/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsCyberoam is an identity (users) based unified threat
management (UTM) appliance, which does content filtering, bandwidth management,
firewall—VPN, anti-virus, anti-spam and spyware blocking. It can be configured
as a gateway or a bridge. In the former mode, it can act as a firewall and
provide routing traffic capabilities. It also provides load balancing and
gateway fail-over functionalities in this mode. Whenever Cyberoam detects a
failed link, it stops sending traffic to it and instead sends it to the other
available link. If two or more links are active when failure is detected,
traffic is distributed among the active links in the ratio of the weights
assigned to them. If you already have a firewall running and you don't want to
change it, then Cyberoam can be used in the Bridge mode. But in this mode,
you'll not get any routing, anti-virus and anti-spam features.
|
Price: Rs 1.2 lakh (1 yr warranty) |
|
Meant For: Small enterprises |
|
Key Specs: Firewall, content filtering, gateway, bandwidth mgmt, anti-virus/anti-spam |
|
Pros: Policy based bandwidth management, advanced reporting |
|
Cons: None |
|
Contact: Elitecore Technologies, Ahmedabad. Tel: 26405600 E-mail: sales@cyberoam.com |
/pcq/media/post_attachments/7d0bcdc71526cff9edf5ee4ec9b9ff17eb7bfcf1e3516306b962465798ddb481.jpg){kind=small}
|
Other than setting the usual firewall policies, one special
feature of Cyberoam is protection from Denial of Service (DoS) and flooding
attacks. The device can be configured to detect and drop SYN Flood, UDP Flood,
and TCP Flood traffic attacks if the number of packets exceeds the defined per
minute Source/ Destination packet rate.
Bandwidth management
Talking about its bandwidth management capabilities, Cyberoam provides
policy-based filtering that allows defining of individual filtering plans for
various users in the organization. It lets you assign individual policies to
users (identified by IP address), or a single policy to a number of users
(Group). User level authentication can be performed using the local user
database on Cyberoam, or it can be integrated with ADS and LDAP. It is well
known that stronger the policies implemented, the better is the performance
given by the device and also harder is the device to bypass. By default,
Cyberoam has plenty of policies for bandwidth management. It has almost at least
one policy for every situation. Surfing Quota policy lets you define the
duration of Internet surfing time for particular users, or a group of users.
Internet policy lets you specify which user has access to which sites or
applications i.e. you can deny access to messengers and offensive websites. All
these policies are pretty easy to configure and manage. All configuration and
reporting is done through a Web console.
This appliance also lets you view the live connections in a
network. You can view live connections either application-wise, or user-wise, or
LAN IP Address-wise etc. Data transfer and bandwidth usage details of every
connection can also be seen. This Cyberoam box also provides detailed reporting.
By default, it creates seven reports, which includes reports for web browsing,
cache reports, mail usage, Internet usage and printer usage.
Tests and results
For testing Cyberoam's firewall capabilities, we attacked it with DOS
attacks using Nessus. It detected the attack in real time and was able to block
it too. We performed Syn Stealth Scan attack and TCP Syn Ping Attack using Nmap
and it was able to block the attacks successfully. In our next step to check
device's bandwidth management capabilities, we installed the device in a test
network for few days. We created users and tested all of its bandwidth policies.
It gave a good performance and acted according the policies configured i.e. It
was able to block users from accessing particular websites and was able to
logout users whenever they exceeded from their allocated time quota. It also
showed detailed reports of bandwidth utilization including the information about
which files were downloaded from which IP address.
Bottom Line: Considering its bandwidth management
capabilities and other features, it is worth buying for small enterprises.
There's a model available for large enterprises as well.
Swapnil Arora