1 / 80

Identity-Based Unified Threat Management One Identity – One Security

Identity-Based Unified Threat Management One Identity – One Security. Presentation. Agenda of Presentation About Company Challenges of UTM Scenario Introduction to Cyberoam Cyberoam Credentials / Awards/ Accreditations Cyberoam Product Walk-thru. Est. in 1999 500+ Employees

naasir
Télécharger la présentation

Identity-Based Unified Threat Management One Identity – One Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identity-Based Unified Threat Management One Identity – One Security Presentation

  2. Agenda of Presentation • About Company • Challenges of UTM Scenario • Introduction to Cyberoam • Cyberoam Credentials / Awards/ Accreditations • Cyberoam Product Walk-thru

  3. Est. in 1999 • 500+ Employees • ISO 9001-2000 Certified • Presence in USA, Asia, Middle East • Product installations in 55+ Countries • Invested by $90bn World’s Largest Private Equity Group

  4. UTM : Unified Threat Management A solution to fight against multiple attacks and threats

  5. UTM UTM Unified threat management (UTM) refers to a comprehensive security product which integrates a range of security features into a single appliance. • A true UTM Appliance should have following features in single • solution: • Firewall • VPN • Intrusion Detection & Prevention • Gateway Level Anti-virus for Mails, Website, File Transfers • Gateway level Anti-spam • Content Identification & Filtering • Bandwidth Management for Applications & Services • Load Balancing & Failover Facilities

  6. Benefits of UTM Appliances Reduced complexity All-in-one approach simplifies product selection, integration and support Easy to deploy Customers, VARs, VADs, MSSPs can easily install and maintain the products Remote Management Remote sites may not have security professionals – requires plug-and-play appliance for easy installation and management Better Man Power Management Reduction in dependency and number of high end skilled Human resources Managed Services Security requirements & day to day operations can be outsourced to MSSPs

  7. Challenges with Current UTM Products Lack of user Identity recognition and control • Inadequate in handling threats that target the user – Phishing, Pharming Unable to Identify source of Internal Threats • Employee with malicious intent posed a serious internal threat • Indiscriminate surfing exposes network to external threats • 50 % of security problems originate from internal threats – Yankee Group • Source of potentially dangerous internal threats remain anonymous Unable to Handle Dynamic Environments • Wi-Fi • DHCP Unable to Handle Blended Threats • Threats arising out of internet activity done by internal members of organization • External threats that use multiple methods to attack - Slammer Lack of In-depth Features • Sacrificed flexibility as UTM tried to fit in many features in single appliance. • Inadequate Logging, reporting, lack of granular features in individual solutions Need for Identity based UTM…

  8. Layer 8 Firewall (Patent-pending Technology)

  9. User Patent Pending: Identity-Based Technology

  10. Cyberoam – Identity Based Security Cyberoam is the only Identity-based Unified Threat Management appliance that provides integrated Internet security to enterprises and educational institutions through its unique granular user-based controls.

  11. CRi series for SOHO (Small Office-Home Office) & ROBO (Remote Office-Branch Office) CR 15wi - Wireless CR 15i CR 25ia CR 35ia CRi series for Medium Enterprises CR 300i CR 500ia CR 750ia CRi series for Large Enterprises CR 1000i CR 1500i Cyberoam Appliances CRi Series CRi series for Small to Medium Business CR 50ia CR 100ia CR 200i

  12. Basic Appliance • Identity-based Firewall • VPN • Bandwidth Management • Multiple Link Management • On Appliance Reporting • 8*5 Tech Support & 1 Year Warranty Subscriptions • Gateway Anti-Virus Subscription (Anti-malware, phishing, spyware protection included) • Gateway Anti-spam Subscription • Web & Application Filtering Subscription • Intrusion Prevention System (IPS) • 8*5 Tech Support & 1 Year Warranty • Subscription services are available on 1 Year, 2 Year or 3 Year subscription basis

  13. 2008 - Emerging Vendor of the Year

  14. Certifications - pipeline ICSA Certification for High Availability ICSA Certified Firewall VPNC Certified for Basic VPN & AES Interoperability Certifications UTM Level 5 complete UTM certification Premium IPS/IDP URL Filtering Firewall Anti-Spyware Anti-Spam VPN Anti-Virus IPv6 compliance

  15. “Fully loaded, with many great features” “packs a more serious punch” “can restrict or open internet access by bandwidth usage, surf time or data transfer”. March 2008 – UTM Roundup Cyberoam CR1000i Five Star Rated – Three Years Running July 2007 – UTM Roundup Cyberoam CR250i Enterprise SMB • “console is well organized and intuitive to navigate” • “flexible and very powerful” Year 2009 – UTM Roundup One of the best UTM Finalist in SC Magazine Awards 2009, Europe Cyberoam has been short-listed as a finalist for the Best SME Security Category

  16. “deserves credit for its flexible configuration options, extensive security, content filtering, and bandwidth management features. “

  17. Awards • 2007 Finalist American Business Awards • Tomorrow’s Technology Today 2007 • Get top tech company • From Zdnet Asia 2008/09 • 2007 Finalist Network Middle East Award • Best Security Product • Best SMB Networking Vendor • Finalist - 2008 Global Excellence in Network Security Solution • VAR Editor’s Choice for Best UTM (2007 –left , 2008-right) • CRN – Emerging Tech Vendors 2007 • Received Gold Award from IDG Channel World Magazine • Best network security vendor 2009 • Finalist – PC pro awards 2009 • for the Business Hardware of the year

  18. GLOBAL PRESENCE (Over 55 Countries)

  19. Global Clientele USA Largest Chain Store

  20. DY Patil Institute of Management Education:

  21. 客戶參考

  22. BSNL BFSI & Govt. Clientele

  23. Malaysia Government Clients

  24. Malaysia Corporate Clients

  25. Cyberoam Product walk thru

  26. Normal Firewall Cyberoam - Identity Based UTM • Rule matching criteria - Source address - Destination address - Service (port) - Schedule • Action - Accept - NAT - Drop - Reject - Identity • However, fails in DHCP, Wi-Fi environment • Unified Threat Controls (per Rule Matching Criteria) • - IDP Policy • - Internet Access Policy • - Bandwidth Policy • - Anti Virus & Anti Spam • - Routing decision

  27. Next Generation Layer 7 Firewall

  28. 80 80 80 21 443 80 443 443 21 443 1st Generation Firewalls Port 80 Port 443

  29. Skype Mail Mail Web Web FTP Web Bit Torrent Application Firewalls – CR Version 9

  30. CRM ERP Sales force You Tube IM Application Web mail Casual Traffic Next Generation Firewalls – Version X Application Firewall Crowd of Applications Bandwidth Management

  31. CRM ERP Sales force You Tube IM Application Web mail Casual Traffic Next Generation Firewalls Application Firewall Crowd of Applications Bandwidth Management

  32. New Architecture & Firmware

  33. Salient Features of the NG GUI

  34. Accordion Menu & TABs for easy navigation of menu items

  35. Easy Access Top Panel

  36. Identity-Based Content Filtering

  37. Web and Application Filtering Features • Database of millions of sites in 82+ categories • Blocks phishing, pharming, spyware URLs • HTTP upload control & reporting • Block & Control Applications such as P2P, Streaming, Videos/Flash • Local Content Filter Database to reduces latency and dependence on network connectivity. • Customized blocked message to educate users about organizational policies and reduce support calls

  38. Identity Based Policies

  39. Educate Users with Custom Denied Messages and Reduce Your Support Calls James

  40.    Key Features Pasted from <http://cyberoam.com/bandwidthmanagement.html> Identity-based Bandwidth Management • Application and Identity-based bandwidth allocation • Committed and burstable bandwidth • Time-based, schedule-based bandwidth allocation • Restrict Bandwidth usage to a combination of source, destination and service/service group

  41. External Authentication

  42. Authentication and External Integration

  43. Advanced Multiple Gateway Features • Active-Active Auto Link Failover & Load Balancing • Active-Passive Auto Link Failover • Source & Destination Routing • Support for more than 2+ ISP links • Schedule based bandwidth assignment • Gateway Alerts on Dashboard • Bandwidth Utilization Graphs

  44. Gateway Anti-Virus

  45. Gateway Anti- Virus Features • Scans WEB, FTP, Pop3, SMTP & IMAP traffic • Self-service quarantine area • Signature update ever 30 Mins • Identity-based HTTP virus reports • Disclaimer Addition to outbound emails • Spyware and other malware protection including “Phishing” emails • Block attachment based on Extensions (exe, .bat, .wav etc)

  46. Gateway Anti-Spam

  47. Gateway Anti-Spam Features • Spam filtering with (RPD) Recurrent Pattern Detection technology • Virus Outbreak Detection (VOD) for zero hour protection • Self-Service quarantine area • Content-agnostic • Change recipients of emails • Scans SMTP, POP3, IMAP traffic

  48. RPD (Recurrent Pattern Detection) • Protects against Image-based Spam and spam in different languages • The spam catch rate of over 98% • 1 in Million false positives in spam • Local cache is effective for >70% of all spam resolution cases

  49. Intrusion Prevention System (IPS)

  50. IPS Features • Multiple and Custom IPS policies Identity-based policies • Identity-based intrusion reporting • Ability to define multiple policies • Reveals User Identity in Internal Threats scenario

More Related