Cyberoam

Cyberoam’s product range offers solutions for network security (Cyberoam UTM appliances), centralized security management (Cyberoam Central Console appliances), centralized logging and reporting (iView appliance and open source software), endpoint data protection (Cyberoam Endpoint Data Protection appliances).

Cyberoam UTM appliances include multiple features like Firewall – VPN (SSL VPN & IPSec), Gateway Anti-Virus, Anti-Spyware & Anti-Spam, Intrusion Prevention System (IPS), Content & Application Filtering, Web Application Firewall, Bandwidth Management, Multiple Link Management for Load Balancing and Gateway Failover,^[3] over a single platform.

Cyberoam's application control options like Instant Messaging (IM) Archiving & Control offer control over chat, file transfer and audio-video over IMs; managing http upload by blocking attachments over emails and stopping file transfers over P2P.^[4]

Cyberoam UTM’s on-appliance reporting gives details on every type of attack, vector, attacker details,victim details and also graphically represents the general security trends in organization. Cyberoam solutions aid the compliance regulatory needs of organizations.

Cyberoam's Layer 8 Technology^[5] also known as Identity based Security, adds an 8th Layer^[6] (HUMAN layer) in the network protocol stack, thereby considering user’s identity as part of the firewall rule matching criteria. Cyberoam attaches user identity to security while authenticating, authorizing & auditing (AAA), the network allowing a network administrator to see and control the ‘user’ on a network instead of just an IP address.^[7] This enables the administrators to identify users, control Internet activity of users in the network, set user based policies and reporting by username.

In order to propagate knowledge^[8] on Identity-based technology among upcoming IT and networking students, Cyberoam has tied up with NESCOT (North East Surrey College of Technology) -its first Master UK Training Academy. NESCOT offers Cyberoam certified security courses which includes basic-level course namely 'CCNSP' (Cyberoam Certified Security Professional)^[9] and advanced-level course namely 'CCNSE' (Cyberoam Certified Security Expert).^[10]

A Tor Project researcher and a Google software security engineer revealed in July 2012 that all Cyberoam appliances with SSL traffic inspection capabilities had been using the same self-generated CA certificate by default.^[11] This made it possible to intercept traffic from any victim of a Cyberoam device with any other Cyberoam device - or, indeed, to extract the key from the device and import it into other DPI deep packet inspection devices, and use those for interception.^[12]

Although Cyberoam was singled out in this case, as the whole industry uses the same methodology of shipping a default CA certificate with appliances that are capable of performing SSL traffic inspection, Cyberoam fixed the hole in network security appliances inspecting the HTTPS traffic by releasing an OTA on an immediate basis that put the Cyberoam appliances at a greater security level than the rest of the industry that does HTTPS deep scan.

Cyberoam issued an over-the-air (OTA) update for its unified threat management (UTM) appliances^[13] in order to force the devices to use unique certificate authority (CA) SSL certificates when intercepting SSL traffic on corporate networks.^[14] After the hotfix was applied,^[15] each individual appliance was required to have its unique CA certificate.

• Unified Threat Management
• Network Security

1. ^ http://www.scmagazine.com/utm/article/217442/
2. ^ http://www.channelworld.in/news/cyberoam-increase-partner-base-25-march-2012-175842012
3. ^ http://www.scmagazineuk.com/cyberoam-cr1000ia/review/3696/
4. ^ http://review.techworld.com/security/3206992/cyberoam-cr50ia-utm-appliance/
5. ^ http://www.minttec.com/blog/?p=306
6. ^ http://forums.esds.co.in/f5/cyberoam-layer-8-technology-4325/
7. ^ https://www.icsalabs.com/product/cyberoam-utm-appliance-family
8. ^ http://en.wikipedia.org/wiki/Professional_certification_%28computer_technology%29
9. ^ http://www.courseking.in/course-areas/ites-and-bpo/cyberoam-certified-network-and-security-professional-(ccnsp)/
10. ^ http://www.vcwsecurity.com/training
11. ^ http://boingboing.net/2012/07/03/tor-project-uncovers-flaw-in-m.html
12. ^ http://lwn.net/Articles/506337/
13. ^ http://www.scmagazine.com/cyberoam-updates-utm-certs-to-avoid-traffic-snooping/article/249833/
14. ^ http://www.cyberoam.com/blog/cyberoams-proactive-steps-in-https-deep-scan-inspection/
15. ^ http://www.pcworld.com/article/258973/cyberoam_fixes_ssl_snooping_hole_in_network_security_appliances.html

• http://www.cyberoam.com/
• http://www.cyberoamta.com/
• http://elitecore.com/

This article has not been added to any categories. Please help out by adding categories to it so that it can be listed with similar articles. (May 2013)