Call a Specialist Today! 888-785-4405

Cyberoam - Identity-based unified threat management appliances.Cyberoam CR-SSL-2400 SSL VPN Appliance

Comprehensive Internet Security Systems

Cyberoam CR-SSL-2400 SSL VPN Appliance

Sorry, this product is no longer available, please contact us for a replacement.

SSL VPNCyberoam CR-SSL-2400 SSL VPN Appliance Overview:

Cyberoam SSL VPN is an application gateway that provides secure access to the applications using standard-based SSL encryption.

Cyberoam SSL VPN enables access only to specified applications rather than bridging the end-user's machine with the corporate network while maintaining full application compatibility.

Cyberoam SSL VPN is an easy-to-use, simple application access and security solution for enabling high-trust, secure remote access to Enterprise applications and resources. Enterprises use Cyberoam SSL VPN to collaborate securely with employees, customers and partners. Cyberoam SSL VPN comes with unique network obfuscation feature that hides the internal network details from intentional or unintentional exploitation by a user or hacker.

Any Place, Any Time & Any Device Secure Remote Access

Cyberoam offers SSL VPN appliances, delivering high throughput, secure remote connectivity of road warriors, branch offices, telecommuters, guest users, partners and customers to the corporate network through dedicated hardware appliances, virtual appliances and software installers. Cyberoam enables Anytime, Anywhere, Any Device remote access across the world.

Cyberoam SSL VPN addresses the need for secure remote connectivity of road warriors, branch offices, telecommuters, guest users and partners with the flexibility of dedicated SSL VPN appliances, virtual SSL VPN appliances and software installers.

Cyberoam SSL VPN Solutions

Hardware Appliances
  • Meets the requirements of 50-1000 concurrent users
  • Site-to-site and remote location SSL VPN connections
  • High throughput; Scalability with software license upgrades
Virtual Appliances
  • Cyberoam-based virtual SSL VPN appliances
  • Eliminates need for dedicated hardware
  • Simplifies future upgrades
  • Scales easily through reallocation of physical resources
  • Reduces cost of ownership
Software Installer
  • Integrates into existing hardware
  • Lowers cost of ownership
  • Simplifies security management

Key Highlights

  • Supports Multiple Platforms and Devices – Cyberoam’s clientless SSL VPN is accessible from any device with a simple browser and from multiple locations like public networks, remote offices and home offices, offering seamless access to resources and applications. It supports Linux, Windows, and MAC enterprise platforms in addition to all enterprise applications, viz. full applications, Web applications, thin clients, fat clients and legacy applications, ensuring that the single Cyberoam SSL VPN solution meets the organization’s secure remote access requirements.
  • Layer 8 Identity-based Network Access – Cyberoam’s Layer 8 identity-based policies allow or deny access based on user profile and job requirement, limiting remote access to specific resources and applications within the network. These identity-based controls support organizations’ efforts to meet regulatory compliance requirements of HIPAA, PCI DSS, GLBA.
  • Clientless Access – Cyberoam SSL VPNs offer clientless, browser-based access, eliminating the complexity of configuration-dependent clients across the hundreds or thousands of endpoints in the organization, delivering ease-of-use.
  • Seamless Connectivity – Cyberoam SSL VPNs ensure automatic re-connection between the user and the gateways in addition to high availability clustering, delivering continuous connectivity to critical applications and data despite network failures and timeouts, minimizing support calls and reducing client maintenance cost to zero.

Features & Benefits:

Key Features:

  • Application Support allows access to virtually any application, including all TCP, 802.11x and UDP applications, Microsoft Outlook, FTP, Cyberoam TSE, and Microsoft Terminal Servers. Even custom or proprietary applications and protocols are supported by the Cyberoam SSL VPN.
  • Secure Firewall Traversal of TCP/UDP allows local desktops to access UDP-based remote data services, without segregating the network, exposing UDP port ranges to hackers, using routable IP addresses, or publishing internal routes externally. Cyberoam VPN works alongside existing firewalls, and NAT devices.
  • Authentication and Authorization Architecture supports different group access policies via leading protocols (LDAP, Active Directory, RADIUS, and more).
  • Centralized Access Control control by source, destination, domain name, user group, port, host, or network, thereby increasing security and dramatically simplifying firewall configuration.
  • Single Mode Connectivity enables remote access to any application, including web-enabled and legacy applications, through a simple interface with the look and feel of the user's native desktop.
  • Load Balancing and High Availability automatically distributes application network traffic among multiple VPN Servers with integrated failover to available servers.
  • SSL VPN users may access applications from a standard portal interface or directly from their desktop, for an IPSec-like “in office” experience.
  • Clientless Browser-based Access provides secure remote access to applications through common web browsers. No clients to install or maintain.
  • Endpoint Security enforces access restrictions based on customizable policies such as Anti-virus, Antispyware and Firewall status.


  • Reduced Costs - Centralize management; consolidate data centers, lower administration costs.
  • Investment Protection - Utilize existing networks, firewalls, servers, clients and software.
  • Trusted Remote Access - Extend access to regional offices, partners, customers, telecommuters, wireless users.
  • Easy to Use - Fast installation and little ongoing management, reduced training, less down-time.
  • Continuous Access - provide reliable, available and scalable access.

Application Access:

  • Email Access - Use your local Outlook or Lotus Notes client to access corporate email system.
  • File Shares and FTP - Directly access the files and shares residing on the corporate network.
  • Web Applications - Access any HTTP/S based applications.
  • Cyberoam TSE and Terminal Services - Secure connection to RDP-based applications.
  • Other Applications - Provide access to any TCP/UDP based applications.

SSL VPN Deployment:

SSL VPN Deployment


Technical Specifications: CR-SSL-800 CR-SSL-1200 CR-SSL-2400
10/100/1000 GBE Ports 6 6 10
Console Ports (RJ45) 1 1 1
SFP (Mini GBIC) Ports - - 2
USB Ports 2 2 -
Concurrent User 50 250 1000
H x W x D (inches) 1.7 x 16.8 x 10.3 1.72 x 11.50 x 17.25 3.46 x 16.7 x 20.9
H x W x D (cms) 4.3 x 42.7 x 26.2 4.4 x 29.21 x 43.8 8.8 x 42.4 x 53.1
Weight 5.3 kg, 11.68 lbs 5.54 kg, 12.188 lbs 15.2 kg, 33.51 lbs
Input Voltage 115-230VAC 100-240 VAC 90-264VAC
Consumption 90W 128W 210W
Total Heat Dissipation (BTU) 200 375 718
Redundant Power Supply - No Yes
Operating Temperature 0 to 40 °C 5 to 40 °C 0 to 40 °C
Storage Temperature -20 to 80 °C -20 to 70 °C -20 to 80 °C
Relative Humidity (Non condensing) 0 to 90% 0 to 90% 10 to 90%

Full Feature Set:

Deployment Scalability:
  • Scalable to 200,000 users
  • Active-Active N+1 cluster
  • Resource-based VPN Load balancing with multiple load balancer
  • Session Persistence: Users do not need to re-authenticate
Application Support:
  • All web-based, TCP and UDP based clientserver applications
  • Windows File Shares and Drive Mapping
  • Dynamic port-based applications
  • Special support for RDP virtual channels
  • Application load balancing
  • Session Caching for load balanced applications
  • Per application-based compression switch

Gateway Features:

  • Hardened Gateway Operating System
  • Can run on hardened Linux based platform, on any
    standard or custom hardware
  • Runs on Virtualization platforms, VMWare, xenServer,

Access Security:

  • SSL 3.0 and TLS 1.0
  • Encryption Standards: RC4 - 128 bits, 3DES, AES - 256
    bits, MD5, SHA1
  • Web Application URL masking
  • Integrate behind any Firewall or NAT device
  • VPN Chaining
  • Application level gateway
  • Authentication based on user identity, endpoint identity, endpoint trust level
  • Multiple User authentication options: static passwords, client certificates, External two factor authentication solutions
  • Local database with customization per user, password
    policies, password reset support
  • External two factor authentication solutions
  • Fully integrated client-certificate based two factor
    authentication server with automatic CA and certificate
  • Email based user provisioning
  • Integration with external authentication and directory
    services - Active Directory/LDAP/RADIUS/RSA SecurID
  • Automatic fetching of group information from
    Active Directory/LDAP/RADIUS
  • Default group for Active Directory/LDAP server
  • Multiple Authentication servers support
  • Biometric authentication support
  • External Authorization server support
  • Publish applications rather than subnet or network
  • Access control based on
    • Device identity and profile
    • User Authentication method
    • User Role
  • Time based restriction policies
Auditing & Logging:
  • User logons activity log including: Time of access, Username, MAC Address and IP address of endpoint, Application accessed, Device Profile
  • Endpoint security scan log
  • Device scan log including:
    • Policies evaluated for user sessions
    • Current profile of endpoint
    • List of failed policies
    • List of policies for which remediation information is sent to user
  • Session, connection, failed connection log
  • Export Logs in CSV format
Device Profiling (Endpoint Security):
  • Support for checking for Anti-virus, Firewall and Anti-spyware products - 1100+
  • Real time status check for
    • Virus signature DAT file version
    • Last update time
    • Last scan time
    • Real time protection check
  • MAC address and IP address checks
  • Application control based on device profile
  • Mandatory profile for non-avoidable policy checks on all
  • Quarantine profile for devices that fails all other profile
  • Bypass or block endpoints that fails to comply to required
  • Integrated with OPSWAT™ endpoint security SDK
Access Modes:
  • Web Portal
  • Clientless VPN with a browser agent for seamless access to applications
  • No configuration required on end user machines
  • Client platforms supported
    • Windows 98 /xP /Vista /Windows7
    • Windows server 2003 /2008
    • Linux
    • MAC OS x PPC/Intel 10.4 and above
  • Site to Site connectivity


  • Administration - Web based and Command Line console
  • Menu driven console interface for configuration
  • Wizard driven installation
  • Self signed certificate generation
  • Dashboard
  • Real-time status and monitoring
  • Role-based administration
  • Secure Administration - Certificate based login for
  • Automatic expiry of User account
  • Error for Unresolved Web URL
  • Monitor and disconnect live users


Download the Cyberoam SSL VPN Appliance Datasheet (PDF).