www.cyberoam.com
Automate your IT Security Services
Presenter: Cyberoam
Our Products
Modem Router Integrated Security Network Security Appliances - UTM, NGFW (Hardware appliance & Virtual) © Copyright 2014 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com It starts with debunking myths
. Nothing can get past a firewall . We are compliant, hence we are secure!
www.cyberoam.com Google Digital Attack Map – Growing Cyber Attacks
Rising number of cyber threats against advanced nations such as the US.
What happened to all state-of-the-art firewalls?
www.cyberoam.com Inside the mind of today’s cyber criminal
1. Indulge in multi-step, elaborate targeted attacks 2. Motivation goes beyond money, involves hacktivism, nation-state espionage, business rivalry, fame etc 3. Run deep investigation for potential vulnerabilities – from firewalls to unpatched servers to poorly guarded web apps to vulnerable users in the target organization
www.cyberoam.com Cyber-infrastructure Visualized
Why is Security everywhere in this slide?
www.cyberoam.com Anatomy of a typical targeted attack
www.cyberoam.com Automating IT Security: From Plugging Security Holes to Driving Proactive Defense
www.cyberoam.com What necessitates automating IT security?
Common security concerns… . How to auto-provision uniform security policies for HQ, Data Center and Remote Branch offices . Inability to assess vulnerability exposure of network due to web apps, risky users etc . Lack of understanding on network intrusion attacks, network segmentation . Struggle with IPS security configuration . Don’t know what to allow or deny?
www.cyberoam.com Here’s how automated IT security saves the day!
www.cyberoam.com How Cyberoam helps automate IT security?
www.cyberoam.com We know how IT and IT consumerization has changed…
www.cyberoam.com We know how network and data centers environments have evolved
www.cyberoam.com Cyberoam – addressing key challenges
Complexity Centrally manage complicated network security policies for hundreds of users, applications and networking devices
Evolving business Enable support and security for new business applications while monitoring controlling risk prone apps
Connectivity with productivity High-availability, automatic fail-over for business continuity; intelligent QoS management and prioritization for users and apps
Reporting and compliance Providing ready and in-depth support for displaying compliance and reports on user and network activities
www.cyberoam.com Currently available security automation with Cyberoam
- Identifying users instead of just IP address - Scheduled reports over email - Email scanning and shifting to quarantine - Identifying risky users - Compliance - HA, Failover, Load balancing - Burstable bandwidth - Centralized Security Management - ConnectWise integration - Cyberoam API - Pro-active security protection in IPS
www.cyberoam.com Cyberoam addresses a commonplace catch 22 faced by today's CXOs
www.cyberoam.com • Centralized Security Management for remote / branch offices
www.cyberoam.com Centralized Security Management
. CCC is for centralized, integrated management and monitoring of Cyberoam network security devices - Complete control over distributed networks / remote branch offices from head office (H.O.)
Mumbai Branch Office
New York Branch Office
Boston Cyberoam Branch Office Cyberoam
Dubai Head Office Cyberoam Cyberoam
Cyberoam Central Console (CCC)
www.cyberoam.com Automated Logging and Reporting
Security Forensic . Ability to log and report Management Analysis activities from various Log Compliance users, devices / vendors Management Management
Identity
Logging Reporting
Servers Desktop systems
Logs & Events
Firewalls Applications
IDP / IPS UTM / NGFW Routers Switches
Cyberoam iView’s Logging & Reporting Facilitates Security, Compliance, Forensics
www.cyberoam.com Real time visibility into user and network activities
. Traffic Discovery - Real-time visibility into bandwidth utilization by user, protocol, application
Security Forensic Management Analysis
Data Compliance Protection Management
www.cyberoam.com Application Security with Layer 7 and Layer 8 controls
Internet Cyberoam Appliance
Application Traffic Visibility Control Manage Bandwidth
Business Critical
Socio business
Non Critical
Infected Applications Blocked
worms Spyware Undesirable
Logs & Reports
Controls over applications based on User Identity, Time, Application and Bandwidth
www.cyberoam.com Automated Threat Protection
Intrusion Prevention System Gateway Anti-Virus, Anti- spyware
- Layer 8 and IPS Tuner driven - Bi-directional scanning: Web & Email - Identity-based IPS policies per user, group and - Self-service Virus Quarantine IP address - Scans HTTP, FTP, SMTP, POP3, HTTPS, IMAP and - Allows multiple IPS policies IM traffic - Identity-based alerts & reports - Instant visibility into Attacker/Victim - 4500+ signatures – broadest security cover Cyberoam Security Center
Anti-Spam (Inbound/Outbound) DoS & DDoS Protection
- Three level scanning: - Packet Rate Limit . IP Reputation filtering - Protection against flood attacks . Real-time Blackhole List (RBL) Continuously updated- SYN via Flood . Recurrent Pattern Detection (RPDTM) technology - TCP Flood - ~99% spam detection Cyberoam Security- UDP Center Flood - Self-service Quarantine and Spam Digest - ICMP Flood - Scans SMTP, POP3, IMAP traffic - IPS Signature to prevent attacks - Virus outbreak detection for zero-hour protection - Protocol Anomaly
www.cyberoam.com Proactive Protection model
Eliminates the need for manual intervention by administrators to update policies for new applications added to the list
Select P2P Applications
Set Action
Block all future P2P applications without adding applications manually
www.cyberoam.com Plug and Play IPS
Ready to use IPS Policy templates • Many SOHO/SMBs struggle with IPS • How many IT managers know • What to allow or deny? • Which IPS policy applies? • Ready to use IPS Policy templates with Firewall Rule style naming convention
www.cyberoam.com Customizable security for Enterprise IT Pros
Category Severity Platform Target Apache HTTP Server Critical (1) Windows Client Application & Software Major (2) Browsers Linux Server Moderate (3) Database Management Sys. Minor (4) Unix DNS Warning (5) ERP System Mac Exchange Mail Server Solaris FTP Industrial Control System BSD Malware Communication Other Microsoft IIS web server Misc Multimedia Office tools OS & Services Other Mail Server Reconnaissance VoIP & Instant Messaging Web Services & Applications And more…
www.cyberoam.com Ready integration with Two-factor authentication platforms
www.cyberoam.com Integration with leading SIEM platforms
. Cyberoam can be integrated with the following SIEM Solutions:
1: RSA Envision 2: ArcSight 3: Cyberoam i-view
. Syslog to integrate with all the above SIEM solutions
www.cyberoam.com Integration with leading MSSP business automation tools
Simplified management and better delivery of security services
Automatic Ticket Generation & Resolution for all CCC alerts right at ConnectWise dashboard level
Threat counts Reminders for Security Subscriptions . Web & IPS threats renewal / expiry . Mail threats . Total Virus & Spam Mail counts Other key appliance status . Unhealthy surfing hits information Appliance management and status change notifications for Capacity utilization . Appliance Connectivity with CCC notifications . Internet Link Capacity utilizationUTM, notifications NGFW for . VPN connection CPU, Disk & Memoryappliances usage . HA Failover State
www.cyberoam.com Cyberoam API - Enables Seamless Authentication
User Authentication API Seamless Single Sign-on for for Hotspots Enterprises Re-use Hotspot If you have an authentication, Cyberoam Authentication; avoid can fit in multiple logins
PMS
www.cyberoam.com Enables balancing what matters
. Business agility with security responsiveness
. Automation for threat protection, business continuity
. Ease of integration with third-party systems and MSSP tools
. Centralizes Security Management
. Automated logging and reporting
www.cyberoam.com Thank you
Contact: [email protected]
Link: http://demo.cyberoam.com
Credentials: guest /guest
Get a 30 day FREE Evaluation of Cyberoam Virtual appliance
www.cyberoam.com