can put security checks where they want to from L2-L8, along with complete visibility into user and network activities.
Cyberoam Next-Generation Firewalls are based on CyberoamOS – an intelligent and powerful firmware that offers next-generation security features include inline application inspection and control, website filtering, HTTPS inspection, Intrusion Prevention System, VPN (IPSec and SSL) and QoS/bandwidth management. Additional security features like Web Application Firewall, Gateway Anti-Virus, Gateway Anti-Spam are also available.
Cyberoam offers high performance for enterprises with its powerful hardware appliances and CybeoamOS that has the ability to extract highest level of performance from a multi-core platform and tightly integrates with the hardware for network and crypto acceleration.
Cyberoam's Extensible Security Architecture supports future enhancements like new security features and security updates that can be developed rapidly and deployed with minimum efforts without the need to change the appliance, offering future-ready security to large enterprises. In addition, enterprises can add another appliance in cluster/HA to support more number of users.
The FleXi Ports available in the FleXi Port (XP) security appliances offer flexible network connectivity with I/O slots that allow additional Copper/Fiber 1G/10G ports on the same security appliance, allowing enterprises to upgrade to new technologies easily and cost-effectively, making them future-ready. The FleXi Ports consolidate the number of devices in a network, offering benefits of power efficiency, reduced network complexity and reduced operational costs.
FleXi Ports(XP) Module Options:
8-port 1 GbE Copper Module
4-port 1 GbE Copper Module
with LAN Bypass*
8-port 1 GbE Fiber Module
4-port 10 GbE Fiber Module
* Available on CR1000iNG-XP, CR1500iNG-XP, CR2500iNG-XP appliances
The Cyberoam NGFWs offer next-generation security features to organizations to protect against newly-evolving threats.
Layer 8 Identity-based Security
Cyberoam's Layer 8 Technology treats user identity as the 8th layer or the "human layer" in the network protocol stack. This allows administrators to uniquely identify users, control Internet activity of these users in the network, and enable policy-setting and reporting by username – adding speed to security. Cyberoam's Layer 8 security binds with Layer 2 to Layer 7 giving better security controls over the network and offers Layer 8 Identity-based security over AAA (User Authentication, Service Authorization, Audit with logs /reports).
Application Visibility & Control
With an industry-leading coverage of 2000+ applications, Cyberoam's Application Visibility & Control feature enables prioritization of applications based on User Identity, time, applications, and bandwidth, allowing great flexibility and real L2-L8 visibility & control. Advanced application controls classify applications based on their risk level, characteristics and technology, offering more granular controls. The pro-active protection model eliminates the need for manual intervention by administrator to update policy for new applications that are being added to the list.
Intrusion Prevention System
Cyberoam Intrusion Prevention System protects against network and application-level attacks, securing organizations against intrusion attempts, malware, Trojans, DoS and DDoS attacks, malicious code transmission, backdoor activity and blended threats.
First-of-its-kind On-appliance Reporting
Cyberoam has been the first and only vendor in the industry to offer on-appliance reporting with real-time logs and reports, saving the cost of deploying a dedicated reporting solution. The 1200+ in-depth reports offer real-time visibility into user and network activities, helping organizations to manage security, display compliance and forensic analysis, unmatched by any network security vendor till date. Cyberoam reports include dynamic and animated reports, in-line graphs, and country maps.
Virtual Private Network
Cyberoam VPN (IPSec and SSL) offers secure remote access, ensuring secure endpoints and network with its Threat-free Tunneling Technology.
Cyberoam's award-winning Web Filtering offers one of the most comprehensive URL databases with millions of URLs grouped into 89+ categories. It blocks access to harmful websites, preventing malware, phishing, pharming attacks and undesirable content that could lead to legal liability and direct financial losses.
Web Application Firewall
Cyberoam offers an on-appliance Web Application Firewall subscription to secure websites and Web-based applications in organizations against attacks such as SQL injection, cross-site scripting (XSS), URL parameter tampering, session hijacking, buffer overflows, and more, including the OWASP Top 10 Web application vulnerabilities.
QoS / Bandwidth Management
Cyberoam enables organizations to tie bandwidth policies to users, user groups, Applications, Website Categories, Firewall rules, and more. Cyberoam's granular Layer 7 and Layer 8 Bandwidth controls allow prioritization of business-critical applications and users for bandwidth allocation, ensuring assured QoS for business-critical applications like VoIP and CRM. Granular bandwidth controls allow committed bandwidth to critical users at all times and also allow policies to assign idle bandwidth to other applications automatically, delivering optimal use of idle bandwidth and higher ROI.