Cyberoam CR250i

Cyberoam CR250i is identity-based unified threat management solution for

enterprises. It has all the prevalent features. It has got four ports. Two of

them are Gb Ethernet ports and the rest two are 10/100 Mbps ports. Each port can

individually be configured for LAN, WAN and DMZ. These ports can even be

configured for WAN failovers and load balancing. It also has four USB and two

COM ports. The initial setup of this device is very easy. There is a setup

wizard that lets you configure the device. For content filtering, it has 65 plus

categories to select from, and has URL filters as well. As it is an

identity-based UTM, the policies can be implemented at the user level,

irrespective of IPs.

Tests and results



For testing the effectiveness of anti-virus, we started downloading viruses

over HTTP and FTP. It blocked all, but 75 of them, which we will call as good.

Spam-blocker also worked fine with text, image and pdf based spams. Anti-virus

and anti-spam results were similar to that of Sonicwall PRO 5060. On default

setting, when we ran Nessus, it showed one warning and a hole. But configuration

of the device solved this issue. Then, we tried jamming the LAN ports by

flooding it with a client on its private network. The port couldn't be jammed,

but when we tried the same with 5 clients, the ports were blocked. We were not

able to access the public network. We also tested the device for

denial-of-service attack and the attack was successful. It neither logged the

attack nor did it block it, although the system was always working. Then, we ran

ARP spoofing attack to check the performance of its IDP. The IDP was not able to

detect or block this attack.

BOTTOMLINE: It is a good buy for those who want to deploy user-level

policies. The only catch is its IDP, which gives up to ARP attacks.