Cyberoam CR 15wi

Stateful Inspection Firewall

- Layer 8 (User - Identity) Firewall
- Multiple Security Zones
- Access Control Criteria (ACC) - User - Identity, Source & DestinationZone, MAC and IP address, Service
- UTM policies - IPS, Web Filtering, Application Filtering, Anti-Virus, Anti-Spam and Bandwidth Management
- Layer 7 (Application) Control &Visibility
- Access Scheduling
- Policy based Source &DestinationNAT
- H.323, SIPNATTraversal
- 802.1q VLAN Support
- DoS &DDoSAttack prevention
-MAC&IP-MAC filtering and Spoof prevention

GatewayAnti-Virus & Anti-Spyware

-Virus,Worm,Trojan Detection &Removal
- Spyware, Malware, Phishing protection
-Automatic virus signature database update
- Scans HTTP, HTTPS, FTP, SMTP, POP3, IMAP, IM, VPN Tunnels
- Customize individual user scanning
- Scan and deliver by file size
- Block by file types
-Add disclaimer/signature

GatewayAnti-Spam

- Inbound Scanning
- Real-time Blacklist (RBL), MIME header check
- Filter based on message header, size, sender, recipient
- Subject line tagging
- IP address Black list/White list
- Redirect Spam mails to dedicated email address
- Image-based Spam filtering usingRPDTechnology
- Zero hour Virus Outbreak Protection
- IP Reputation-based Spam filtering

Intrusion Prevention System

- Signatures: Default (4500+), Custom
- IPS Policies: Multiple, Custom
- User-based policy creation
-Automatic real-time updates from CRProtect networks
- ProtocolAnomaly Detection
-DDoS attack prevention

Web Filtering

- InbuiltWeb Category Database
- URL, keyword, File type block
- Categories: Default(82+), Custom
- Protocols supported: HTTP, HTTPS
- Block Malware, Phishing, Pharming URLs
- Schedule-based access control
- Custom block messages per category
- Block JavaApplets, Cookies,Active x
- CIPA Compliant
- Data leakage control via HTTP, HTTPS upload

Application Filtering

- Inbuilt Application Category Database
- 11+ Application Categories: e.g. Gaming, IM, P2P, Proxy
- Schedule-based access control
- Block

- P2P applications e.g. Skype
- Anonymous proxies e.g. UItra surf
- “Phone home” activities
- Keylogger

Web Application Firewall

- Positive Protection model
- Unique "Intuitive Website Flow Detector" technology
- Protection against SQL Injections, Cross-site Scripting
(xSS), Session Hijacking, URL Tampering, Cookie
Poisoning
- Support for HTTP 0.9/1.0/1.1
- Extensive Logging & Reporting

Virtual Private Network

- IPSec, L2TP, PPTP
- Encryption - 3DES, DES, AES, Twofish, Blowfish, Serpent
- HashAlgorithms - MD5, SHA-1
- Authentication - Preshared key, Digital certificates
- IPSec NAT Traversal
- Dead peer detection and PFS support
- Diffie Hellman Groups - 1,2,5,14,15,16
- External Certificate Authority support
- Export RoadWarrior connection configuration
- Domain name support for tunnel end points
-VPNconnection redundancy
- Overlapping Network support
- Hub &Spoke VPN support

SSL VPN

-TCP&UDPTunneling
-Authentication -Active Directory, LDAP, RADIUS,
Cyberoam
- Multi-layered ClientAuthentication - Certificate,
Username/Password
- User &Group policy enforcement
- Network access - Split and Full tunneling
- Browser-based (Portal)Access - Clientless access
- Lightweight SSLVPNTunneling Client
- Granular access control to all the Enterprise Network
resources
-Administrative controls - Session timeout, Dead Peer
Detection, Portal customization
- TCP- basedApplicationAccess - HTTP, HTTPS,
RDP,TELNET,SSH

Instant Messaging (IM) Management

-Yahoo and Windows Live Messenger
-Virus Scanning for IM traffic
-Allow/Block Login
-Allow/Block FileTransfer
-Allow/BlockWebcam
-Allow/Block one-to-one/group chat
- Content-based blocking
- IM activities Log
- Archive files transferred
- CustomAlerts

WirelessWAN

-USBport 3G/4G and Wimax Support
- PrimaryWANlink
-WANBackup link

Bandwidth Management

- Application and User Identity based Bandwidth
Management
- Guaranteed &Burstable bandwidth policy
- Application & User Identity based Traffic Discovery
- MultiWANbandwidth reporting
- Category-based bandwidth restriction

User Identity and Group Based Controls

- Access time restriction
-Time and Data Quota restriction
- Schedule based Committed and Burstable Bandwidth
- Schedule based P2Pand IM Controls

Networking

- Failover - Automated Failover/Failback, Multi-WAN failover,
3GModem failover
-WRRbased load balancing
- Policy routing based onApplication and User
- IP Address Assignment - Static, PPPoE, L2TP, PPTP & DDNS
Client, Proxy ARP, DHCP server, DHCP relay
- Support for HTTPProxy
- Dynamic Routing: RIP v1& v2, OSPF, BGP, Multicast
Forwarding
- Parent Proxy support withFQDN
- “IPv6 Ready” Gold Logo

Administration & System Management

-Web-based configuration wizard
- Role-based access control
- Firmware Upgrades viaWeb UI
-Web 2.0 compliant UI (HTTPS)
- UI Color Styler
- Command Line Interface (Serial, SSH,Telnet)
-SNMP(v1, v2c, v3)
- Multi-lingual support: Chinese, Hindi, French, Korean
- CyberoamCentral Console (Optional)
- NTPSupport

User Authentication

- Internal database
-Active Directory Integration
-Automatic Windows Single Sign On
- External LDAP/RADIUS database integration
- Thin Client support - Microsoft Windows Server 2003
Terminal Services and Citrix xenApp
-RSAsecurID support
- ExternalAuthentication - Users andAdministrators
- User/MAC Binding
- MultipleAuthentication servers

Logging/Monitoring

- Graphical real-time and historical monitoring
- Email notification of reports, viruses and attacks
- Syslog support
- Log Viewer - IPS, Web filter, Anti Virus, Anti Spam,
Authentication, System and Admin Events

On-Appliance Cyberoam-iView Reporting

- Integrated Web-based Reporting tool -
Cyberoam-iView
- 1000+ drilldown reports
- 45+ Compliance Reports
- Historical and Real-time reports
- Multiple Dashboards
- Username, Host, Email ID specific Monitoring
Dashboard
- Reports - Security, Spam, Virus, Traffic, Policy violations,
VPN, Search Engine keywords
- Multi-format reports - tabular, graphical
- Exportable formats - PDF, Excel
- Automated Report Scheduling

IPSecVPNClient**

- Inter-operability with major IPSecVPNGateways
- Supported platforms: Windows 2000, WinxP 32/64-bit,
Windows 2003 32-bit, Windows 2008 32/64-bit, Windows Vista
32/64-bit, Windows 7 RC1 32/64-bit
- Import Connection configuration

Certification

- ICSAFirewall - Corporate
- CheckmarkUTMLevel 5 Certification
-VPNC- Basic andAESinteroperability
- “IPv6 Ready” Gold Logo

Compliance

-CE
-FCC