slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Identity-Based Unified Threat Management One Identity – One Security PowerPoint Presentation
Download Presentation
Identity-Based Unified Threat Management One Identity – One Security

Loading in 2 Seconds...

play fullscreen
1 / 80

Identity-Based Unified Threat Management One Identity – One Security - PowerPoint PPT Presentation


  • 178 Views
  • Uploaded on

Identity-Based Unified Threat Management One Identity – One Security. Presentation. Agenda of Presentation About Company Challenges of UTM Scenario Introduction to Cyberoam Cyberoam Credentials / Awards/ Accreditations Cyberoam Product Walk-thru. Est. in 1999 500+ Employees

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Identity-Based Unified Threat Management One Identity – One Security' - baird


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Identity-Based Unified Threat Management

One Identity – One Security

Presentation

slide2

Agenda of Presentation

    • About Company
    • Challenges of UTM Scenario
    • Introduction to Cyberoam
    • Cyberoam Credentials / Awards/ Accreditations
    • Cyberoam Product Walk-thru
slide3

Est. in 1999

  • 500+ Employees
  • ISO 9001-2000 Certified
  • Presence in USA, Asia, Middle East
  • Product installations in 55+ Countries
  • Invested by $90bn World’s Largest Private Equity Group
slide4

UTM : Unified Threat Management

A solution to fight against multiple attacks and threats

slide5

UTM

UTM

Unified threat management (UTM) refers to a comprehensive

security product which integrates a range of security features

into a single appliance.

  • A true UTM Appliance should have following features in single
  • solution:
    • Firewall
    • VPN
    • Intrusion Detection & Prevention
    • Gateway Level Anti-virus for Mails, Website, File Transfers
    • Gateway level Anti-spam
    • Content Identification & Filtering
    • Bandwidth Management for Applications & Services
    • Load Balancing & Failover Facilities
slide6

Benefits of UTM Appliances

Reduced complexity

All-in-one approach simplifies product selection, integration and support

Easy to deploy

Customers, VARs, VADs, MSSPs can easily install and maintain the products

Remote Management

Remote sites may not have security professionals – requires plug-and-play appliance for easy installation and management

Better Man Power Management

Reduction in dependency and number of high end skilled Human resources

Managed Services

Security requirements & day to day operations can be outsourced to MSSPs

slide7

Challenges with Current UTM Products

Lack of user Identity recognition and control

  • Inadequate in handling threats that target the user – Phishing, Pharming

Unable to Identify source of Internal Threats

  • Employee with malicious intent posed a serious internal threat
  • Indiscriminate surfing exposes network to external threats
  • 50 % of security problems originate from internal threats – Yankee Group
  • Source of potentially dangerous internal threats remain anonymous

Unable to Handle Dynamic Environments

  • Wi-Fi
  • DHCP

Unable to Handle Blended Threats

  • Threats arising out of internet activity done by internal members of organization
  • External threats that use multiple methods to attack - Slammer

Lack of In-depth Features

  • Sacrificed flexibility as UTM tried to fit in many features in single appliance.
  • Inadequate Logging, reporting, lack of granular features in individual solutions

Need for Identity based UTM…

slide9

User

Patent Pending: Identity-Based Technology

slide10

Cyberoam – Identity Based Security

Cyberoam is the only Identity-based Unified Threat Management appliance that provides integrated Internet security to enterprises and educational institutions through its unique granular user-based controls.

slide11

CRi series for SOHO (Small Office-Home Office)

& ROBO (Remote Office-Branch Office)

CR 15wi - Wireless

CR 15i

CR 25ia

CR 35ia

CRi series for Medium Enterprises

CR 300i

CR 500ia

CR 750ia

CRi series for Large Enterprises

CR 1000i

CR 1500i

Cyberoam Appliances CRi Series

CRi series for Small to Medium Business

CR 50ia

CR 100ia

CR 200i

slide12

Basic Appliance

  • Identity-based Firewall
  • VPN
  • Bandwidth Management
  • Multiple Link Management
  • On Appliance Reporting
  • 8*5 Tech Support & 1 Year Warranty

Subscriptions

  • Gateway Anti-Virus Subscription (Anti-malware, phishing, spyware protection included)
  • Gateway Anti-spam Subscription
  • Web & Application Filtering Subscription
  • Intrusion Prevention System (IPS)
  • 8*5 Tech Support & 1 Year Warranty
  • Subscription services are available on 1 Year, 2 Year or 3 Year subscription basis
slide14

Certifications - pipeline

ICSA Certification for High Availability

ICSA Certified Firewall

VPNC Certified for Basic VPN & AES Interoperability

Certifications

UTM Level 5 complete UTM certification

Premium

IPS/IDP

URL Filtering

Firewall

Anti-Spyware

Anti-Spam

VPN

Anti-Virus

IPv6 compliance

five star rated three years running

“Fully loaded, with many great features”

“packs a more serious punch”

“can restrict or open internet access by bandwidth usage, surf time or data transfer”.

March 2008 – UTM Roundup

Cyberoam CR1000i

Five Star Rated – Three Years Running

July 2007 – UTM Roundup

Cyberoam CR250i

Enterprise

SMB

  • “console is well organized and intuitive to navigate”
  • “flexible and very powerful”

Year 2009 – UTM Roundup

One of the best UTM

Finalist in SC Magazine Awards 2009, Europe Cyberoam has been short-listed as a finalist for the Best SME Security Category

slide16

“deserves credit for its flexible configuration options, extensive security, content filtering, and bandwidth management features. “

slide17

Awards

  • 2007 Finalist American Business Awards
  • Tomorrow’s Technology Today 2007
  • Get top tech company
  • From Zdnet Asia 2008/09
  • 2007 Finalist Network Middle East Award
  • Best Security Product
  • Best SMB Networking Vendor
  • Finalist - 2008 Global Excellence in Network Security Solution
  • VAR Editor’s Choice for Best UTM (2007 –left , 2008-right)
  • CRN – Emerging Tech Vendors 2007
  • Received Gold Award from IDG Channel World Magazine
  • Best network security vendor 2009
  • Finalist – PC pro awards 2009
  • for the Business Hardware of the year
slide19

Global Clientele

USA Largest Chain Store

slide22

BSNL

BFSI & Govt. Clientele

slide26

Normal Firewall

Cyberoam - Identity Based UTM

  • Rule matching criteria

- Source address

- Destination address

- Service (port)

- Schedule

  • Action

- Accept

- NAT

- Drop

- Reject

- Identity

  • However, fails in DHCP, Wi-Fi environment
  • Unified Threat Controls (per Rule Matching Criteria)
    • - IDP Policy
    • - Internet Access Policy
    • - Bandwidth Policy
    • - Anti Virus & Anti Spam
    • - Routing decision
slide27

Next Generation

Layer 7 Firewall

slide28

80

80

80

21

443

80

443

443

21

443

1st Generation Firewalls

Port 80

Port 443

slide29

Skype

Mail

Mail

Web

Web

FTP

Web

Bit

Torrent

Application Firewalls – CR Version 9

slide30

CRM

ERP

Sales

force

You

Tube

IM

Application

Web

mail

Casual

Traffic

Next Generation Firewalls – Version X

Application Firewall

Crowd of Applications

Bandwidth Management

slide31

CRM

ERP

Sales

force

You

Tube

IM

Application

Web

mail

Casual

Traffic

Next Generation Firewalls

Application Firewall

Crowd of Applications

Bandwidth Management

slide37

Web and Application Filtering Features

  • Database of millions of sites in 82+ categories
  • Blocks phishing, pharming, spyware URLs
  • HTTP upload control & reporting
  • Block & Control Applications such as P2P, Streaming, Videos/Flash
  • Local Content Filter Database to reduces latency and dependence on network connectivity.
  • Customized blocked message to educate users about organizational policies and reduce support calls
slide40

   Key Features

Pasted from <http://cyberoam.com/bandwidthmanagement.html>

Identity-based Bandwidth Management

  • Application and Identity-based bandwidth allocation
  • Committed and burstable bandwidth
  • Time-based, schedule-based bandwidth allocation
  • Restrict Bandwidth usage to a combination of source, destination and service/service group
slide43

Advanced Multiple Gateway Features

  • Active-Active Auto Link Failover & Load Balancing
  • Active-Passive Auto Link Failover
  • Source & Destination Routing
  • Support for more than 2+ ISP links
  • Schedule based bandwidth assignment
  • Gateway Alerts on Dashboard
  • Bandwidth Utilization Graphs
slide45

Gateway Anti- Virus Features

  • Scans WEB, FTP, Pop3, SMTP & IMAP traffic
  • Self-service quarantine area
  • Signature update ever 30 Mins
  • Identity-based HTTP virus reports
  • Disclaimer Addition to outbound emails
  • Spyware and other malware protection including “Phishing” emails
  • Block attachment based on Extensions (exe, .bat, .wav etc)
slide47

Gateway Anti-Spam Features

  • Spam filtering with (RPD) Recurrent Pattern Detection technology
  • Virus Outbreak Detection (VOD) for zero hour protection
  • Self-Service quarantine area
  • Content-agnostic
  • Change recipients of emails
  • Scans SMTP, POP3, IMAP traffic
slide48

RPD (Recurrent Pattern Detection)

  • Protects against Image-based Spam and spam in different languages
  • The spam catch rate of over 98%
  • 1 in Million false positives in spam
  • Local cache is effective for >70% of all spam resolution cases
slide50

IPS Features

  • Multiple and Custom IPS policies Identity-based policies
  • Identity-based intrusion reporting
  • Ability to define multiple policies
  • Reveals User Identity in Internal Threats scenario
slide51

Cyberoam in Numbers

More than virus signatures in the anti-virus database

500,000

82+

URLs categorized in categories

More than 50 Million

More than 5500+

* 98%

IPS Signatures

Spam Detection

False Positives

* 1 in million

other network system features
Other Network / System Features
  • High Availability (Active-Active / Active-Passive)
  • Stateful Failover
  • VPN Failover
  • Dynamic Routing (RIP, OSPF, BGP)
  • NTP Support
  • Multiple Configurable Syslog Server Support
  • GUI based Real Time Firewall Log
  • Roll Back (Roll back to last upgraded version)

… And Much More

slide53

Multicore Processor-based Cyberoam

  • What is Multi-core:
  • More than one processors working together to achieve high processing power.

Benefits:

  • Purpose-built Hardware
  • True Parallel Processing
  • Each processor is programmed to run tasks parallel
  • In case of a new attack, Cyberoam appliances do not suffer from performance degradation associated with switching from ASIC-based acceleration to general-purpose processors.
slide54

Cyberoam Reports are placed on Appliance

Other UTMs

Reporting Module/ Device

slide56

iView

(Cyberoam Aggregated Reporting & Logging Software)

  • Subscription free On-Appliance Reporting
  • Real-time Monitoring and Alerting
  • Over 1100+ Drilldown Reports
  • Reports in HTML, MHTML, PDF, & CSV formats & Email Alerts
  • Web 2.0 GUI and Reporting interface.
slide63

Instant Messaging

Logging & Control

slide64

Instant Messaging Logging & Control

  • Yahoo & Windows Live Messaging
  • Control Who Communicates with Whom
  • Control Webcam usage
  • Control Voice Usage
  • Individual as well as Group Control
slide65

Instant Messaging & Control

Control communication medium

(chat, video, voice)

Archive Communication

Data Protection

Control who can chat with whom

Productivity

slide66

VPN Features

  • Cyberoam supports IPSec, SSL VPN, L2TP, PPTP
  • Threat Free Tunneling (TFT)
    • VPN Firewall Management
    • VPN Bandwidth Management
    • VPN Protection – Antivirus / Antispam / IPS / Content Filtering / DoS
  • VPN Topologies:
    • Road-Warrior (Remote Access), Site to Site
    • Hub & Spoke
    • VPN Failover
  • Main Mode / Aggressive Mode
  • Identity based VPN control using xAuth
  • Local digital certification authority (CA) and support external CA
slide67

SSL VPN Enhancements

  • Application Access Mode within Web Browzer
    • HTTP, HTTPS
    • RDP
    • Telnet , SSH
    • FTP
  • SSL VPN Client
    • Save Password
    • Auto Start VPN Connection
slide68

Stability

& Performance

slide69

Stability & Performance

  • Firmware based approach
    • ~10 second Soft Reboot Time
    • Fast GUI Access
  • Extensible Architecture vs ASIC
    • Preparing for upcoming threats
  • HTTP Proxy Enhancements for HTTP 1.1 protocol
  • Extensive Logging and Log Viewer for Instant Troubleshooting
  • Getting ready for the Enterprise.
slide70

…And Much More

  • Role Based Access Control
  • Multiple Authentication Support for User
  • External Authentication for Administrator
  • Customer My Account Revamp
  • HTTP DDoS attack protection
  • Naming Firewall Rules for easy troubleshooting
  • HTTP & FTP scanning over custom ports
slide71

…And Much More

  • Inline Captive Portal
    • HTTPS
  • Super Enhanced Packet Capture Log & Log Viewer
  • VLAN over WAN
  • Support for MD5 Authentication for RIP & OSPF
  • Enhanced IPS Actions
    • Drop Connection
    • Drop Attack Source
slide74

IPv6 Ready

  • Only the 2nd UTM
  • IPv4IPv6 tunneling
  • IPv6IPv4 tunneling
slide76

Version X

Summary

slide77

Security

Connectivity

Productivity

  • 3G Support
  • IPv6 Ready
  • SSL VPN Application Access Mode
  • Application Control
  • SSL (HTTPS) Scanning
  • Instant Messaging Control
  • Firmware based Approach
  • Usable GUI
  • Performance
slide78

Cyberoam: Identity-based Security

  • Overview of Cyberoam’s Security Approach:
  • Who do you give access to: An IP Address or a User?
  • Whom do you wish to assign security policies:
  • Username or IP Addresses?
  • In case of an insider attempted breach, whom do you wish to see: User Name or IP Address?
  • How do you create network address based policies in a DHCP and a Wi-Fi network?
  • How do you create network address based policies for shared desktops?