Cyberoam CR250i is identity-based unified threat management solution for
enterprises. It has all the prevalent features. It has got four ports. Two of
them are Gb Ethernet ports and the rest two are 10/100 Mbps ports. Each port can
individually be configured for LAN, WAN and DMZ. These ports can even be
configured for WAN failovers and load balancing. It also has four USB and two
COM ports. The initial setup of this device is very easy. There is a setup
wizard that lets you configure the device. For content filtering, it has 65 plus
categories to select from, and has URL filters as well. As it is an
identity-based UTM, the policies can be implemented at the user level,
irrespective of IPs.
|
Tests and results
For testing the effectiveness of anti-virus, we started downloading viruses
over HTTP and FTP. It blocked all, but 75 of them, which we will call as good.
Spam-blocker also worked fine with text, image and pdf based spams. Anti-virus
and anti-spam results were similar to that of Sonicwall PRO 5060. On default
setting, when we ran Nessus, it showed one warning and a hole. But configuration
of the device solved this issue. Then, we tried jamming the LAN ports by
flooding it with a client on its private network. The port couldn't be jammed,
but when we tried the same with 5 clients, the ports were blocked. We were not
able to access the public network. We also tested the device for
denial-of-service attack and the attack was successful. It neither logged the
attack nor did it block it, although the system was always working. Then, we ran
ARP spoofing attack to check the performance of its IDP. The IDP was not able to
detect or block this attack.
BOTTOMLINE: It is a good buy for those who want to deploy user-level
policies. The only catch is its IDP, which gives up to ARP attacks.