Cyberoam - Identity-based unified threat management appliances.Cyberoam CR1000ia UTM Appliance

Powerful Unified Threat Management Appliances for Large Enterprises

(Image coming soon)

Cyberoam Product
Cyberoam CR1000ia UTM Appliance
Cyberoam CR1000ia Appliance #01-CRI-1000IA-01
Our Price: Call for Price!		 Get a quote request!

Click here to jump to more pricing!

Cyberoam CR1000ia UTM Appliance Overview:

Cyberoam Unified Threat Management appliances offer assured security, connectivity and productivity to large enterprises by allowing user identity-based policy controls.

Cyberoam’s User Layer 8 Technology treats user-identity as the 8th Layer or the HUMAN layer in the protocol stack. It attaches user identity to security, taking organizations a step ahead of conventional solutions that bind security to IP-addresses. This adds speed to an organization’s security by offering instant visibility into the source of attacks by username rather than IP address – allowing immediate remediation to restore security or allowing proactive security. Layer 8 technology functions along with each of Cyberoam security features to allow creation of identity-based security policies.

Cyberoam’s multi-core technology allows parallel processing of all its security features – ensuring security without compromising performance. Its future-ready Extensible Security Architecture (ESA) offers an extensible platform that can grow with the future security needs of an organization without degrading system performance. ESA supports feature enhancements that can be developed rapidly and deployed with minimum efforts.

User Identity-based Security Policy Controls

Features & Benefits:

Security Connectivity Productivity

Network Security

  • Firewall
  • Intrusion Prevention System
  • Wireless security

Content Security

  • Anti-Virus/Anti-Spyware
  • Anti-Spam
  • HTTPS/SSL Content Security

Administrative Security

  • Next-Gen UI
  • iView Logging & Reporting

Business Continuity

  • Multiple Link Management
  • High Availability

Network Availability

  • VPN
  • 3G/WiMAX Connectivity

Future-ready Connectivity

  • “IPv6 Ready” Gold Logo

Employee Productivity

  • Content Filtering
  • Instant Messaging Archiving & Controls

IT Resource Optimization

  • Bandwidth Management
  • Traffic Discovery
  • Application Layer 7 Management

Administrator Productivity

  • Next-Gen UI

Technical Specifications:

Large Enterprises: 500ia 750ia 1000i 1500i 1000ia 1500ia
Interfaces
10/100 Ethernet Ports - - - - - -
10/100/1000 GBE Ports 10 14 10 10 12 20
Configurable Internal/DMZ/WANPorts Yes Yes Yes Yes Yes Yes
Console Ports (RJ45/DB9) 1 1 1 1 1 1
SFP (Mini GBIC) Ports - - 2 2 4 4
USB Ports 2 2 2 2 2 2
Hardware Bypass Segments 2 2 2 2 2 2
System Performance*
Firewall Throughput (UDP) (Mbps) 5,000 6,000 6,500 7,500 7,500 10,000
Firewall Throughput (TCP) (Mbps) 3,000 3,000 3,500 6,000 5,500 7,500
New sessions/second 25,000 25,000 25,000 40,000 50,000 75,000
Concurrent sessions 700,000 700,000 750,000 1,000,000 1,200,000 1,500,000
3DES/AES throughput (Mbps) 325/400 325/400 400/500 600/750 900/1200 1200/1500
Antivirus throughput (Mbps) 750 750 700 900 1,250 1,550
IPS throughput (Mbps) 1000 1000 1,200 2,500 2,000 3,000
UTM throughput (Mbps) 550 550 600 750 800 1,200
Authenticated Users/Nodes Unlimited Unlimited Unlimited Unlimited Unlimited Unlimited
Dimensions
HxWxD(inches) 1.72 x 17.25 x 11.50 1.72 x 17.44 x 15.98 3.46 x 16.7 x 20.9 3.46 x 16.7 x 20.9 1.77 x 17.25 x 18.30 3.54 x 17.5 x 23.23
HxWxD(cms) 4.4 x 43.8 x 29.21 4.4 x 44.3 x 40.6 8.8 x 42.4 x 53.1 8.8 x 42.4 x 53.1 4.5 x 43.8 x 46.5 9 x 44.5 x 59
Weight 5.54 kg, 12.21 lbs 6.04 kg, 13.31lbs 15.2 kg, 33.51 lbs 15.2 kg, 33.51 lbs 13.5 kg, 29.76 lbs 18.5 kg, 40.78 lbs
Power
Input Voltage 100-240VAC 100-240VAC 90-264VAC 90-264VAC 90-260VAC 90-260VAC
Consumption 128W 185W 210W 210W 129W 258W
Total Heat Dissipation (BTU) 375 475 718 718 626 881
Redundant Power Supply - Yes Yes Yes Yes Yes
Environmental
Operating Temperature 5 to 40 °C 5 to 40 °C 0 to 40 °C 0 to 40 °C 5 to 40 °C 5 to 40 °C
Storage Temperature 0 to 70 °C 0 to 70 °C -20 to 80 °C -20 to 80 °C 0 to 70 °C 0 to 70 °C
Relative Humidity (Non condensing) 10 to 90% 10 to 90% 10 to 90% 10 to 90% 10 to 90% 10 to 90%

*If Enabled, will bypass traffic only in case of power failure
**Antivirus, IPS and UTM performance is measured based on HTTP traffic as per RFC 3511 guidelines. Actual performance may vary depending on the real network traffic environments.

Full Feature Set:

Stateful Inspection Firewall
  • Layer 8 (User - Identity) Firewall
  • Multiple Security Zones
  • Access Control Criteria (ACC) - User - Identity, Source & Destination Zone,MACand IP address, Service
  • UTM policies - IPS, Web Filtering, Application Filtering, Anti-virus, Anti-spam and Bandwidth Management
  • Layer 7 (Application) Control & Visibility
  • Access Scheduling
  • Policy based Source & Destination NAT
  • H.323NATTraversal
  • 802.1q VLAN Support
  • DoS & DDoSAttack prevention
  • MAC & IP-MAC filtering and Spoof prevention

Gateway Anti-Virus & Anti-Spyware

  • Virus,Worm,Trojan Detection & Removal
  • Spyware, Malware, Phishing protection
  • Automatic virus signature database update
  • Scans HTTP, FTP, SMTP, POP3, IMAP, IM, VPN Tunnels
  • Customize individual user scanning
  • Self Service Quarantine area
  • Scan and deliver by file size
  • Block by file types
  • Add disclaimer/signature

Gateway Anti-Spam

  • Real-time Blacklist (RBL), MIME header check
  • Filter based on message header, size, sender, recipient
  • Subject line tagging
  • IP address Black list/White list
  • Redirect spam mails to dedicated email address
  • Image-based spam filtering using RPD Technology
  • Zero hour Virus Outbreak Protection
  • Self Service Quarantine area
  • IP address Black list/White list*
  • Spam Notification through Digest*
  • IP Reputation-based Spam filtering

Intrusion Prevention System

  • Signatures: Default (3000+), Custom
  • IPS Policies: Multiple, Custom
  • User-based policy creation
  • Automatic real-time updates from CRProtect networks
  • Protocol Anomaly Detection
  • DDoS Attack prevention

Web Filtering

  • InbuiltWeb Category Database
  • URL, keyword, File type block
  • Categories: Default(82+), Custom
  • Protocols supported: HTTP, HTTPS
  • Block Malware, Phishing, Pharming URLs
  • Schedule-based access control
  • Custom block messages per category
  • Block JavaApplets, Cookies,Active X
  • CIPA Compliant
  • Data leakage control via HTTP, HTTPS upload

Application Filtering

  • Inbuilt Application Category Database
  • Application Categories: 11+ e.g. Gaming, IM, P2P,Proxy
  • Schedule-based access control
  • Block
    • P2P applications e.g. Skype
    • Anonymous proxies e.g. UItra surf
    • "Phone home” activities
    • Keylogger
  • Layer 7 (Applications) & Layer 8 (User - Identity) Visibility

Virtual Private Network

  • IPSec, L2TP, PPTP
  • Encryption - 3DES, DES, AES, Twofish, Blowfish, Serpent
  • Hash Algorithms - MD5, SHA-1
  • Authentication - Preshared key, Digital certificates
  • IPSec NAT Traversal
  • Dead peer detection and PFS support
  • Diffie Hellman Groups - 1,2,5,14,15,16
  • External Certificate Authority support
  • Export RoadWarrior connection configuration
  • Domain name support for tunnel end points
  • VPN connection redundancy
  • Overlapping Network support
  • Hub & Spoke VPN support

SSL VPN*

  • TCP & UDP Tunneling
  • Authentication - Active Directory, LDAP, RADIUS, Cyberoam
  • Multi-layered Client Authentication - Certificate, Username/Password
  • User & Group policy enforcement
  • Network access - Split and Full tunneling
  • Browser-based (Portal)Access - Clientless access
  • Lightweight SSL VPN Tunneling Client
  • Granular access control to all the Enterprise Network resources
  • Administrative controls - Session timeout, Dead Peer Detection, Portal customization
  • TCP - based Application Access - HTTP, HTTPS, RDP, TELNET, SSH

Instant Messaging (IM) Management

  • Yahoo and Windows Live Messenger
  • Virus Scanning for IM traffic
  • Allow/Block Login
  • Allow/Block FileTransfer
  • Allow/Block Webcam
  • Allow/Block one-to-one/group Chat
  • Content-based blocking
  • IM activities Log
  • Archive files transferred
  • Custom Alerts
 Wireless WAN
  • USB port 3G and Wimax Support**
  • Primary WAN link
  • WAN Backup link

Bandwidth Management

  • Application and User Identity based Bandwidth Management
  • Category-based Bandwidth restriction
  • Guaranteed & Burstable bandwidth policy
  • Application & User Identity based Traffic Discovery*
  • Multi WAN bandwidth reporting

User Identity and Group Based Controls

  • Access time restriction
  • Time and Data Quota restriction
  • Schedule based Committed and Burstable Bandwidth
  • Schedule based P2P and IM Controls

Networking

  • Failover - Automated Failover/Failback, Multi-WAN failover,3GModem failover
  • WRR based Load balancing
  • Policy routing based on Application and User
  • IP Address Assignment - Static, PPPoE, L2TP, PPTP & DDNS Client, Proxy ARP, DHCP server, DHCP relay
  • Support for HTTP Proxy
  • Dynamic Routing: RIP v1 & v2, OSPF, BGP, Multicast Forwarding
  • Parent Proxy support with FQDN
  • IPv6 Ready Gold Logo

High Availability*

  • Active-Active
  • Active-Passive with state synchronization
  • Stateful Failover
  • Alerts on Appliance Status change

Administration & System Management

  • Web-based configuration wizard
  • Role-basedAccess control
  • Firmware Upgrades via Web UI
  • Web 2.0 compliant UI (HTTPS)
  • UI Color Styler
  • Command line interface (Serial, SSH,Telnet)
  • SNMP(v1, v2c, v3)
  • Multi-lingual support: Chinese, Hindi, French, Korean
  • Cyberoam Central Console (Optional)
  • NTP Support

User Authentication

  • Internal database
  • Active Directory Integration
  • Automatic Windows Single Sign On
  • External LDAP/RADIUS database Integration
  • Thin Client support - Microsoft Windows Server 2003 Terminal Services and Citrix XenApp
  • RSA secur ID support
  • External Authentication - Users and Administrators
  • User/MAC Binding
  • Multiple Authentication servers

Logging/Monitoring

  • Graphical real-time and historical monitoring
  • Email notification of reports, viruses and attacks
  • Syslog support
  • Log Viewer - IPS, Web filter, Anti Virus, Anti Spam, Authentication, System and Admin Events

On-Appliance Cyberoam-iView Reporting

  • Integrated Web-based Reporting tool - Cyberoam-iView
  • 1000+ drilldown reports
  • 45+ Compliance reports
  • Historical and Real-time reports
  • Multiple Dashboards
  • Username, Host, Email ID specific Monitoring Dashboard
  • Reports - Security, Spam, Virus, Spam,Traffic, Policy violations, VPN, Search Engine keywords
  • Multi-format reports - tabular, graphical
  • Exportable formats - PDF, Excel
  • Automated Report Scheduling

IPSec VPN Client

  • Inter-operability with major IPSecVPNGateways
  • Supported platforms: Windows 2000, WinXP 32/64- bit, Windows 2003 32-bit, Windows 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 RC1 32/64-bit
  • Import Connection configuration

Certification

  • ICSAFirewall - Corporate
  • Checkmark UTM Level 5 Certification
  • VPNC- Basic andAES interoperability
  • IPv6 Ready Gold Logo

Compliance

  • CE
  • FCC

 

 

*Available in all the Models except CR15i
**3G card and modem details are not included.

Documentation:

PDF File
Download the Cyberoam CR1000ia Appliance Datasheet (PDF).

 

Cyberoam Product
Cyberoam CR1000ia UTM Appliance
Cyberoam CR1000ia Appliance #01-CRI-1000IA-01
Our Price: Call for Price!		 Get a quote request!