Cyberoam

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Cyberoam
Cyberoam - Sophos Logo.png
Type Private
Industry Network security
Founded 1999
Founders Hemal Patel, Ben Casado
Key people CEO: Hemal Patel
Products Cyberoam Next Generation Firewalls and Unified Threat Management for network security, Cyberoam Central Console for centralized security management, Cyberoam iView for centralized visibility, Cyberoam NetGenie for secure homes and small offices
Employees 500+ (Q3 2013)
Website cyberoam.com

Cyberoam Technologies, a Sophos Company,[1] is a global Network Security appliances provider, with a global presence spanning more than 125 countries. The company offers User Identity-based network security in its Next-Generation Firewalls/ Unified Threat Management appliances, allowing visibility and granular control into WHO is accessing WHAT in business networks.[2] For SOHO, SMB and large enterprise networks, this ensures security built around the network user for protection against APTs, insider threats, malware, hacker, and other sophisticated network attacks.

Cyberoam has sales offices located in various locations at regions including North America, EMEA and APAC. It has its customer support and development centers in India and has 450+ employees across the globe. It has a channel-centric approach for its sales[3] and has a global network of 4500+ partners. It offers periodic training programs to its customers and partners.

Product Overview[edit]

Cyberoam’s product range offers network security solution (Next-Generation Firewall and UTM appliances), centralized security management (Cyberoam Central Console appliances), centralized visibility (Cyberoam iView ), and Cyberoam NetGenie for home and small office networks.

Cyberoam network security appliances include multiple features like Firewall – VPN (SSL VPN & IPSec), Gateway Anti-Virus, Anti-Spyware & Anti-Spam, Intrusion Prevention System (IPS), Content & Application Filtering, Web Application Firewall, Application Visibility & Control, Bandwidth Management, Multiple Link Management for Load Balancing and Gateway Failover,[4] over a single platform.

Cyberoam offers visibility and control over 2000+ key applications. It offers complete visibility on which applications are being accessed within the organization and by which user, irrespective of their ports and protocols. This stops sophisticated application-layer threats right at the network perimeter, ensuring Application Security. Granular controls over applications ensure QoS of critical applications.[5]

Cyberoam UTM’s on-appliance reporting gives details on every type of attack, vector, attacker details, victim details and also graphically represents the general security trends in organization. Cyberoam solutions aid the compliance regulatory needs of organizations.

Certifications[edit]

Common Criteria EAL4+ Certification[edit]

Cyberoam's Firewall technology is EAL4+ certified. EAL4+ certification for a security product such as a Firewall requires in-depth evaluation from an independent third-party test lab and is globally regarded a decisive measure of the quality for an IT security product.[6]

ISO 20000:2011 Certification for Support services[edit]

Cyberoam GSMC is global ISO 20000: 2011 certified, for the post sales technical services for its global customers.[7]

Checkmark Certification[edit]

The Cyberoam CR Series is UTM Level 5 Checkmark certified.[8]

ICSA Labs Certified Firewall[edit]

Cyberoam Firewall is certified by the ICSA Labs Firewall Certification.[9] The ICSA Labs Firewall certification demands required by ICSA Labs, an independent division of Cybertrust, validating Cyberoam’s firewall capabilities in effectively protecting customers’ networks from malicious Internet threats.

IPv6 Ready certification[edit]

Cyberoam is ‘IPv6 Ready’ certified, as it can identify and process IPv6 traffic.[10] The IPv6 Ready Logo program driven by the IPv6 Forum is an international testing program that has some 3000 test cases through which a product is rigorously tested.

Identity based Security- Layer 8 Technology[edit]

Cyberoam's Layer 8 Technology[11] also known as Identity based Security, adds an 8th Layer[12] (HUMAN layer) in the network protocol stack, thereby considering user’s identity as part of the firewall rule matching criteria. Cyberoam attaches user identity to security while authenticating, authorizing & auditing (AAA), the network allowing a network administrator to see and control the ‘user’ on a network instead of just an IP address.[13] This enables the administrators to identify users, control Internet activity of users in the network, set user based policies and reporting by username.

Cyberoam Security Training Academy[edit]

Cyberoam Launched a global mission to sign up academies to bridge the demand-supply gap in network security recently called Cyberoam Academy.

In order to propagate knowledge on Identity-based technology among upcoming IT and networking students, Cyberoam has tied up with NESCOT (North East Surrey College of Technology) -its first Master UK Training Academy. NESCOT offers Cyberoam certified security courses which includes basic-level course namely 'CCNSP' (Cyberoam Certified Security Professional)[14] and advanced-level course namely 'CCNSE' (Cyberoam Certified Security Expert).[15]

Cyberoam addresses the industry-prevalent security flaw in HTTPs scan[edit]

A Tor Project researcher and a Google software security engineer revealed in July 2012 that all Cyberoam appliances with SSL traffic inspection capabilities had been using the same self-generated CA certificate by default.[16] This made it possible to intercept traffic from any victim of a Cyberoam device with any other Cyberoam device - or, indeed, to extract the key from the device and import it into other DPI deep packet inspection devices, and use those for interception.[17]

Cyberoam issued an over-the-air (OTA) update for its unified threat management (UTM) appliances[18] in order to force the devices to use unique certificate authority (CA) SSL certificates when intercepting SSL traffic on corporate networks.[19] After the hotfix was applied,[20] each individual appliance was required to have its unique CA certificate.

See also[edit]

References[edit]

  1. ^ Sophos Acquires Cyberoam Technologies - Cyberoam Press Release, 10 Feb 2014
  2. ^ UTM Reviews - By Peter Stephenson, SC Magazine, 1 December 2011
  3. ^ Cyberoam to increase partner base by 25% before March 2012 - By ChannelWorld Bureau, 22 Feb 2012
  4. ^ Cyberoam CR1000ia-Product Review - By Peter Stephenson, SC Magazine, 5 Jan 2012
  5. ^ Cyberoam CR50ia UTM appliance-Hardware Review - By John E Dunn, TechWorld, 23 November 2009
  6. ^ Cyberoam achieves top global security certification - Brian Karlovsky (ARN), 13 September 2013
  7. ^ Cyberoam Technologies Private Limited- APM Group
  8. ^ Checkmark Certification & Platinum Product Awards - Checkmark Certification & Platinum Product Awards
  9. ^ Cyberoam Technologies Pvt. Ltd. - ICSA Labs, 2013
  10. ^ Details of Logo 02-C-000430
  11. ^ Cyberoam Layer 8 Technology - MintmTEC
  12. ^ Cyberoam Layer 8 Technology - ESDS Forums, 29 December 2011
  13. ^ Cyberoam UTM Appliance Family - ICSA Labs, 2011
  14. ^ Cyberoam Certified Network & Security Professional (CCNSP) - CourseKing, Nescot
  15. ^ Cyberoam CCNSE training - VCW Security
  16. ^ TOR project uncovers flaw in mass-surveillance appliance - By Cory Doctorow, Boing Boing, 3 July 2012
  17. ^ Cyberoam deep packet inspection and certificates - By Nathan Willis, LWN, 11 July 2012
  18. ^ Cyberoam updates UTM certs to avoid traffic snooping - By Darren Pauli, SC Magazine Australia, 11 July 2012
  19. ^ Cyberoam’s Proactive Steps in HTTPS Deep Scan Inspection - Cyberoam Blog, 9 July 2012
  20. ^ Cyberoam Fixes SSL Snooping Hole in Network Security Appliances - By Lucian Constantin, IDG News Service, 9 Jul 2012

External links[edit]