Data Sheet

Comprehensive Network Security

Cyberoam CR100ia
for Small & Medium Offices

Unified Threat Management

VPNC
CERTIFIED
SSL
Portal
SSL
Exchange

SSL
Firefox
VPNC SSL
CERTIFIED JavaScript
Basic SSL Basic
Interop Network Extension
AES SSL Advanced
www.check-mark.com Interop Network Extension

Cyberoam Unified Threat Management appliances offer assured security, connectivity and productivity to
small and medium enterprises (SMEs) by allowing user identity-based policy controls.

Gartner positions Cyberoam’s User Layer 8 Technology treats user-identity as the 8th Layer or the HUMAN layer in the
protocol stack. It attaches user identity to security, taking organizations a step ahead of conventional
Cyberoam UTM as a solutions that bind security to IP-addresses. This adds speed to an organization’s security by offering
“Visionary” in Magic instant visibility into the source of attacks by username rather than IP address – allowing immediate
remediation to restore security or allowing proactive security. Layer 8 technology functions along with each
Quadrant for SMB of Cyberoam security features to allow creation of identity-based security policies.
Multifunction
Firewalls Cyberoam’s future-ready Extensible Security Architecture (ESA) offers an extensible platform that can
grow with the future security needs of an organization without degrading system performance. ESA
supports feature enhancements that can be developed rapidly and deployed with minimum efforts.

User Identity-based Security Policy Controls

L8 USER

L7 Application
Cyberoam's Layer 8 Technology treats
L6 Presentation ASCII, EBCDIC, ICA “User Identity” as the 8th Layer
in the protocol stack
L5 Session L2TP, PPTP

Transport Cyberoam UTM offers security across

L4 TCP, UDP
Layer 2-Layer 8 using Identity-based policies
L3 Network 192.168.1.1

L2 Data Link 00-17-BB-8C-E3-E7

L1 Physical

Cyberoam UTM features assure Security, Connectivity, Productivity

Security Connectivity Productivity

Network Security Business Continuity Employee Productivity

- Firewall - Multiple Link Management - Content Filtering
- Intrusion Prevention System - High Availability - Instant Messaging Archiving & Controls
- Wireless security
Network Availability IT Resource Optimization
Content Security - VPN - Bandwidth Management
- Anti-Virus/Anti-Spyware - 3G/WiMAX Connectivity - Traffic Discovery
- Anti-Spam - Application Layer 7 Management
- HTTPS/SSL Content Security Future-ready Connectivity
- “IPv6 Ready” Gold Logo Administrator Productivity
Administrative Security - Next-Gen UI
- Next-Gen UI
- iView- Logging & Reporting
Specification
Interfaces - “Phone home” activities Administration & System Management
10/100/1000 GBE Ports 6 - Keylogger - Web-based configuration wizard
Configurable Internal/DMZ/WAN Ports Yes - Layer 7 (Applications) & Layer 8 (User - Identity) - Role-based Access control
Console Ports (RJ45/DB9) 1 Visibility - Firmware Upgrades via Web UI
USB Ports 2 - Web 2.0 compliant UI (HTTPS)
Hardware Bypass Segments 1* Virtual Private Network - UI Color Styler
- IPSec, L2TP, PPTP - Command line interface (Serial, SSH, Telnet)
System Performance** - Encryption - 3DES, DES, AES, Twofish, Blowfish, - SNMP (v1, v2c, v3)
Firewall Throughput (UDP) (Mbps) 1250 Serpent - Multi-lingual support: Chinese, Hindi, French,
Firewall Throughput (TCP) (Mbps) 1000 - Hash Algorithms - MD5, SHA-1 Korean
New sessions/second 10,000 - Authentication - Preshared key, Digital certificates - Cyberoam Central Console (Optional)
Concurrent sessions 400,000 - IPSec NAT Traversal, Dead peer detection and PFS - NTP Support
168-bit Triple-DES/AES throughput (Mbps) 80/100 support
Antivirus throughput (Mbps) 200 - Diffie Hellman Groups - 1,2,5,14,15,16 User Authentication
IPS throughput (Mbps) 300 - External Certificate Authority support - Internal database
UTM throughput (Mbps) 160 - Export Road Warrior connection configuration - Active Directory Integration
- Domain name support for tunnel end points - Automatic Windows Single Sign On
Stateful Inspection Firewall - VPN connection redundancy - External LDAP/RADIUS database Integration
- Layer 8 (User - Identity) Firewall - Overlapping Network support - Thin Client support - Microsoft Windows Server 2003
- Multiple Security Zones - Hub & Spoke VPN support Terminal Services and Citrix XenApp
- Access Control Criteria (ACC) - User - Identity, Source - RSA securID support
& Destination Zone, MAC and IP address, Service SSL VPN - External Authentication - Users and Administrators
- UTM policies - IPS, Web Filtering, Application - TCP & UDP Tunneling - User/MAC Binding
Filtering, Anti-virus, Anti-spam and Bandwidth - Authentication - Active Directory, LDAP, RADIUS, - Multiple Authentication servers
Management Cyberoam
- Layer 7 (Application) Control & Visibility - Multi-layered Client Authentication - Certificate, Logging/Monitoring
- Access Scheduling Username/Password - Graphical real-time and historical monitoring
- Policy based Source & Destination NAT - User & Group policy enforcement - Email notification of reports, viruses and attacks
- H.323 NAT Traversal - Network access - Split and Full tunneling - Syslog support
- 802.1q VLAN Support - Browser-based (Portal) Access - Clientless access - Log Viewer - IPS, Web filter, Anti Virus, Anti Spam,
- DoS & DDoS Attack prevention - Lightweight SSL VPN Tunneling Client Authentication, System and Admin Events
- MAC & IP-MAC filtering and Spoof prevention - Granular access control to all the Enterprise Network Cyberoam TM

resources On-Appliance Cyberoam-iView Reporting VIEW

Gateway Anti-Virus & Anti-Spyware - Administrative controls - Session timeout, Dead Peer - Integrated Web-based Reporting tool -
- Virus, Worm, Trojan Detection & Removal Detection, Portal customization Cyberoam-iView
- Spyware, Malware, Phishing protection - TCP- based Application Access - HTTP, HTTPS, - 1000+ drilldown reports
- Automatic virus signature database update RDP, TELNET, SSH - 45+ Compliance reports
- Scans HTTP, FTP, SMTP, POP3, IMAP, IM, VPN - Historical and Real-time reports
Tunnels Instant Messaging (IM) Management - Multiple Dashboards
- Customize individual user scanning - Yahoo and Windows Live Messenger - Username, Host, Email ID specific Monitoring
- Self Service Quarantine area - Virus Scanning for IM traffic Dashboard
- Scan and deliver by file size - Allow/Block Login - Reports - Security, Spam, Virus, Spam, Traffic, Policy
- Block by file types - Allow/Block File Transfer violations, VPN, Search Engine keywords
- Add disclaimer/signature - Allow/Block Webcam - Multi-format reports - tabular, graphical
- Allow/Block one-to-one/group Chat - Exportable formats - PDF, Excel
Gateway Anti-Spam - Content-based blocking - Automated Report Scheduling
- Real-time Blacklist (RBL), MIME header check - IM activities Log
- Filter based on message header, size, sender, - Archive files transferred IPSec VPN Client
recipient - Custom Alerts - Inter-operability with major IPSec VPN Gateways
- Subject line tagging - Supported platforms: Windows 2000, WinXP 32/64-
- IP address Black list/White list Wireless WAN bit, Windows 2003 32-bit, Windows 2008 32/64-bit,
- Redirect spam mails to dedicated email address - USB port 3G and Wimax Support
#
Windows Vista 32/64-bit, Windows 7 RC1 32/64-bit
- Image-based spam filtering using RPD Technology - Primary WAN link - Import Connection configuration
- Zero hour Virus Outbreak Protection - WAN Backup link
- Self Service Quarantine area Certification
- Spam Notification through Digest Bandwidth Management - ICSA Firewall - Corporate
- IP Reputation-based Spam filtering - Application and User Identity based Bandwidth - Checkmark UTM Level 5 Certification
Management - VPNC - Basic and AES interoperability
Intrusion Prevention System - Guaranteed & Burstable bandwidth policy - IPv6 Ready Gold Logo
- Signatures: Default (3000+), Custom - Application & User Identity based Traffic Discovery
- IPS Policies: Multiple, Custom - Multi WAN bandwidth reporting Compliance
- User-based policy creation - Category-based Bandwidth restriction CE
- Automatic real-time updates from CRProtect networks FCC
- Protocol Anomaly Detection User Identity and Group Based Controls
- DDoS Attack prevention - Access time restriction Dimensions
- Time and Data Quota restriction H x W x D (inches) 1.7 x 16.8 x 10.3
Web Filtering - Schedule based Committed and Burstable H x W x D (cms) 4.3 x 42.7 x 26.2
- Inbuilt Web Category Database Bandwidth Weight 5.3 kg, 11.68 lbs
- URL, keyword, File type block - Schedule based P2P and IM Controls
- Categories: Default(82+), Custom Power
- Protocols supported: HTTP, HTTPS Networking Input Voltage 115-230 VAC
- Block Malware, Phishing, Pharming URLs - Failover - Automated Failover/Failback, Multi-WAN Consumption 90W
- Schedule-based access control failover, 3GModem failover Total Heat Dissipation (BTU) 200
- Custom block messages per category - WRR based Load balancing
- Block Java Applets, Cookies, Active X - Policy routing based on Application and User Environmental
- CIPA Compliant - IP Address Assignment - Static, PPPoE, L2TP, PPTP Operating Temperature 0 to 40 °C
- Data leakage control via HTTP, HTTPS upload & DDNS Client, Proxy ARP, DHCP server, DHCP Storage Temperature -20 to 80 °C
relay Relative Humidity (Non condensing) 0 to 90%
Application Filtering - Support for HTTP Proxy Cooling System - Fan 2
- Inbuilt Application Category Database - Dynamic Routing: RIP v1& v2, OSPF, BGP, Multicast
- Application Categories: 11+ e.g. Gaming, IM, P2P, Forwarding
Proxy - Parent Proxy support with FQDN
- Schedule-based access control - IPv6 Ready Gold Logo
- Block
- P2P applications e.g. Skype
- Anonymous proxies e.g. UItra surf
#
If Enabled, will bypass traffic only in case of power failure
**Antivirus, IPS and UTM performance is measured based on HTTP traffic as per RFC 3511 guidelines. Actual performance may vary depending on the real network traffic environments.
#
3G card and modem details are not included. See http://www.cyberoam.com for supported USB devices.

Toll Free Numbers C o p y r i g h t © 1999-2010 E l i t e c o r e Te c h n o l o g i e s L t d. A l l R i g h t s R e s e r v e d.

Cyberoam and Cyberoam logo are registered trademark of Elitecore Technologies Ltd. Although Elitecore
USA : +1-877-777-0368 | India : 1-800-301-00013 has attempted to provide accurate information, Elitecore assumes no responsibility for accuracy or
completeness of information neither is this a legally binding representation. Elitecore has the right to
APAC/MEA : +1-877-777-0368 | Europe : +44-808-120-3958 change,modify, transfer or otherwise revise the publication without notice. PL-10-1000252-100423 Unified Threat Management

www.cyberoam.com I sales@cyberoam.com Elitecore Product