Cyberoam

Last updated
Cyberoam
Company type Private
Industry Network security, Computer Security, antivirus, computer software
Founded1999
FounderHemal Patel
Ben Casado
Headquarters Ahmedabad, (India)
Products Firewall, Unified Threat Management for network security, Cyberoam Central Console for centralized security management, Cyberoam iView for centralized visibility, Cyberoam NetGenie for secure homes and small offices
Number of employees
550+ (Q3 2014)
Website cyberoam.com

Cyberoam Technologies, a Sophos subsidiary, [1] is a global network security appliances provider, with presence in more than 125 countries.

Contents

Business field

The company offers user identity-based network security in its firewalls and Unified Threat Management appliances, allowing visibility and granular control of users' activities in business networks. [2] For SOHO, SMB and large enterprise networks, this ensures security built around the user for protection against APTs, insider threats, malware, hackers, and other sophisticated network attacks.

Cyberoam has sales offices in North America, EMEA and APAC. The company has customer support and development centers in India with 550+ employees around the globe. It has a channel-centric approach for its sales [3] with a global network of 4500+ partners. The company also conducts training programs for its customers and partners.

Product overview

Cyberoam's product range offers network security (Firewall and UTM appliances), centralized security management (Cyberoam Central Console appliances), centralized visibility (Cyberoam iView), and Cyberoam NetGenie for home and small office networks.

Cyberoam network security appliances include multiple features like a Firewall – VPN (SSL VPN and IPSec), Gateway Anti-Virus, Anti-Spyware and Anti-Spam, Intrusion Prevention System (IPS), Content and Application Filtering, Web Application Firewall, Application Visibility and Control, Bandwidth Management, Multiple Link Management for Load Balancing and Gateway Failover, [4] over a single platform.

Identity based security Layer-8 technology

Cyberoam's Layer 8 Technology [5] also known as Identity based Security, adds an 8th Layer [6] (HUMAN layer) in the network protocol stack, thereby considering user's identity as part of the firewall rule matching criteria. Cyberoam attaches user identity to security while authenticating, authorizing and auditing (AAA) the network, allowing a network administrator to see and control a "user" in a network instead of an IP address. [7] This enables administrators to identify users, control their Internet activity, set user-based policies and allows reporting by username.

Cyberoam security training academy

Cyberoam has affiliations with NESCOT (North East Surrey College of Technology) – its first Master UK Training Academy. NESCOT offers Cyberoam certified security courses which include an entry-level class named 'CCNSP' (Cyberoam Certified Security Professional) [8] and an advanced-level course named 'CCNSE' (Cyberoam Certified Security Expert). [9]

Security flaw in HTTPS traffic inspection

A Tor Project researcher and a Google software security engineer revealed in July 2012 that all Cyberoam appliances with SSL traffic inspection capabilities had been using the same self-generated CA certificate by default. [10] This made it possible to intercept traffic from any owner of a Cyberoam device using another Cyberoam device or even to extract the key from the device and import it into other DPI devices, and use those for interception. [11]

In response, Cyberoam issued an over-the-air update for its unified threat management (UTM) appliances [12] in order to force the devices to use unique certificate authority (CA) SSL certificates when intercepting SSL traffic on corporate networks. [13] After the hotfix was applied, [14] each individual appliance was required to have a unique CA certificate.

Related Research Articles

<span class="mw-page-title-main">Proxy server</span> Computer server that makes and receives requests on behalf of a user

In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and performance in the process.

A virtual private network (VPN) is a mechanism for creating a secure connection between a computing device and a computer network, or between two networks, using an insecure communication medium such as the public Internet.

Deep packet inspection (DPI) is a type of data processing that inspects in detail the data being sent over a computer network, and may take actions such as alerting, blocking, re-routing, or logging it accordingly. Deep packet inspection is often used for baselining application behavior, analyzing network usage, troubleshooting network performance, ensuring that data is in the correct format, checking for malicious code, eavesdropping, and internet censorship, among other purposes. There are multiple headers for IP packets; network equipment only needs to use the first of these for normal operation, but use of the second header is normally considered to be shallow packet inspection despite this definition.

OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

Cisco PIX was a popular IP firewall and network address translation (NAT) appliance. It was one of the first products in this market segment.

Barracuda Networks, Inc. is a company providing security, networking and storage products based on network appliances and cloud services. The company's security products include products for protection against email, web surfing, web hackers and instant messaging threats such as spam, spyware, trojans, and viruses. The company's networking and storage products include web filtering, load balancing, application delivery controllers, message archiving, NG firewalls, backup services and data protection.

VPN-1 is a firewall and VPN product developed by Check Point Software Technologies Ltd.

Vyatta is a software-based virtual router, virtual firewall and VPN product for Internet Protocol networks. A free download of Vyatta has been available since March 2006. The system is a specialized Debian-based Linux distribution with networking applications such as Quagga, OpenVPN, and many others. A standardized management console, similar to Juniper JUNOS or Cisco IOS, in addition to a web-based GUI and traditional Linux system commands, provides configuration of the system and applications. In recent versions of Vyatta, web-based management interface is supplied only in the subscription edition. However, all functionality is available through KVM, serial console or SSH/telnet protocols. The software runs on standard x86-64 servers.

A virtual firewall (VF) is a network firewall service or appliance running entirely within a virtualized environment and which provides the usual packet filtering and monitoring provided via a physical network firewall. The VF can be realized as a traditional software firewall on a guest virtual machine already running, a purpose-built virtual security appliance designed with virtual network security in mind, a virtual switch with additional security capabilities, or a managed kernel process running within the host hypervisor.

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

Stonesoft Corporation was a public company that developed and sold network security solutions based in Helsinki, Finland. It was publicly owned until 2013 when it was acquired by Intel's subsidiary McAfee.

In computer networking, Cisco ASA 5500 Series Adaptive Security Appliances, or simply Cisco ASA, is Cisco's line of network security devices introduced in May 2005. It succeeded three existing lines of popular Cisco products:

NetGenie is a wireless router that offers security and protection against internet and network threats. It is a part of the Cyberoam's product portfolio and was launched in 2011.

<span class="mw-page-title-main">Dell Software</span> Former software division of Dell, Inc.

Dell Software was a former division of Dell with headquarters in Round Rock, Texas, United States. Dell Software was created by merging various acquisitions by Dell Inc., the third-largest maker of PCs and now a privately held company, to build out its software offerings for data center and cloud management, information management, mobile workforce management, security and data protection for organizations of all sizes.

A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a conventional firewall with other network device filtering functions, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS-encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection, third-party identity management integration, and SSL decryption

<span class="mw-page-title-main">Endian Firewall</span> Linux distribution

Endian Firewall is an open-source router, firewall and gateway security Linux distribution developed by the South Tyrolean company Endian. The product is available as either free software, commercial software with guaranteed support services, or as a hardware appliance.

Unified threat management (UTM) is an approach to information security where a single hardware or software installation provides multiple security functions. This contrasts with the traditional method of having point solutions for each security function. UTM simplifies information-security management by providing a single management and reporting point for the security administrator rather than managing multiple products from different vendors. UTM appliances have been gaining popularity since 2009, partly because the all-in-one approach simplifies installation, configuration and maintenance. Such a setup saves time, money and people when compared to the management of multiple security systems. Instead of having several single-function appliances, all needing individual familiarity, attention and support, network administrators can centrally administer their security defenses from one computer. Some of the prominent UTM brands are Cisco, Fortinet, Sophos, Netgear, Huawei, Wi-Jungle, SonicWall and Check Point. UTMs are now typically called next-generation firewalls.

Data center security is the set of policies, precautions and practices adopted at a data center to avoid unauthorized access and manipulation of its resources. The data center houses the enterprise applications and data, hence why providing a proper security system is critical. Denial of service (DoS), theft of confidential information, data alteration, and data loss are some of the common security problems afflicting data center environments.

A secure access service edge (SASE) is technology used to deliver wide area network (WAN) and security controls as a cloud computing service directly to the source of connection rather than a data center. It uses cloud and edge computing technologies to reduce the latency that results from backhauling all WAN traffic over long distances to one or a few corporate data centers, due to the increased movement off-premises of dispersed users and their applications. This also helps organizations support dispersed users and their devices with digital transformation and application modernization initiatives.

References

  1. Sophos Acquires Cyberoam Technologies - Cyberoam Press Release, 10 Feb 2014
  2. UTM Reviews - By Peter Stephenson, SC Magazine, 1 December 2011
  3. Cyberoam to increase partner base by 25% before March 2012 Archived 2015-04-02 at the Wayback Machine - By ChannelWorld Bureau, 22 Feb 2012
  4. Cyberoam CR1000ia-Product Review - By Peter Stephenson, SC Magazine, 5 Jan 2012
  5. Cyberoam Layer 8 Technology Archived 2014-01-16 at the Wayback Machine - MintmTEC
  6. Cyberoam Layer 8 Technology Archived 2014-01-15 at the Wayback Machine - ESDS Forums, 29 December 2011
  7. Cyberoam UTM Appliance Family Archived 2013-05-31 at the Wayback Machine - ICSA Labs, 2011
  8. Cyberoam Certified Network & Security Professional (CCNSP) Archived 2014-09-21 at the Wayback Machine - CourseKing, Nescot
  9. Cyberoam CCNSE training Archived 2016-10-23 at the Wayback Machine - VCW Security
  10. TOR project uncovers flaw in mass-surveillance appliance - By Cory Doctorow, Boing Boing, 3 July 2012
  11. Cyberoam deep packet inspection and certificates - By Nathan Willis, LWN, 11 July 2012
  12. Cyberoam updates UTM certs to avoid traffic snooping - By Darren Pauli, SC Magazine Australia, 11 July 2012
  13. Cyberoam’s Proactive Steps in HTTPS Deep Scan Inspection Archived 2013-05-07 at the Wayback Machine - Cyberoam Blog, 9 July 2012
  14. Cyberoam Fixes SSL Snooping Hole in Network Security Appliances - By Lucian Constantin, IDG News Service, 9 Jul 2012
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.