Cyberoam

Last updated
Cyberoam
Company type Private
Industry Network security, Computer Security, antivirus, computer software
Founded1999
FounderHemal Patel
Ben Casado
Headquarters Ahmedabad, (India)
Products Firewall, Unified Threat Management for network security, Cyberoam Central Console for centralized security management, Cyberoam iView for centralized visibility, Cyberoam NetGenie for secure homes and small offices
Number of employees
550+ (Q3 2014)
Website cyberoam.com

Cyberoam Technologies, a Sophos subsidiary, [1] [2] is a global network security appliances provider, with presence in more than 125 countries.

Contents

Business field

The company offers user identity-based network security in its firewalls and Unified Threat Management appliances, allowing visibility and granular control of users' activities in business networks. [3] For SOHO, SMB and large enterprise networks, this ensures security built around the user for protection against APTs, insider threats, malware, hackers, and other sophisticated network attacks.

Cyberoam has sales offices in North America, EMEA and APAC. The company has customer support and development centers in India with 550+ employees around the globe. It has a channel-centric approach for its sales [4] with a global network of 4500+ partners. The company also conducts training programs for its customers and partners.

Product overview

Cyberoam's product range offers network security (Firewall and UTM appliances), centralized security management (Cyberoam Central Console appliances), centralized visibility (Cyberoam iView), and Cyberoam NetGenie for home and small office networks.

Cyberoam network security appliances include multiple features like a Firewall – VPN (SSL VPN and IPSec), Gateway Anti-Virus, Anti-Spyware and Anti-Spam, Intrusion Prevention System (IPS), Content and Application Filtering, Web Application Firewall, Application Visibility and Control, Bandwidth Management, Multiple Link Management for Load Balancing and Gateway Failover, [5] over a single platform.

Cyberoam security training academy

Cyberoam has affiliations with NESCOT (North East Surrey College of Technology) – its first Master UK Training Academy. NESCOT offers Cyberoam certified security courses which include an entry-level class named 'CCNSP' (Cyberoam Certified Security Professional) [6] and an advanced-level course named 'CCNSE' (Cyberoam Certified Security Expert). [7]

Security flaw in HTTPS traffic inspection

A Tor Project researcher and a Google software security engineer revealed in July 2012 that all Cyberoam appliances with SSL traffic inspection capabilities had been using the same self-generated CA certificate by default. [8] This made it possible to intercept traffic from any owner of a Cyberoam device using another Cyberoam device or even to extract the key from the device and import it into other DPI devices, and use those for interception. [9]

In response, Cyberoam issued an over-the-air update for its unified threat management (UTM) appliances [10] in order to force the devices to use unique certificate authority (CA) SSL certificates when intercepting SSL traffic on corporate networks. [11] After the hotfix was applied, [12] each individual appliance was required to have a unique CA certificate.

Related Research Articles

<span class="mw-page-title-main">Proxy server</span> Computer server that makes and receives requests on behalf of a user

In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and possibly performance in the process.

Virtual private network (VPN) is a network architecture for virtually extending a private network across one or multiple other networks which are either untrusted or need to be isolated.

Deep packet inspection (DPI) is a type of data processing that inspects in detail the data being sent over a computer network, and may take actions such as alerting, blocking, re-routing, or logging it accordingly. Deep packet inspection is often used for baselining application behavior, analyzing network usage, troubleshooting network performance, ensuring that data is in the correct format, checking for malicious code, eavesdropping, and internet censorship, among other purposes. There are multiple headers for IP packets; network equipment only needs to use the first of these for normal operation, but use of the second header is normally considered to be shallow packet inspection despite this definition.

Sophos Ltd. is a British security software and hardware company. It develops and markets managed security services and cybersecurity software and hardware, such as managed detection and response, incident response and endpoint security software. Sophos was listed on the London Stock Exchange until it was acquired by Thoma Bravo in March 2020.

OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

Cisco PIX was a popular IP firewall and network address translation (NAT) appliance. It was one of the first products in this market segment.

DrayTek is a network equipment manufacturer of customer-premises equipment including firewalls, VPN devices, routers, managed switches and wireless LAN devices.

A security appliance is any form of server appliance that is designed to protect computer networks from unwanted traffic.

<span class="mw-page-title-main">TriGeo Network Security</span>

TriGeo Network Security is a United States–based provider of security information and event management (SIEM) technology. The company helps mid market organizations proactively, protects networks and data from internal and external threats, with a SIEM appliance that provides real-time log management and automated network defense - from the perimeter to the endpoint.

A virtual firewall (VF) is a network firewall service or appliance running entirely within a virtualized environment and which provides the usual packet filtering and monitoring provided via a physical network firewall. The VF can be realized as a traditional software firewall on a guest virtual machine already running, a purpose-built virtual security appliance designed with virtual network security in mind, a virtual switch with additional security capabilities, or a managed kernel process running within the host hypervisor.

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

Stonesoft Corporation was a public company that developed and sold network security solutions based in Helsinki, Finland. It was publicly owned until 2013 when it was acquired by Intel's subsidiary McAfee.

In computer networking, Cisco ASA 5500 Series Adaptive Security Appliances, or simply Cisco ASA, is Cisco's line of network security devices introduced in May 2005. It succeeded three existing lines of Cisco products:

A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a conventional firewall with other network device filtering functions, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS-encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection, third-party identity management integration, and SSL decryption

Array Networks is an American networking hardware company. It sells network traffic encryption tools.

<span class="mw-page-title-main">Endian Firewall</span> Linux distribution

Endian Firewall is an open-source router, firewall and gateway security Linux distribution developed by the South Tyrolean company Endian. The product is available as either free software, commercial software with guaranteed support services, or as a hardware appliance.

Unified threat management (UTM) is an approach to information security where a single hardware or software installation provides multiple security functions. This contrasts with the traditional method of having point solutions for each security function. UTM simplifies information-security management by providing a single management and reporting point for the security administrator rather than managing multiple products from different vendors. UTM appliances have been gaining popularity since 2009, partly because the all-in-one approach simplifies installation, configuration and maintenance. Such a setup saves time, money and people when compared to the management of multiple security systems. Instead of having several single-function appliances, all needing individual familiarity, attention and support, network administrators can centrally administer their security defenses from one computer. Some of the prominent UTM brands are Cisco, Fortinet, Sophos, Netgear, Huawei, Wi-Jungle, SonicWall and Check Point. UTMs are now typically called next-generation firewalls.

WatchGuard, formally known as WatchGuard Technologies, Inc, is an American technology company based in Seattle, Washington. It specializes in network security solutions aimed at safeguarding computer networks from external threats such as malware and ransomware.

A secure access service edge (SASE) is technology used to deliver wide area network (WAN) and security controls as a cloud computing service directly to the source of connection rather than a data center. It uses cloud and edge computing technologies to reduce the latency that results from backhauling all WAN traffic over long distances to one or a few corporate data centers, due to the increased movement off-premises of dispersed users and their applications. This also helps organizations support dispersed users.

References

  1. Sophos Acquires Cyberoam Technologies - Cyberoam Press Release, 10 Feb 2014
  2. Lennon, Mike (10 February 2014). "Sophos Acquires Network Security Firm Cyberoam Technologies". Security Week. Retrieved 12 November 2024.
  3. UTM Reviews - By Peter Stephenson, SC Magazine, 1 December 2011
  4. Cyberoam to increase partner base by 25% before March 2012 Archived 2015-04-02 at the Wayback Machine - By ChannelWorld Bureau, 22 Feb 2012
  5. Cyberoam CR1000ia-Product Review - By Peter Stephenson, SC Magazine, 5 Jan 2012
  6. Cyberoam Certified Network & Security Professional (CCNSP) Archived 2014-09-21 at the Wayback Machine - CourseKing, Nescot
  7. Cyberoam CCNSE training Archived 2016-10-23 at the Wayback Machine - VCW Security
  8. TOR project uncovers flaw in mass-surveillance appliance - By Cory Doctorow, Boing Boing, 3 July 2012
  9. Cyberoam deep packet inspection and certificates - By Nathan Willis, LWN, 11 July 2012
  10. Cyberoam updates UTM certs to avoid traffic snooping - By Darren Pauli, SC Magazine Australia, 11 July 2012
  11. Cyberoam’s Proactive Steps in HTTPS Deep Scan Inspection Archived 2013-05-07 at the Wayback Machine - Cyberoam Blog, 9 July 2012
  12. Cyberoam Fixes SSL Snooping Hole in Network Security Appliances - By Lucian Constantin, IDG News Service, 9 Jul 2012
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.