You are on page 1of 262

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Please Introduce Yourself…

Your name

Your company, position, and responsibilities

Your network experience

Specific UTM appliance or Cyberoam product experience

Your expectations from this workshop

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Training Kit
Verify your take away:
• CCNSP Guide
• Cyberoam Brochure
• Quick Start Guide
• Writing Aids

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Schedule / Breaks

Sessions starts at 09:00 hours

Breaks
- Refreshments (around 10:30 hours)
- Lunch (around 12 – 13 hours)
- Refreshments (around 15:30 hours)

Sessions ends at 17 hours

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Training Pre-requisites
The training programme assumes participants to
have operational familiarity with following concepts:

Operational OS understanding

Networking Basics

Protocols like HTTP, IMAP, POP3, SMTP

TCP/IP Protocol Suite

Network Security Fundamentals

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

All Rights Reserved. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Identity Based UTM Agenda: • Challenges with Current UTM Products • Cyberoam’s Security Approach • Layer 8 Firewall • Identity Based Technology © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .

lack of granular features in individual solutions Need for Identity based UTM… © Copyright 2010 Elitecore Technologies Ltd. reporting.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Challenges with Current UTM Products Lack of user Identity recognition and control  Inadequate in handling threats that target the user – Phishing. .  Inadequate Logging. All Rights Reserved.Cyberoam Cyberoam .Slammer Lack of In-depth Features  Sacrificed flexibility as UTM tried to fit in many features in single appliance. Pharming Unable to Identify source of Internal Threats  Employee with malicious intent posed a serious internal threat  Indiscriminate surfing exposes network to external threats  50 % of security problems originate from internal threats – Yankee Group  Source of potentially dangerous internal threats remain anonymous Unable to Handle Dynamic Environments  Wi-Fi  DHCP Unable to Handle Blended Threats  Threats arising out of internet activity done by internal members of organization  External threats that use multiple methods to attack .

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam: Identity-based Security Overview of Cyberoam’s Security Approach:  Who do you give access to: An IP Address or a User?  Whom do you wish to assign security policies: Username or IP Addresses?  In case of an insider attempted breach. . All Rights Reserved. whom do you wish to see: User Name or IP Address?  How do you create network address based policies in a DHCP and a Wi-Fi network?  How do you create network address based policies for shared desktops? © Copyright 2010 Elitecore Technologies Ltd.

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam – Identity Based Security Cyberoam is the only Identity-based Unified Threat Management appliance that provides integrated Internet security to enterprises and educational institutions through its unique granular user-based controls. © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) PATENT PENDING: IDENTITY-BASED TECHNOLOGY User © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.Cyberoam Cyberoam .

Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Layer 8 Firewall (Patented Technology) © Copyright 2010 Elitecore Technologies Ltd. .

Cyberoam Cyberoam . It offers comprehensive threat protection with: • Identity-based Firewall • VPN.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) About Cyberoam Cyberoam is the identity-based UTM solution that offers Integrated Internet Security with fine granularity through its unique identity-based policies.Threat free tunneling • SSL VPN • • • • • • Gateway Anti-Virus Gateway Anti-Spam Intrusion Prevention System (IPS) Web & Application Content Filtering Bandwidth Management (QoS) Multi-Link Manager (Load balancing) • On-Appliance Reporting • 1000+ drilldown reports © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. .

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Appliances (Các số tương ứng với số người dùng internet) SOHO (Small Office-Home Office) & ROBO (Remote Office-Branch Office) CR 15i – CR 15iw CR 25ia – CR35ia Small to Medium Business CR 50ia – CR100ia Medium Enterprises CR 200i CR 300i CR 500ia CR 750i Large Enterprises CR 1000i CR 1500i © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam .

Threat Free Tunneling SSL VPN (Promotional offer) Bandwidth Management Multiple Link Management Individual Module Wise Subscriptions Bundle Subscription •Gateway Bundle canAnti-Virus be the combination Subscription of or (Anti-malware. modules: spyware protection included) ••Gateway GatewayAnti-spam Anti Virus Subscription •Web & Application Filtering Subscription • Gateway Anti-spam •Intrusion Prevention System (IPS) Intrusion Prevention System ••24 x 7 Premium Support Web and Filter ••IPSec VPNApplication Clients (Per Device-Life Time) • 8 X 5 Support (Subscription services are available on 1 Year.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Basic Appliance – One time sale • • • • • • Identity-based Firewall 8 x 5 Support for the first year. VPN. all of the following phishing. All Rights Reserved.Cyberoam Cyberoam . . 2 Year or 3 Year subscription basis) © Copyright 2010 Elitecore Technologies Ltd.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Bundle Subscription (TVS & SVS) Bundle Subscriptions are available as: (1) Total Value Subscription (TVS) includes: (1) Anti Virus (2) Anti Spam (3) Web & Application filter (4) IPS (5) 8*5 Support (if bought for more than 1 year as first year support is included for free) (2) Security Value Subscription (SVS) includes: (1) Anti Virus (2) Web & Application filter (3) IPS (4) 8*5 Support (if bought for more than 1 year as first year support is included for free) © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.Cyberoam Cyberoam .

Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Bundle Subscription (One time subscription) © Copyright 2010 Elitecore Technologies Ltd. .

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Demo vs Sale Appliance Sale Appliance: The Cyberoam appliance sold to Partner / Reseller for direct customer sale. Demo Appliance: The Cyberoam appliance sold to Partner / Reseller for conducting end customer demo. Demo appliance can be registered unlimited number of times under different credentials after factory reset and can get 3. © Copyright 2010 Elitecore Technologies Ltd. 15 days trial for all subscription based modules after each registration. .Sale appliance can be registered once and can get 3. 15 days trials for all subscription based modules.Cyberoam Cyberoam . All Rights Reserved.

.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Products Agenda: • Cyberoam UTM Appliances • Appliance Family • Cyberoam SSL VPN • Cyberoam End Point Data ProtectionProtection • Cyberoam iView • Cyberoam Central Console (CCC) • Cyberoam VPN Client © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

. © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam – Identity Based Security Cyberoam is the only Identity-based Unified Threat Management appliance that provides integrated Internet security to enterprises and educational institutions through its unique granular user-based controls. All Rights Reserved.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam SSL VPN © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.Cyberoam Cyberoam .

• Continuous Access – provides reliable.Cyberoam Cyberoam . less downtime. All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd. . • Easy to use – Fast installation. less ongoing management. available and scalable access. wireless users. telecommuters. • Endpoint Security. • Hardened Secure OS.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Benefits • Secure SSL VPN – Access from anywhere. • Trusted Remote Access – extend access to partners.

.Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam SSL-VPN features © Copyright 2010 Elitecore Technologies Ltd.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Models & Licenses • Base License – Default 5 User License valid for 30 days. . • Software Based • Appliance Based – CR-SSL-0800 (Supports upto 50 Concurrent Users). – No EPS. – CR-SSL-2400 (Supports upto 1000 Concurrent Users).Cyberoam Cyberoam . All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd. – CR-SSL-1200 (Supports upto 250 Concurrent Users).

Protect Your Assets © Copyright 2010 Elitecore Technologies Ltd. Cyberoam End Point Data Protection Protect Your Data.Cyberoam Cyberoam . . Protect your Assets. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam – End Point Data Protection Protect your Data.

2. A single key would be issued for the modules purchased. © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. i. . 3.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam End Point Data Protection Licenses (Per-user one time licenses) 1. It includes version upgrades & technical support. Not possible to buy 10 licenses for Device management & 50 for Asset management. Renewal (year on year) Maintenance support to be renewed for all the modules purchased each year.e. Data Protection & Encryption Device Management Application Control Asset Management Note: All the modules include 1 year maintenance support.Cyberoam Cyberoam . Need to buy the same number of licenses for all the modules. 4.

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam iView The Intelligent Logging & Reporting Solution Its an Open Source. .Cyberoam Cyberoam . its free! © Copyright 2010 Elitecore Technologies Ltd.

All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) What is Cyberoam iView?     Open Source Logging and Reporting solution Ability to log and report activities from • UTM / Firewalls • HTTP Proxy • More to follow Unique ability – Shows “Who is doing What” Free to Download © Copyright 2010 Elitecore Technologies Ltd. .

.Cyberoam Cyberoam . Forensics © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. Compliance.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam iView’s Logging & Reporting Cyberoam iView’s Logging & Reporting Facilitates Security.

• HTTP Proxy: Squid • Syslog Compatible Devices: Any product with Syslog support © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam. . Sonicwall.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam iView appliances • CR-iVU 25 • CR-iVU 100 • CR-iVU 200 Products supported • Network Devices: Linux IPtables / Netfilter Firewall. Fortigate.Cyberoam Cyberoam .

Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Central Console (CCC) Cyberoam Central Console (CCC Series) © Copyright 2010 Elitecore Technologies Ltd. .

Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) CCC Deployment (Enterprise) Branch Offices Corporate Head Office Branch1 Branch2 Cyberoam UTM Appliance Branch3 Branch…N CCC © Copyright 2010 Elitecore Technologies Ltd. .

com © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) CCC appliance family Small-to-Medium Deployments • • CCC 15 (Capacity to manage 15 Cyberoam Appliances) CCC 50 (Capacity to manage 50 Cyberoam Appliances) Medium-to-Large Deployments • • CCC 100 (Capacity to manage 100 Cyberoam Appliances) CCC 200 (Capacity to manage 200 Cyberoam Appliances) CCC Online Demo is available at: http://demo.cyberoam.Cyberoam Cyberoam . . All Rights Reserved.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Deployment Agenda: • Package Contents • Factory Default Settings • Deployment Modes © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam . .

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Package Cyberoam Appliance Blue Straight-through Ethernet Cable Power Cable Red Crossover Ethernet Cable Quick Start Guide Serial Cable Documentation CD © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam .

0 LAN B 192.16/ 255.2.255.16.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Factory Defaults Port IP Address Zone Type A 172. .0 WAN Web Based Administration Console: Username: cyberoam Password: cyber Text Based Administration console (Telnet or Serial Connection): Password: admin SSH: Username: admin Password: admin © Copyright 2010 Elitecore Technologies Ltd.1/ 255.Cyberoam Cyberoam . All Rights Reserved.255.16.255.168.240.

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Deployment Modes Cyberoam can be deployed in two modes: Bridge / Transparent Mode Gateway / Route / NAT Mode © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. .

Cyberoam Cyberoam . All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Gateway/Route/NAT mode • You want to replace your existing firewall or router acting as a gateway for your network with Cyberoam • You want your gateway to act as a VPN server • You want redundancy in your network with by utilizing the multilink and HA (High-Availability) features of Cyberoam • You want to configure separate DMZ zone to protect servers from LAN & WAN zone. .

0.Gateway DMZ Zone Web Server IP:172.1.1/24 DMZ IP: 172.168. All Rights Reserved.___.0.1.5.1.1/24 EXT IP: 61.0.0.16.16.___.2/29 Gateway IP: 61.16.168.___ ______________ ______________ ______________ .5.Cyberoam Cyberoam .0.1 Database Server IP:172.1 © Copyright 2010 Elitecore Technologies Ltd.1.5.1.2 Gateway: 172.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Before Cyberoam Scenario .168.16.0.1 Network:192.1 Users IP Address Subnet Mask Zone Type Port B IP Address Subnet Mask Zone Type ___ ___ ___ ___ ___ ___ ___ ___ LAN/WAN/DMZ Port C IP Address Subnet Mask Zone Type ___ ___ ___ ___ ___ ___ ___ ___ LAN/WAN/DMZ Port D IP Address Subnet Mask Zone Type IP address of the Default Gateway: DNS IP Address: System Time Zone: System Date and Time: Email ID of the administrator : Switch Switch Port A Default Gateway: 192.1. ___ ___ ___ ___ ___ ___ ___ ___ LAN/WAN/DMZ ___ ___ ___ ___ ___ ___ ___ ___ LAN/WAN/DMZ ___ ___ ___ ___ ___.1.16.4 Gateway: 172.1 Router IP:61.16.3 Gateway: 172.16.x/24 Mail Server IP:172.1/29 Firewall INT IP:192.

16.1/24 DMZ IP: 172.1.1/29 INT IP:192.2/29 Gateway IP: 61.5.2 IP:172.168.1.1 Gateway: 172.1.0.x/24 Database Server Web Server Mail Server IP:172.1 Users Default Gateway: 192.0.1.1.168.0.1 DMZ Zone Console Switch Switch Network:192.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam in Gateway Mode Router IP:61. .1 Gateway: 172.16.Cyberoam Cyberoam .1 © Copyright 2010 Elitecore Technologies Ltd.16.168.0.16. All Rights Reserved.1/24 EXT IP: 61.5.0.5.4 IP:172.0.16.16.16.3 Gateway: 172.1.1.

Zone information Cyberoam in Gateway mode have Four default zone LAN Zone: Network connected to LAN interface of Cyberoam WAN Zone: Network connected to WAN interface of Cyberoam DMZ Zone: Network connected to DMZ interface of Cyberoam Local Zone: IP Addresses assigned on Cyberoam interfaces falls under Local Zone WAN Zone Local Zone DMZ Zone LAN Zone © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Gateway Mode. All Rights Reserved.

Cyberoam Cyberoam . All Rights Reserved. Spam. . • Want to try-out Cyberoam without changing your existing setup. © Copyright 2010 Elitecore Technologies Ltd. Content-Filtering and IDP and Bandwidth Management.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Bridge/Transparent Mode When to choose bridge mode? • You already have a firewall or a router acting a gateway for your network and you don’t want to change the existing setup • Want to use Cyberoam for reporting. • Want Cyberoam as a drop-in solution for Viruses.

1 © Copyright 2010 Elitecore Technologies Ltd.168.___ IP address of the Default Gateway ___.168.___.___.___.Bridge Bridge IP Address Subnet Mask ___.___.0.0.1/24 Switch Network:192.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Before Cyberoam Scenario .0.___ ___. All Rights Reserved. .x/24 Users Default Gateway: 192.___.___ System Time Zone ______________ System Date and Time ______________ Email ID of the administrator ______________ Router Firewall INT IP: 192.___.___.168.___ DNS IP Address ___.Cyberoam Cyberoam .___.

0 . 0 .Cyberoam Cyberoam .168.___.___ 255.___. 54 .0.___.168. 1 DNS IP Address 202.___.168.___. 30 System Time Zone ______________ System Date and Time ______________ Email ID of the administrator ______________ Router Firewall INT IP: 192.168. .0.1 ___. All Rights Reserved.168.1/24 Network:192. 1 . 5 ___.x/24 Users Default Gateway: 192. 0 © Copyright 2010 Elitecore Technologies Ltd.___.___ 192.0.255.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam in Bridge Mode Bridge IP Address Subnet Mask IP address of the Default Gateway ___.___ 192.255.

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Bridge Mode.Zone information Cyberoam in transparent mode have three default zone LAN Zone: Network connected to LAN interface of Cyberoam WAN Zone WAN Zone: Network connected to WAN interface of Cyberoam LOCAL Zone LAN Zone Local Zone: IP Address assigned on the Bridge Interface falls under Local Zone © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam .

• The traffic flow is not interrupted thus resulting in high network uptime.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Hardware Bypass in Transparent Mode • When the appliance is deployed in Transparent mode and if there is a power failure. • In Bypass mode the bypass interfaces of the appliance get bridged and start acting like a hub. © Copyright 2010 Elitecore Technologies Ltd. . hardware problem or a software malfunction the appliance goes into ‘Bypass’ mode. • Hardware Bypass functionality is only available in Transparent Mode not in Gateway Mode. All Rights Reserved.Cyberoam Cyberoam .

• In CR 1000i and CR1500i ports “A and B” “C and D” have the hardware bypass function available.CR 100ia. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Hardware Bypass in Transparent Mode Bypass LED • CR 50ia. CR 100ia. CR500ia. • In CR 200ia and CR 300i ports C and D have the bypass functionality available. CR1000i and CR1500i come with hardware bypass feature • In CR 50ia. • A Blue LED on the front panel of the appliance blinks when hardware bypass is active. © Copyright 2010 Elitecore Technologies Ltd. CR 300i.Cyberoam Cyberoam . • In CR500ia ports “A and B” and “C and D” have the bypass functionality available.CR200i. . ports A and B have the bypass functionality available only on power failure.

• You don’t want to make any major changes with you existing proxy setup © Copyright 2010 Elitecore Technologies Ltd. • You want to use Cyberoam as a drop in solution in proxy mode.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Web Proxy Mode • You would like to replace existing software / appliance based proxy solution • You would like to use Cyberoam Identity based features along with Content Filtering / Bandwidth Management / Anti-virus / User based Reporting. . All Rights Reserved.

Cyberoam Cyberoam . © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. • In general scenario.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam’s Web Proxy Features • Cyberoam’s Web proxy listens on port 3128 by default • Cyberoam can be configured to use an upstream parent proxy server by configuring the parent proxy’s IP address and the proxy port number • Proxy mode is drop-in solution and this can be deployed by using single interface of Cyberoam and users can specify Cyberoam IP as a proxy in their browser. . one can replace existing proxy solution with Cyberoam and specify existing proxy IP in Cyberoam so without making any major changes in the network Cyberoam can be placed.

Cyberoam Cyberoam . .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Configure Web Proxy System  Configuration  Web Proxy Cyberoam’s HTTP Proxy listens on port 3128 by default © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Configure Parent Proxy System  Configuration  Parent Proxy Configure to use an upstream parent proxy server © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . All Rights Reserved. .

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Default Internet Access Policy The Network Configuration Wizard requires you to configure the Default Internet Access Policy © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . .

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Default Internet Access Policy

‘Monitor Only’ Policy:
– Allows LAN to WAN traffic.
– Allow all outbound traffic without any authentication.
– No scanning.
– No content filtering.

‘General Internet’ Policy:
– Allow all outbound traffic without any authentication.
– Web traffic will be scanned for virus / malware / spyware.
– Content filtering will be “ON” by using default content filtering policy “General Corporate
Policy” which blocks below web URL categories:
• Porn, Nudity, Adult Content, URL Translation Sites, Drugs, Crime and Suicide,
Gambling, Militancy and Extremist, Phishing and Fraud, Violence, Weapons
– It is the default selected policy.

‘Strict Internet’ Policy:
– Block all outbound unauthenticated traffic.
– Web traffic will be scanned for virus / malware / spyware.
– All traffic will be scanned by IDP engine.

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Cyberoam Registration

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

What is registration? Registration is process which will create customer account in
Cyberoam central registration database.

Why to register? Registration is mandatory task as without this subscription modules
cannot be subscribed.
Registration gives following benefits:

8 x 5 Support as per country time zone for next one year.
Free trial of following Cyberoam Subscription Modules:
• Gateway Anti-Virus & Gateway Anti-Spam
• Web & Application Filter
• Intrusion Prevention System (IPS)
Access of customer my account for
• Support ticket management
• Subscription management

Customer my account can be accessed from: http://customer.cyberoam.com
Multiple Cyberoam appliances can be registered using same customer account so that
customer can manage all support tickets under one customer account.
© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

LABS

Lab #1 Factory Reset

Lab #2 Deployment in Bridge Mode (Optional)

Lab #3 Deployment in Gateway Mode

Lab #4 Registration, Upgradation & Subscription

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Firewall

Agenda:
• Access Control (Appliance Access)
• IP Management
• Firewall Management
• Default Firewall Rules
• L2 Firewall support
• Outbound NAT (Source NAT)
• Inbound NAT (Virtual Host)
• Denial of Service (DoS)
• Cyberoam Unified Threat Control under Firewall
© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Appliance Access System  Administration  Appliance Access © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Appliance Access (via Zones) Network  Interface  Zone © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . All Rights Reserved.

Cyberoam Cyberoam . they are also nested and displayed beneath the physical interface. © Copyright 2010 Elitecore Technologies Ltd. If virtual sub-interface is configured for the physical interface.Physical interfaces/ports available on Cyberoam. it also displayed beneath the physical interface. All Rights Reserved. If virtual sub-interfaces are configured for VLAN implementation. Virtual sub-interface configuration can be updated or deleted. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IP Management Network  Interface View port wise network (physical interface) and zone details. Interface .

Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Firewall Management © Copyright 2010 Elitecore Technologies Ltd. .

© Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Zone Management Zone Types LAN : The Internal and most secure zone. WAN : The external. DMZ : The secured publicly accessible server zone. Local : All ports of the Cyberoam Appliance fall in this zone. no-control and non-reliable zone.Cyberoam Cyberoam . . VPN : It is the only zone that does not have an assigned physical port/interface. All Rights Reserved.

Cyberoam Cyberoam . All Rights Reserved. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Zone Mangement Network  Interface  Zone © Copyright 2010 Elitecore Technologies Ltd.

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Service Management Objects  Services  Add Cyberoam provides several standard services and allows creating: • Customized service definitions • Firewall rule for Customized service definitions © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. .

All Rights Reserved.Cyberoam Cyberoam . .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Manage Firewall Rules © Copyright 2010 Elitecore Technologies Ltd.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Default Firewall Rules • Cyberoam creates two ‘Default Firewall Rules’ when it is first deployed in any of the two operational modes • These rules depend on the operational mode and the ‘Default Internet Access Policy’ selected while running the network configuration wizard. © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam . • The default rules can be edited by the administrator but cannot be deleted. All Rights Reserved.

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Default Firewall rule #2 © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam .

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Default Firewall rule #1 © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam .

AV. . QoS policy etc can be applied on the MAC firewall rule. • All normal firewall policies like Web filter. we can create a firewall rule to allow that server through firewall using MAC © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. • Eg: For any server running on dynamic IP Address. Application filter.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) L2 Firewall Support • In Cyberoam MAC address (Machine Address) is a decision parameter along with identity and ip address for the firewall policies. IPS.Cyberoam Cyberoam .

© Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Add MAC based host Objects  Hosts  MAC Host  Add Note: MAC based hosts can be added on the fly while creating firewall rules as well.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Firewall rule for MAC host © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . All Rights Reserved. .

e. . which can be bound to a firewall rule.141. • Example – Mail server is configured in DMZ zone with private IP address & traffic generated from Mail server should be NATed with specific Public IP i.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) NAT (Outbound NAT) • What is NAT – Cyberoam has a predefined NAT policy called MASQ that NATs the outgoing traffic with the outgoing port’s IP Address – Use NAT when you want to do map a specific outbound traffic with a specific IP/IP Range – Cyberoam allows to create a NAT policy. All Rights Reserved. 121.22.250 © Copyright 2010 Elitecore Technologies Ltd.

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Add NAT Policy Firewall  NAT Policy  Add © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam .

.Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Add firewall rule to include NAT policy Firewall  Rule  Add © Copyright 2010 Elitecore Technologies Ltd.

• Example: Webserver configured in LAN zone with 192.168.37.146. • Virtual Host is an object where we map few or all services of a public IP address to few or all services on an internal host. • This virtual host is used as the Destination address to access LAN or DMZ servers. .1. • Virtual Host maps services of a public IP address to services of a host in a private network. All Rights Reserved. Let’s see how to make webserver available on Internet.25.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Virtual Host (Inbound NAT) • Virtual Host is required to make internal resources available on the internet like web servers or mail servers configured in LAN or DMZ. In other words it is a mapping of public IP address to an internal IP address.abc. © Copyright 2010 Elitecore Technologies Ltd.com which is resolving on 154.Cyberoam Cyberoam .157. From internet users are accessing www.

Cyberoam Cyberoam . All Rights Reserved. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Add Virtual Host Firewall  Virtual Host  Add © Copyright 2010 Elitecore Technologies Ltd.

All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Add Firewall rule to include the Virtual Host © Copyright 2010 Elitecore Technologies Ltd. .

. If port forwarding is not enabled in virtual host then firewall rule with “All Services” is created. Cyberoam automatically creates a loopback firewall rule for the zone of the mapped IP address. © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . Loopback firewall rule is created for the service specified in virtual host.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Loopback Firewall rule Once the virtual host is created successfully. Loopback rules allow internal users to access the internal resources using its public IP (external IP) or FQDN. All Rights Reserved.

168. We have already created a Virtual Host for the Web Server with port 80. now we will create remaining two Virtual Hosts for FTP and RDP.168. We will have to create 3 Virtual Hosts for above 3 servers with same external IP and different Internal IP addresses.25.159).146.158) and RDP Server (192. In this case. we have connected multiple servers like Web Server (192.37. .1.146. © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Port Forwarding concept Example: We have one public IP 154.25.157). In the DMZ. we will use Port Forwarding while configuring the Virtual Host.1. We want to publish all these servers using only one public IP 154.168.1.37. FTP Server (192. All Rights Reserved. with port forwarding.Cyberoam Cyberoam .

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Creation of Virtual Hosts © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. .

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Creation of Firewall Rules © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam .

Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Denial of Service • What is Denial of Service • How does Denial of Service Happen • Effects of Denial of Service © Copyright 2010 Elitecore Technologies Ltd. .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Types of DoS attacks • SYN Flood • UDP Flood • TCP Flood • ICMP Flood © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam . All Rights Reserved.

Cyberoam Cyberoam . .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) DoS protection settings • How many connections is each LAN host generating (take an average)? • Multiply that by the number of hosts in your network. All Rights Reserved. • Turn off checking for TCP flood unless specifically instructed by the Cyberoam Support Staff © Copyright 2010 Elitecore Technologies Ltd. • Destination based checking of DOS attacks should be disabled unless you suspect that there is a host inside your network generating a DOS attack.

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) DoS Configuration Firewall  DoS © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam .

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Cyberoam Unified Firewall Controls
Cyberoam’s unified firewall controls include:
• Web Filter
• Application Filter
• IPS Policy
• QoS Policy
• IM Scanning
• Anti Virus & Anti Spam Scanning
• Route through Gateway

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Unified Threat Control’s in firewall rule

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

LABS








Lab #5 Securing the Appliance
Lab #6 Create a DROP firewall rule for your machine’s IP address
Lab #7 Create a ACCEPT firewall rule for your machine’s IP address.
Lab #8 Create Schedule & Apply in Firewall Rule
Lab #9 Enable / Disable Anti-Virus & Anti-Spam Scanning
Lab #10 Test Anti-Virus Scanning
Lab #11 Create Firewall Rule to Allow DNS Traffic
Lab #12 Create Virtual Host to Publish a RDP Server residing in the
LAN
Lab 13# Create MAC based host for Dynamic web server and create
MAC based firewall rule

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

User Authentication

Agenda:
• Local & External Authentication
• Authentication Settings
• Type of Authentication
• Single Sign On Concept
• Identity Based Policy
• Group Management
• User Management
• Identity Based Firewall
• Traffic Discovery
• Lab
© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Local Authentication Flow

User Authentication process initiates, when the client tries to authenticate.

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

All Rights Reserved. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) External Authentication Flow © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Authentication Servers Identity  Authentication  Authentication Server © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam .

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Authentication Settings
Identity  Authentication  Firewall

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Authentication Settings
Identity  Authentication  VPN

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Authentication Settings
Identity  Authentication  Admin

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Authentication Methods
Normal
- Captive Portal
- Corporate client
Windows:
http://download.cyberoam.com/solution/optionals/Corporateclientsetup.exe
Windows (Vista & Windows 7 – 32 bit):
http://download.cyberoam.com/solution/optionals/Corporateclientsetup_vista_win
7.exe

Clientless
- No Authentication Required

Single Sign On
- Authentication is done in sync with user’s
authentication in domain

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Single Sign On Flow (SSO)

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

.Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Identity Based Policies © Copyright 2010 Elitecore Technologies Ltd.

• Cyberoam lets you define customized policies to define different levels of access for different users to meet your organization’s requirements. .Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Surfing Quota Policy • Surfing Quota Policy defines the duration of Internet surfing time. • It is the allowed time in hours for a group or an individual user to access Internet. © Copyright 2010 Elitecore Technologies Ltd.

Allow Strategy . All Rights Reserved. Viz. • Two strategies can be define: .disallows access during the schedule © Copyright 2010 Elitecore Technologies Ltd.allows access during the schedule . Only office hours access.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Access Time Policy • Access Time Policy defines the time period during which users can be allowed/denied the Internet access. • It enables to set time interval – days and time for internet access with the help of a Schedule.Cyberoam Cyberoam . .Deny Strategy .

. • Application Filter Policy controls user’s application access.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Web & Application Filter • Web Filter Policy controls user’s web access. Groups of users. •Applying default policy allows all the users to surf without login depending on the default policy applied and web surfing reports are generated on IP address as user has actually not logged on to Cyberoam. © Copyright 2010 Elitecore Technologies Ltd. Time of day. It allows administrator to control access to applications based on almost limitless policy parameters like Individual users. video and streaming content). Content type. Location/Port/Protocol type. •Default web & application filtering policy is based on LAN➞WAN policy selected while running “Network Configuration Wizard”. Groups of users. It specifies which user has access to which sites and allows defining powerful security policies based on almost limitless policy parameters like Individual users. Time of day.Cyberoam Cyberoam . Bandwidth usage (for audio. All Rights Reserved.

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Web Filter  Policy Add © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Application Filter  Policy  Add © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam .

Can be applied to a user’s profile. •It allocates and limits the maximum bandwidth usage of the user and controls web and network traffic. •Web Category – To apply bandwidth restrictions on custom or default web categories.Cyberoam Cyberoam . •Application – To restrict bandwidth for particular application. © Copyright 2010 Elitecore Technologies Ltd. . Policy can only be assigned to custom or default web categories. and apply bandwidth restriction. •Firewall Rule – This policy can be applied in the firewall rule only. Bandwidth restriction will be enforced on the traffic matching the firewall rule.To restrict bandwidth of a particular user. Policy can be defined/created for: •User . All Rights Reserved. You need to go to application category.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) QoS Policy •The primary objective of QoS Policy is to manage and distribute total bandwidth on certain parameters and user attributes.

Cyberoam Cyberoam . All Rights Reserved. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) QoS  Policy  Add © Copyright 2010 Elitecore Technologies Ltd.

• Single policy can be applied to number of Groups or Users.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Data Transfer Policy • The primary objective of this policy is to restrict the users to upload and download anything from the internet.Cyberoam Cyberoam . • Limits data transfer on a cyclic or non-cyclic basis. All Rights Reserved. . • Data transfer restriction can be based on: Total Data transfer (Upload + Download) Individual Upload and/or Download © Copyright 2010 Elitecore Technologies Ltd.

. • Its a mechanism of assigning various policies to a number of users in one operation/step.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Group Management • Group is a collection of users having common policies that can be managed as a single unit. • It simplifies the user configuration.Cyberoam Cyberoam . © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. • Users that belong to a particular group are referred to as a group user.

Normal A user of this group need to logon to Cyberoam using the Cyberoam Client to access the Internet 2.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Group Types: 1. Access control is placed on the IP address. .Cyberoam Cyberoam . Clientless A user of this group need not logon to Cyberoam using the Cyberoam Client to access the Internet. All Rights Reserved. which is represented as Group name (C) © Copyright 2010 Elitecore Technologies Ltd.

NOTE: User MAC binding feature is available only when user authenticates on Cyberoam using the corporate client (Windows/Linux). All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd. Details: User can login to Cyberoam and use the internet only from his/her own computer.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) User-MAC binding The Feature: Binds a user to a physical machine. . User will not be able to login from any other computer and no one else will be able to login from his/her computer. Benefit: Will prevent anyone from ‘impersonating’ someone else even if they have changed their IP address.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) User-MAC binding © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . All Rights Reserved. .

Web Filter Policy .Identity • Action .Drop .Reject • However.Identity Based UTM • Rule matching criteria .QoS Policy .NAT .Service (port) .Destination address . Wi-Fi Unified Threat (per environment Rule Matching Criteria) .Routing decision © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Identity based firewall rules Normal Firewall Cyberoam .Source address .Cyberoam Cyberoam .Accept .Application Filter Policy . fails inControls DHCP. .Schedule .Anti Virus & Anti Spam . All Rights Reserved.IPS Policy .

User and apply Custom Policies • Lab #18 Monitor User Activities • Lab #19 Single Sign On Implementation with Active Directory (Optional) • Lab #20 Customise HTTP Login Page © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) LABS • Lab #14 Enforce Authentication • Lab #15 How to authenticate users through Captive Portal/Cyberoam Corporate Client • Lab #16 Create Custom Policies • Lab #17 Create Group.Cyberoam Cyberoam . .

Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Content Filter Agenda: • Basics of Content Filter • Cyberoam Content Filter Features • Content Filter Categories • Content Filter Policies • Custom Category • Custom Denied Message • Upgrade • Safe Search capability to filter Adult Content © Copyright 2010 Elitecore Technologies Ltd. .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Basics of Content Filter © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. .Cyberoam Cyberoam .

Cyberoam Cyberoam . Streaming. Videos/Flash  Local Content Filter Database to reduces latency and dependence on network connectivity. . spyware URLs.  Block & Control Applications such as P2P.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Web & Application Filtering Features Database of millions of sites in 82+ default categories. pharming. Data Leakage Prevention (HTTP upload control & reporting). © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. Blocks phishing.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Web & Application Filtering Features  Google content categorization based on user policy:  Cache Pages  Translated Pages (http://translate.google.Cyberoam Cyberoam . All Rights Reserved. .com)  Enforcement of Google Safe Search Based on User Policy.  Customized blocked message to educate users about organizational policies and reduce support calls © Copyright 2010 Elitecore Technologies Ltd.

. All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Web Categories Web Filter  Categories © Copyright 2010 Elitecore Technologies Ltd.

video and streaming content) • Application Filter Policy controls user’s application access. It specifies which user has access to which applications and allows defining powerful security policies based on almost limitless policy parameters like: Individual users. Content type. . Groups of users. Location/Port/Protocol type. © Copyright 2010 Elitecore Technologies Ltd. Groups of users. You can add an IM contact or IM contact group for configuring rules. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Content Filter Policies • Web Filter Policy controls user’s web access. The traffic coming from the web in form of files and chat is filtered by various rules and content filtering strategies. Time of day • IM (Instant Messaging) allows to configure and manage restrictions on instant messaging services provided by the Yahoo and MSN messengers. Time of day. It specifies which user has access to which sites and allows defining powerful security policies based on almost limitless policy parameters like: Individual users.Cyberoam Cyberoam . Bandwidth usage (for audio.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Default Web Filter Policies Default Application Policies © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam . All Rights Reserved.

All Rights Reserved.Cyberoam Cyberoam . Adult Content and Nudity categories is denied in Internet Access policy. • Details: If enabled. web sites containing pornography and explicit sexual content are blocked from the Google and Yahoo search results. Web Filter  Settings © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Safe Search Capability • Benefit: Complete control on what turns up in Google and Yahoo search result. This will be applicable only when access to Porn. . Capability to filter Adult Content related search.

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Filtering Adult Content in case Safe Search is enabled © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IM Policy • This policy allows administrator to enforce restrictions on instant messaging services provided by Yahoo and MSN messengers. group of users. • This policy can be applied to a user. 3. All Rights Reserved. . IM contacts.Cyberoam Cyberoam . IM contacts IM rules Content Filter © Copyright 2010 Elitecore Technologies Ltd. • Three configuration options available: 1. • Possible to log & filter IM chat messages & files transferred. 2. IM group contacts in any combinations.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IM Contacts IM  IM Contacts  Add • • IM Contact is used to register various Yahoo and MSN messaging application users. Along with the contacts. . A Contact can be created for a user having access any of the two IM applications. All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . IM Contact Groups can also be created.

Cyberoam Cyberoam . .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IM Rules (Login) IM  IM Rules  Login • Login page allows you to configure and manage login rules for IM Contact. © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. IM Contact Group. User and User Group.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IM Rules (Conversation) IM  IM Rules Conversation • • Conversation page allows to configure and manage conversation rules between any of the two identities: IM Contact. The IM conversation between these two contacts can be monitored and logged. All Rights Reserved. IM Contact Group. This rule allows all the conversations but logs the content of the conversation. User and User Group. .Cyberoam Cyberoam . Cyberoam provides a default conversation rule that can be applied. © Copyright 2010 Elitecore Technologies Ltd.

an access restriction message is displayed in the conversation window.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IM Rules (File Transfer) IM  IM Rules  File Transfer • • File Transfer page allows to configure and manage file transfer rules between any of the two identities. All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd. If file transfer access between contacts is restricted and contact tries to transfer a file. The files transfers between these two identities is monitored and logged.Cyberoam Cyberoam . .

If video conversation access between contacts is restricted and the contact tries to use the webcam. . © Copyright 2010 Elitecore Technologies Ltd. an access restriction message is displayed in the conversation window.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IM Rules (Webcam) IM  IM Rules  Webcam • • Webcam page allows to configure and manage webcam rules between any of the two identities.Cyberoam Cyberoam . All Rights Reserved.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IM Content Filter IM  Content Filter • • Content Filtering feature in Cyberoam is applied to Instant Messaging applications wherein content can be removed from the conversation if encountered. if encountered in any of the chat conversation.Cyberoam Cyberoam . . Content Filter page allows you specify list of keywords and regular expressions to be blocked. All Rights Reserved. These configured keywords are removed and an error message is displayed for the same. © Copyright 2010 Elitecore Technologies Ltd.

. © Copyright 2010 Elitecore Technologies Ltd. one needs to enable IM Scanning on the Firewall rule.Cyberoam Cyberoam . All Rights Reserved. Rules and Content Filter are configured.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IM Scanning on Firewall rules • After the IM Contacts. so that all the messaging applications’ traffic is scanned.

All Rights Reserved. .Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Gateway Anti-Virus / Anti-Spam Agenda: • Gateway Anti-Virus Features • Basics of Virus / Spyware / Malware / Phishing • Mail Anti-Virus Configuration • FTP Anti-Virus Configuration • Web Anti-Virus Configuration • Gateway Anti-Spam Features • Basics of Spam • Basics of Anti-Spam Technologies • Cyberoam RPD Technology • Anti-Spam Policies • Anti-Spam Rules • Upgrade • Reports © Copyright 2010 Elitecore Technologies Ltd.

All Rights Reserved.Cyberoam Cyberoam . Pop3. .bat.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Gateway Anti-Virus Features  Scans WEB.wav etc) © Copyright 2010 Elitecore Technologies Ltd. SMTP. FTP. IMAP & HTTPS traffic(Bidirectional:Upload & Download)  Self-service quarantine area  Signature update ever 30 Mins  Identity-based HTTP virus reports  Disclaimer Addition to outbound emails  Spyware and other malware protection including “Phishing” emails  Block attachment based on Extensions (exe. . .

All Rights Reserved. .Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Anti Virus General Configuration Anti Virus  Mail  Configuration © Copyright 2010 Elitecore Technologies Ltd.

•Cyberoam allows you to define multiple policies instead of single blanket policy.Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) SMTP Scan Policy •Default SMTP policy is applicable for all SMTP traffic defined in the Scan Rules. © Copyright 2010 Elitecore Technologies Ltd. .

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Default SMTP scanning rule Anti Virus  Mail  SMTP Scanning Rules The default rules scans emails from any sender / recipient. Apply scanning in the appropriate firewall rule to scan incoming & outgoing emails. All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .

All Rights Reserved. .Cyberoam Cyberoam .com © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Custom SMTP rules Anti Virus  Mail  Address Groups  Add Use address group to create custom rules The above custom rule will block all executable attachments for the recipient sales.manager@abc.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) POP3 Scan Policy • Strips the virus infected attachment from the message • The message body is replaced with a notification message • Provides an option to delete the mail from the server © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . All Rights Reserved. .

. All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IMAP Scan Policy • Strips the virus infected attachment from the message • The message body is replaced with a notification message © Copyright 2010 Elitecore Technologies Ltd.

All Rights Reserved. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) FTP Scan Policy File Size Threshold • Files that exceed configured threshold will not be scanned © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) How does Cyberoam HTTP AV work? Blocks all virus infected files being downloaded Cyberoam Virus Definition includes .Viruses .Trojans & Spyware .Blocks spyware not only from spyware sites but also from innocent sites .Worms . . All Rights Reserved.Cyberoam Cyberoam .Malware being stopped at gateway level © Copyright 2010 Elitecore Technologies Ltd.Hacker Utilities .Malware How does it help? .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) HTTP Antivirus Configuration Anti Virus  HTTP  Configuration Anti Virus  HTTP/S  HTTP Scanning Rules Anti Virus  HTTP/S  HTTPS Scanning Rules © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . All Rights Reserved. .

Cyberoam Cyberoam . .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) HTTP Antivirus Configuration Anti Virus  Quarantine © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam Cyberoam . . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Gateway Anti-Spam © Copyright 2010 Elitecore Technologies Ltd.

All Rights Reserved.Cyberoam Cyberoam . © Copyright 2010 Elitecore Technologies Ltd. POP3.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Gateway Anti Spam Features  IP Reputation Filtering to block 85% of incoming messages at entry-point even before these messages enter the network.  Spam filtering with (RPD) Recurrent Pattern Detection technology  Virus Outbreak Detection (VOD) for zero hour protection  Self-Service quarantine area  User based Spam Digest  Change recipients of emails  Scans SMTP. . IMAP traffic  Content-agnostic  5GB of disk space is reserved for both Antispam and Anti virus Quarantine.

.Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam RPD (Recurrent Pattern Detection) Technology  Protects against Image-based Spam and spam in different languages  The spam catch rate of over 98%  1 in Million false positives in spam  Local cache is effective for >70% of all spam resolution cases © Copyright 2010 Elitecore Technologies Ltd.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Spam Detection Process © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.Cyberoam Cyberoam .

All Rights Reserved.Cyberoam Cyberoam . reducing the incoming spam messages at the entry-point. © Copyright 2010 Elitecore Technologies Ltd. It fights the unwanted mail at the perimeter. before these messages enter the network resulting into reduced system resources and bandwidth usage.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IP Reputation • • It dynamically classifies and reclassifies the reputation of each source IP and maintains a database of addresses used spammers and legitimate mailers. .

The new key enables both RPD & IP Reputation filtering. • If enabled. all the mails will be first subjected to IP reputation filtering followed by filtering based on actions configured in spam policy.Cyberoam Cyberoam . • If above mentioned option is not visible in the Web Admin console . Cyberoam dynamically checks the sender IP address and rejects the SMTP connection if IP address is found to be responsible for sending spam mails. © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Enabling IP Reputation • Feature available as “Verify Sender’s IP reputation” (Anti Spam  Configuration) in the Web Admin Console. . if spam scanning is enabled. All Rights Reserved. one is required to purchase a new license of Gateway Anti Spam module and re-subscribe the module with the key. • As it is a global option.

. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Enabling IP Reputation Anti Spam  Configuration © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Global Spam Digest Settings Anti Spam  Quarantine  Spam Digest Settings Set the email frequency & from email address. All Rights Reserved.Cyberoam Cyberoam . © Copyright 2010 Elitecore Technologies Ltd.

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Enable User based Spam Digest Enable Spam Digest settings on user or group level. All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd. .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) User Quarantine Area © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . All Rights Reserved. .

All Rights Reserved. .Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) User My Account Quarantine Mails Virus © Copyright 2010 Elitecore Technologies Ltd.

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) User My Account Quarantine Mails Spam © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam .

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Spam Digest Settings © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam .

. All Rights Reserved.Cyberoam Cyberoam . © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Few On-appliance Mail Reports Mail Usage Report: Top Mail Senders iView the open source reporting software powered by Cyberoam is integrated as the Cyberoam’s on-appliance reporting tool starting with Version X.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Few On appliance Mail Reports Spam Report: Top Applications used for Spam © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . . All Rights Reserved.

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) On appliance Mail Reports Anti Virus Report: Top Viruses © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. .

. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Intrusion Prevention System (IPS) Agenda: • IPS Basics • Cyberoam IPS Features • IPS Signatures • IPS Policies •Reports © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .

© Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Introduction to IPS IPS acts as the Second layer of defense. . It scans the traffic that has been allowed by the firewall for threats. All Rights Reserved.Cyberoam Cyberoam .

SMTP.Cyberoam Cyberoam . With Drop mode the IPS engine can be configured to act as a IDS (Intrusion detection system). • Possible modes (action) for each IPS Signature: Drop OR Detect. • One can create custom IPS signatures • Possible to create multiple IPS policies. Hence reducing the load on Cyberoam. © Copyright 2010 Elitecore Technologies Ltd. • Signatures in the database are organized in categories such as DNS.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam IPS Features • Cyberoam has more than 4500 signatures in its database. etc. All Rights Reserved. DDOS. . • One can customize the IPS policy by enabling/disabling individual signatures or categories. Finger.

Seen above are the signature categories. © Copyright 2010 Elitecore Technologies Ltd. . LANtoWAN strict.Cyberoam Cyberoam . LANtoWAN general & DMZ policy. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Default IPS Policy IPS  Policy IPS  Policy  General Policy Cyberoam offers four pre-defined policies to choose from. General Policy.

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IPS Reports Reports  Attacks (IPS) © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.

Cyberoam Cyberoam . . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Virtual Private Network (VPN) Agenda: • • • • Cyberoam VPN Features Cyberoam VPN Technology Comparison Cyberoam SSL VPN Labs © Copyright 2010 Elitecore Technologies Ltd.

Cyberoam Cyberoam . Cyberoam VPN Client is required and it’s a licensed product. SSL-VPN High L2TP High This can be deployed in Remote Access scenario only. PPTP Moderate This can be deployed in Remote Access scenario only. . Cyberoam is compatible with all major VPN Gateways those supports standard IPSec architecture. All Rights Reserved. In case of Remote Access. No third party VPN client required as Windows 2000 onward all OS have inbuilt L2TP VPN Client.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam VPN Technology Comparison Matrix • The following table compares all VPN Technologies supported by Cyberoam and will help to make decision which VPN Technology to be used VPN Technology Security level Deployment Requirement IPSec High This can be deployed in Remote Access and Site-to-Site scenario. In case of Site-to-Site. No third party VPN client required as all windows OS have inbuilt PPTP VPN Client. This can be deployed in Remote Access or can be used as a web based portal without installing any SSL-VPN client SSL-VPN client is free of cost. © Copyright 2010 Elitecore Technologies Ltd.

Site to Site  Hub & Spoke  Branch Office Internet Traffic Tunneling over VPN  Inter Branch Office Communication  VPN Failover  Main Mode / Aggressive Mode  Identity based VPN control using xAuth  Local digital certification authority (CA) and support external CA Cyberoam supports MS-CHAPV2/Encryption over both L2TP as well as PPTP connection.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam VPN Features  Cyberoam supports SSL-VPN. IPSec. © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . All Rights Reserved. . L2TP & PPTP  Threat Free Tunneling (TFT)  VPN Firewall Management  VPN Bandwidth Management  VPN Protection – Antivirus / Antispam / IPS / Web & Application Filtering / DoS  VPN Topologies:  Remote Access.

. © Copyright 2010 Elitecore Technologies Ltd. L2TP and PPTP) VPN technologies support this deployment.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Basic VPN Deployments Remote Access • It is a user-to-internal network connection via a public or shared network. • All (IPSec.Cyberoam Cyberoam . All Rights Reserved. • Connection is made by field agents using remote computers and laptops without static IP address.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Basic VPN Deployments Site-to-Site (Intranet/Extranet) • Used to extend a company’s existing network to other buildings & sites so that these remote employees can utilize the same network services. All Rights Reserved. • Only IPSec VPN technology supports this deployment. . • Used to establish secure network connection between two or more companies in order to share a computing environment.Cyberoam Cyberoam . © Copyright 2010 Elitecore Technologies Ltd.

Cyberoam Cyberoam .Services and Users.e.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) TFT. • Content Filtering • Bandwidth Management © Copyright 2010 Elitecore Technologies Ltd. apply IPS policy • VPN access can be configured and restricted to Networks.Threat Free Tunneling • IPSec / L2TP / PPTP VPN traffic can be controlled through firewall • Virus and spam scanning • Intrusion check i. . All Rights Reserved. IP address .

. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Default VPN Zone Network  Interface  Zone Being a zone based firewall. © Copyright 2010 Elitecore Technologies Ltd. Cyberoam creates the VPN zone which is used while creating firewall rules to control VPN traffic.Cyberoam Cyberoam .

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Default VPN Zone Creation of firewall rules using the VPN zone. .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) VPN Configuration & TFT © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . All Rights Reserved. .

All Rights Reserved. .Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IPSec (Remote Access) VPN  IPSec Connection © Copyright 2010 Elitecore Technologies Ltd.

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) IPSec (Site-to-Site) VPN  IPSec  Connection © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.

All Rights Reserved. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) L2TP VPN  L2TP Configuration © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .

. All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) L2TP VPN  L2TP  Connection © Copyright 2010 Elitecore Technologies Ltd.

. All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) PPTP VPN  PPTP © Copyright 2010 Elitecore Technologies Ltd.

Cyberoam Cyberoam . .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Default VPN firewall rules © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

• Any device that has browser can access SSL VPN. All Rights Reserved.Cyberoam Cyberoam . . • It requires a combination of SSL certificates and a username/password for authentication to enable access to the internal resources. • It provides the ability to create point-to-point encrypted tunnels between remote employees and your company’s internal network. • Easier to use and control to allow access to the Corporate network from anywhere. it operates in two modes: Full Access and Web Access mode.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) On-Appliance SSL VPN • Cyberoam VPN includes SSL VPN functionality within the appliance to provide secure access for the remote users. • User’s access to private network is controlled through his SSL VPN policy while Internet access is controlled through his Internet Access policy. © Copyright 2010 Elitecore Technologies Ltd. • To restrict the access to the Corporate network. anytime.

LDAP. Cyberoam  Multi-layered Client Authentication . . © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam . 500i. 1000i and 1500i.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam SSL-VPN Features  Client and Location independent access  Authentication . 300i. RADIUS. Dead Peer Detection.Clientless access  SSL VPN Tunneling Client .100i.Certificate.Granular access control to all the Enterprise Network resources  Administrative controls: Session timeout. 200i.AD.Split and Full tunneling  End user Web Portal . 50i. Username/Password  User & Group policy enforcement  Network access .  Portal customization • The SSL VPN feature would not be a chargeable module and would be enabled by default in all appliances 25i.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam . .

SSL clients will be leased IP address from the configured pool. .Cyberoam Cyberoam . SSL certificate from the dropdown list to be used for authentication. Specify the range of IP addresses reserved for the SSL Clients. All Rights Reserved. Selected network protocol will be the default protocol for all the SSL VPN clients. If you do not have certificate © Copyright 2010 Elitecore Technologies Ltd. Connection over UDP provides better performance.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Global Setting page allows you to configure certain parameters globally for both the type of Access Select protocol TCP or UDP from the dropdown list.

Cyberoam Cyberoam . internet through HO » Allows access to only defined internal network resources » Full access to WAN © Copyright 2010 Elitecore Technologies Ltd. Application Access & Full Access Mode – Web Access mode & Application Access mode ( Web based or clientless ) • Does not require any client to be installed • Can be accessed using browser • Limited to use on web resources only – Full Access mode ( Client mode ) • Require client to be installed • Works in two modes – Split Tunnel » Allows access to only defined network resources in the policy – Full Tunnel » Routes all traffic to Cyberoam. . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) SSL-VPN Modes Web Access.

All Rights Reserved. is used to publish web resources (http & https) and can be made available using the end-user portal. .Cyberoam Cyberoam . which is of type http or https. • These resources will be available in “Web Access” mode only and is to be configured in SSLVPN Policy. © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Web Access Mode SSL VPN  Bookmarks • Any Bookmark.

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Bookmarks for Application Access Mode SSL VPN  Bookmarks © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) SSL-VPN Policy Creation Select the access mode by clicking on appropriate mode Select Tunnel type Accessible Resources Web based Bookmarks Application based Bookmarks © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam . .

Cyberoam Cyberoam . If Cyberoam is integrated with external authentication server. All Rights Reserved. the user needs to enter the credentials accordingly.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) SSL-VPN Portal SSL-VPN users authenticate on the portal with their username/password. © Copyright 2010 Elitecore Technologies Ltd. .

All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) SSL-VPN Portal (Welcome Page) Once logged into the portal the users get access to the bookmarks & the link to download the configuration file required for tunnel mode access.Cyberoam Cyberoam .

• Lab 26# Create Global policy for SSL VPN using self signed certificates for client and sever. • Lab 28# Create an SSL VPN tunnel with Full access in split tunnel mode applying it to Manager User giving access to the internal network. © Copyright 2010 Elitecore Technologies Ltd. . • Lab 27#Create an SSL VPN tunnel with Web access applying it to user with access only to Intranet.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) • Lab #22 IPSec Remote Access Configuration using Pre-Shared Key • Lab #23 IPSec Net to Net Configuration using Pre-Shared Key • Lab24# Create L2TP Tunnel allowing the tunnel users to access only web services of Intranet in LAN enabling the DMZ IPS policy. • Lab#25 Create PPTP Tunnel allowing the tunnel users to access only web services of Internal network in LAN enabling the DMZ IPS policy. All Rights Reserved.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Multilink Manager Agenda: • Cyberoam Multilink – An Introduction • Gateway Management • Active-Active load balancing and Gateway failover • Active-Passive Gateway Failover failover © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . . All Rights Reserved.

All Rights Reserved. multiple WAN links may be required to be deployed.Cyberoam Cyberoam . • Active-Passive Gateway Failover Provides the link failure protection • Automatic ISP Failover Detection It detects link failure and passes the traffic to operating link. • Organizations may want to take advantage of multiple links to increase performance by maintaining high uptime. optimizes utilization and thereby assist in cutting operating cost.An Introduction Introduction: • In a typical organization scenario. Benefits: • Active-Active load balancing and gateway failover It balances traffic between various links. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Multi-Link. • Bandwidth Scalability Facilitates increased bandwidth scalability © Copyright 2010 Elitecore Technologies Ltd. • High Uptime Improves performance because of high uptime.

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Multilink Configuration © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.

. Weight Cyberoam does load balance only on new connection Weight can be selected based on: • Weight can be decided on Link Capacity • Weight can be decided on Link Cost By Default all the Gateways are having weight as “1”.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Multi-Link.Cyberoam Cyberoam . so Cyberoam will do the Load balancing in 1:1 across all Gateways’. © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.e.How it works Cyberoam does load balance using Weighted Round Robin (WRR) Load balancing is determined by the load metric i.

Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Gateway Management What needs to be done if Multiple ISP links are available? •Active-Active load balancing and gateway failover •Active-Passive gateway failover © Copyright 2010 Elitecore Technologies Ltd. .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Active-Active load balancing and gateway failover © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam . .

All Rights Reserved. .Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Active-Active gateway load balancing Weight: 3 Weight: 1 © Copyright 2010 Elitecore Technologies Ltd.

. One needs to change the weights of the gateway manually as shown above.Configure Weights Network  Gateway  Click on the gateway name By default Cyberoam assigns the weight as 1 to all the gateways configured using the initial network configuration wizard. All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Setup Gateway.Cyberoam Cyberoam .

Cyberoam will select gateway for load balancing. •This weight determines how much traffic will pass through a particular link relative to the other link.Cyberoam Cyberoam . •Cyberoam distributes traffic across links in proportion to the ratio of weights assigned to individual link. . All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Active-Active gateway Failover •Depending on the weight.

.Cyberoam Cyberoam .Failover Rules Network➞ Gateway • Select Gateway and edit failover rule • Specify Communication protocol i. UDP. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Setup Gateway.e. ICMP(Ping) • Specify Port number for communication • Specify Host © Copyright 2010 Elitecore Technologies Ltd. TCP.

All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Gateways configured as Active © Copyright 2010 Elitecore Technologies Ltd. .

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Enable load balancing in Firewall Rule © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. .

All Rights Reserved. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Active-Passive Gateway Failover © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .

2.Backup links for specific routes. All Rights Reserved.Cyberoam Cyberoam . 3.Configure multiple backup links. Benefit: Provides the link failure protection © Copyright 2010 Elitecore Technologies Ltd. .Configure a redundant link on Cyberoam.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Active-Passive Gateway Failover The Feature: 1.

based on the failover condition. © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Active-Passive Gateway Failover • Gateways with zero weight is the passive gateway • Administrator will have to define the failover condition for the passive gateway • Cyberoam periodically checks the health of the active gateway • If the gateway does not respond.Cyberoam Cyberoam . . All Rights Reserved. traffic will be routed automatically through the passive gateway.

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Backup gateway with failover condition Network  Gateway  Click on the gateway name A backup gateway is the one that can be used in an active/passive setup.Cyberoam Cyberoam . All Rights Reserved. The traffic is routed through Backup gateway only when Active gateway is down © Copyright 2010 Elitecore Technologies Ltd.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Automatic Failover Backup gateway will take over and traffic will be routed through backup gateway when any of the active gateway fails Backup gateway will take over and traffic will be routed through backup gateway when all the configured active gateways fail Configure when the Backup gateway should take over the active gateway. All Rights Reserved. . Backup gateway will take over and traffic will be routed through back up gateway if ISP1 gateway fails © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .

specify weight.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Manual Gateway Failover If you want Backup gateway to inherit the parent gateway’s (Active gateway) weight Administrator has to manually change the gateway if the active gateway fails. © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. .

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Enable Active-Passive gateway configuration through firewall rule Create a firewall rule for top management Route the traffic through one gateway Configure the another available gateway as Backup © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam .

All Rights Reserved. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Routing Agenda: • Basics of Routing • Cyberoam Routing Features • Static Routing • Policy Based Routing • Source Based Routing • Dynamic Routing • Multicast Routing © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Basics of Routing • What is routing? • Routing Algorithm • Static versus dynamic • Single-path versus multi-path • Link state versus distance vector © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam .

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Routing Features Cisco Compliance CLI Interface: Cyberoam provide Cisco compliance CLI interface for routing configuration. Routing Support: • Static Routing • Policy Based Routing • Dynamic Routing: • RIPv1.Cyberoam Cyberoam . . RIPv2 • OSPF • BGP • Multicast Routing © Copyright 2010 Elitecore Technologies Ltd.

1. .1 (Port B).1.Cyberoam Cyberoam . © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. This traffic will be dropped in case the interface is down.2 will always be routed via 1.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Static Routing Network  Static Route  Unicast The above example defines a static route where all requests destined for 4.2.2.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Policy Based Routing
Static routing method satisfies most of the requirements, but is limited to forwarding
based on destination address only.

Policy based routing is extended static routes which provide more flexible traffic
handling capabilities. It allows for matching based upon source address,
service/application, and gateway weight for load balancing. Hence, it offers granular
control for forwarding packets based upon a number of user defined variables like:
• Destination
• Source
• Application
• Combination of all of the above

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Policy Based Routing

With the above firewall rule all HTTP traffic from LAN-WAN will be load balanced.
© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Policy Based Routing

With the above firewall rule all SMTP traffic from LAN-WAN will always be routed via ISP1. This traffic will
be routed via ISP2 (backup) while ISP1 is down.
© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Source Based Routing
Network  Static Route  Source Route
Source Network routing allows Administrators to direct traffic generated from particular Network
over designated links according to the business policies. When you define Source based
routing for a particular subnet, all the traffic coming from that subnet will be forwarded to the
defined Interface.

All the traffic from network 192.168.1.0/24 will always be routed via ISP1 gateway
© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

Cyberoam

Cyberoam - Certified
Unified Threat
Management
Cyberoam
Network
& Security Professional (CCNSP)

Dynamic Routing - RIP
Routing Information Protocol (RIP) is a distance-vector routing protocol documented in RFC
1058. RIP uses broadcast User Datagram Protocol (UDP) data packets to exchange routing
information.

The Cyberoam implementation of RIP supports:
• RIP version 1 (as described in RFC 1058)
• RIP version 2 (as described in RFC 2453) and Plain text and Message Digest 5 (MD5)
authentication for RIP Version 2

© Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

OSPF can serve much more networks and period of convergence is very short. OSPF is widely used in large networks such as ISP backbone and enterprise networks. All Rights Reserved. The Cyberoam implementation of OSPF supports OSPF version 2 (as described in RFC 2328) and plain text and Message Digest 5 (MD5) authentication © Copyright 2010 Elitecore Technologies Ltd.OSPF OSPF (Open Shortest Path First) is one of IGPs (Interior Gateway Protocols).Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Dynamic Routing .Cyberoam Cyberoam . Compared with RIP. .

© Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . All Rights Reserved. Route Reflection (RFC 2796). Communities Attribute (RFC 1997). . The Cyberoam implementation of BGP supports Version 4 (RFC 1771). LAN to LOCAL or WAN to LOCAL. a firewall rule is to be configured for the zone for which the BGP traffic is to be allowed i.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Dynamic Routing .BGP BGP (Border Gateway Protocol) is a path vector protocol that is used to carry routing between routers that are in the different administrative domains (Autonomous Systems) e.e.g. BGP is typically used by ISPs to exchange routing information between different ISP networks. Multi-protocol extensions (RFC 2858) and Capabilities Advertisement (RFC 2842) Additionally.

cyberoam.Cyberoam Cyberoam . .asp?id=1000&SID=&Lang=1 OSPF: http://kb. Please refer the document on Cyberoam knowledgebase sites for configuration: RIP: http://kb.asp?id=1001&SID=&Lang=1 © Copyright 2010 Elitecore Technologies Ltd.com/default.com/default.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Dynamic Routing .cyberoam. OSPF & BGP is beyond the scope of CCNSP and is a part of CCNSE curriculum.asp?id=999&SID=&Lang=1 BGP: http://kb. All Rights Reserved.cyberoam.Configuration Configuration of RIP.com/default.

Multicast routing configuration is beyond the scope of CCNSP and is a part of CCNSE curriculum. In Bridge mode.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Multicast Routing Cyberoam supports multicast traffic forwarding in both Gateway / Bridge Mode. All Rights Reserved. only multicast forwarding needs to be enabled.asp?id=1021&SID=&Lang=1 © Copyright 2010 Elitecore Technologies Ltd. Refer knowledge base article for multicast routing configuration: http://kb.Cyberoam Cyberoam . .com/default. Multicast forwarding is controlled by specifying static routes for multicast traffic. In Gateway mode. multicast forwarding needs to be enabled and then static routing needs to be configured. Multicast forwarding can be enabled and the mroutes can be added from both the GUI and console.cyberoam.

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) General Administration Agenda: • Logging Management • Report Management • DNS Management • DHCP Configurations • Cyberoam Upgrade • Backup – Restore • Diagnostic Tools • Troubleshooting Tools • Debugging Tools © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam . .

.Cyberoam Cyberoam .Web admin console port settings System  Administration  Settings © Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) General Administration. All Rights Reserved.

An administrator can have various levels of privileges and thus Cyberoam provides the facility of creating profiles.Cyberoam Cyberoam . . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Role Based Administration System  Administration  Profile • • • Use Profile tab to create profiles for various administrator users. All the profiles have a different level of access to Cyberoam Web Admin Console and CLI. Default Admin Profiles: © Copyright 2010 Elitecore Technologies Ltd.

.Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Role Based Administration System  Administration  Profile  Add To create a new administration profile. © Copyright 2010 Elitecore Technologies Ltd.

Here. As per the above new user configuration. © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Role Based Administration Attach a profile to a user.Cyberoam Cyberoam . profile option is only activated if we set the user type as Administrator. we have selected the user type as Administrator and we have selected the profile as we created in previous slide.

Cyberoam Cyberoam . system and network protection functions by sending the logs to a remote Syslog Server.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Logging Management Logs & Reports  Configuration  Syslog Servers  Add • Cyberoam provides extensive logging capabilities for traffic. • The Cyberoam Syslog support requires an external server running a Syslog daemon on any of the UDP Port. • Detailed log information and reports provide historical as well as current analysis of network activity to help identify security issues and reduce network misuse and abuse. All Rights Reserved. . • Cyberoam supports upto 5 Syslog servers. © Copyright 2010 Elitecore Technologies Ltd.

Administrator can choose between on-appliance (local) logging. • To record logs you must enable the respective log and specify logging location. Syslog logging or disabling logging temporarily. • If multiple servers are configured various logs can be send on different servers. © Copyright 2010 Elitecore Technologies Ltd. configure logs to be send to the Syslog sever. .Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Logging Management Logs & Reports  Configuration  Log Settings • Once you add the Syslog server. All Rights Reserved.

Anti-virus & Anti-spam report. • The Cyberoam comes pre loaded with iView – Intelligent Logging & Reporting • The reports are available in various formats like: • • Tabular. Web Trend reports for analysis and Compliance reports and Appliance Audit reports for Organization Auditing. Graphical. Data Transfer reports. . All Rights Reserved. Comprehensive on-appliance user-based reporting for all the UTM features including: • Web surfing reports.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Report Management • One of the best features of Cyberoam is the on-appliance User-based reporting. Cyberoam reports are generated and stored on local hard drive of the appliance. UTM Device Software / Device © Copyright 2010 Elitecore Technologies Ltd. Printer Friendly and CSV. Intrusion Detection and Prevention reports along with VPN reports.

All Rights Reserved. . © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Report Management Logs & Reports  View Reports The administrator can also configure to receive pre-defined reports via email on a daily or a weekly basis.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Sample Reports: User Wise Reports © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.Cyberoam Cyberoam .

Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Sample Reports: Blocked Attempts Report © Copyright 2010 Elitecore Technologies Ltd. .

All Rights Reserved. .Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Sample Reports: Application Group Report © Copyright 2010 Elitecore Technologies Ltd.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Sample Reports: Top Web Users Report © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.Cyberoam Cyberoam .

© Copyright 2010 Elitecore Technologies Ltd. You can also add additional IP addresses of the DNS servers to which Cyberoam can connect for name resolution from GUI. All Rights Reserved. • DNS server is configured at the time of installation. .Cyberoam Cyberoam . it translates domain names to IP addresses and vice versa.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) DNS Management Network  DNS • The Domain Name System (DNS) is a system that provides a method for identifying hosts on the Internet using alphanumeric names called fully qualified domain names (FQDNs) instead of using difficult to remember numeric IP addresses. In other words.

.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) DHCP Configurations Network  DHCP • DHCP can only be configured in Gateway mode. view the list of interfaces configured to serve as a DHCP relay agent. • Cyberoam can act as a DHCP server with IP Reservation feature. and delete agent. All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd. • Cyberoam acts as a DHCP server and assigns a unique IP address to a host. • Cyberoam can act as a Relay Agent also. • It allows to configure Cyberoam’s Internal Interface as a DHCP relay agent. releases the address as host leaves and re-joins the network. • • Host can have different IP address every time it connects to the network.

© Copyright 2010 Elitecore Technologies Ltd.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) DHCP Server Configuration Network  DHCP  Server (Dynamic) DHCP Configuration for dynamic lease.Cyberoam Cyberoam . . All Rights Reserved.

All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) DHCP Server Configuration Network  DHCP  Server (Static) © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam .

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) DHCP Relay Configuration Network  DHCP Relay • The DHCP Relay Agent allows to place DHCP clients and DHCP servers on different networks. © Copyright 2010 Elitecore Technologies Ltd. . or which is not located on the local subnet. • The DHCP Relay Agent enables DHCP clients to obtain IP addresses from a DHCP server on a remote subnet. All Rights Reserved.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Static ARP Network  ARP • ARP traffic is enabled on Cyberoam interfaces by default • Static ARP entry allows to bind the MAC address to the designated IP address. Specify IP address of the host outside the firewall Specify MAC address of the host Click checkbox to add the MAC/IP pair in the trusted list © Copyright 2010 Elitecore Technologies Ltd. and will not allow additional static mappings of that MAC address. • It will also remove any dynamically cached references to that MAC address that might be present.Cyberoam Cyberoam . All Rights Reserved. .

.Cyberoam Cyberoam . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Manage ARP Network  ARP © Copyright 2010 Elitecore Technologies Ltd.

. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) NTP configuration for time synchronization System  Configuration Time © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .

All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) NTP configuration for time synchronization (Wizard) © Copyright 2010 Elitecore Technologies Ltd. .

• Restoring data older than the current data will lead to the loss of current data. • The restore facility is version dependent. it will work only if the backup and restore versions are the same. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Backup-Restore Management System  Maintenance  Backup & Restore • Once the backup is taken. • Upload the backup file: System  Maintenance  Backup & Restore • After upload. © Copyright 2010 Elitecore Technologies Ltd. Also. if HA is configured. you need to disable HA before restoring the backup.Cyberoam Cyberoam . log on to Console based Administration (using TELNET) Go to Option 5 – Cyberoam Management > Option 6 – Restore Backup and follow screen steps to restore data. you need to upload the file for restoring the backup. .

• Analytical Tool is like a periodic health check up that helps to identify the impending System related problems. Administrator can judge whether the respective System component is working fine (OK Status). © Copyright 2010 Elitecore Technologies Ltd. . Based on the status. appropriate actions can be taken to solve the problems and keep the System running smoothly and efficiently.Cyberoam Cyberoam . All Rights Reserved. After identifying the problem.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Diagnostic Tools • Analytical Tool checks the health of the System in a single shot. It is used for troubleshooting and diagnosing problems found in the System. is facing a minor problem (Warning Status) or is having a major problem (Critical Status). • Analytical Tool shows the status of System.

.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Diagnostic Tools: Services Status System  Maintenance  Services © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Diagnostic Tools: System health graphs System  System Graphs © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam . All Rights Reserved.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Troubleshooting: Log Viewer Logs & Reports  Log Viewer Event Viewer page allows to view the live logs for event modules like: •IPS •Web Filter •Anti Spam •Anti Virus •Firewall •IM This page gives concentrated information about all the events that occurred under respective modules. .Cyberoam Cyberoam . © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.

. All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Log Viewer Logs & Reports  Log Viewer  Web Filter © Copyright 2010 Elitecore Technologies Ltd.

All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Log Viewer Logs & Reports  Log Viewer  IM © Copyright 2010 Elitecore Technologies Ltd. .

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Log Viewer Logs & Reports  Log Viewer  Anti Virus © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.

. user. firewall. IPS along with information like firewall rule number. Web and Application Filter policy number etc.Cyberoam Cyberoam . All Rights Reserved. © Copyright 2010 Elitecore Technologies Ltd.g. • This will help Cyberoam administrators to troubleshoot errant firewall rule. It will provide connection details and details on which module is dropping packets e.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Packet Capture System  Packet Capture •Packet capture displays dropped packets details on the specified interface.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Support Resources Agenda: • On Appliance Help • Online Resources • Customer My Account • Partner Portal • Support Contact © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved.Cyberoam Cyberoam . .

Cyberoam Cyberoam . . All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) On Appliance Help © Copyright 2010 Elitecore Technologies Ltd.

.com) © Copyright 2010 Elitecore Technologies Ltd.cyberoam.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Knowledge Base (http://kb. All Rights Reserved.Cyberoam Cyberoam .

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Knowledge Base (http://docs.com) © Copyright 2010 Elitecore Technologies Ltd. .Cyberoam Cyberoam . All Rights Reserved.cyberoam.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Cyberoam Security Center (http://csc. All Rights Reserved. .com) © Copyright 2010 Elitecore Technologies Ltd.Cyberoam Cyberoam .cyberoam.

Cyberoam Cyberoam . .cyberoam. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Customer My Account (http://customer.com) © Copyright 2010 Elitecore Technologies Ltd.

Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Customer My Account (http://customer.com) © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. .cyberoam.

Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Partner Portal (http://partner.Cyberoam Cyberoam .com) © Copyright 2010 Elitecore Technologies Ltd.cyberoam. . All Rights Reserved.

Cyberoam Cyberoam . 3. Technical Trainings Product Updates (New Releases) Comparison Discussions Presales Case Discussions • Exclusive assistance in Tendering & Compliances • Exclusive assistance during critical / important deployments © Copyright 2010 Elitecore Technologies Ltd. All Rights Reserved. 2. 4.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Presales Offerings Presales Program includes: • Product Awareness Programs 1. .

cyberoam.com/presalessupport © Copyright 2010 Elitecore Technologies Ltd. .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Presales Contact Details Email Support: Chat support: http://www. All Rights Reserved.Cyberoam Cyberoam .

com • Telephonic Support © Copyright 2010 Elitecore Technologies Ltd. .cyberoam.com • Chat Support: http://www.com/contactsupport.com • Partners: http://partner.html • Email Support: support@cyberoam. All Rights Reserved.Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Postsales Contact Details For any technical assistance.Cyberoam Cyberoam .cyberoam.cyberoam. contact us through: • Web Support: • Customers: http://customer.

com © Copyright 2010 Elitecore Technologies Ltd. . All Rights Reserved.Cyberoam Cyberoam .Certified Unified Threat Management Cyberoam Network & Security Professional (CCNSP) Thank You training@cyberoam.