SME CR50iNG Cyberoam Firewall

Stateful Inspection Firewall
- Layer 8 (User Identity) Firewall
- Multiple Security Zones
* Access Control Criteria (ACC) User Identity, Source & Destination Zone, MAC and IP address, Service
* UTM policies IPS, Web Filtering, Application Filtering, Anti-Virus, Anti-Spam and Bandwidth Management
* Layer 7 (Application) Control & Visibility
* Access Scheduling
* Policy based Source & Destination NAT
* H.323, SIP NAT Traversal
* 802.1q VLAN Support
* DoS & DDoS Attack prevention
* MAC & IP-MAC filtering and Spoof prevention
Gateway Anti-Virus & Anti-Spyware
* Virus, Worm, Trojan Detection & Removal
* Spyware, Malware, Phishing protection
* Automatic virus signature database update
* Scans HTTP, HTTPS, FTP, SMTP, POP3, IMAP, IM, VPN Tunnels
* Customize individual user scanning
* Self Service Quarantine area
* Scan and deliver by file size
* Block by file types
* Add disclaimer/signature
Gateway Anti-Spam
* Inbound/Outbound Scanning
* Real-time Blacklist (RBL), MIME header check
* Filter based on message header, size, sender, recipient
* Subject line tagging
* IP address Black list/White list
* Redirect Spam mails to dedicated email address
* Image-based Spam filtering using RPD Technology
* Zero hour Virus Outbreak Protection
* Self Service Quarantine area
* Spam Notification through Digest
* IP Reputation-based Spam filtering
Intrusion Prevention System
* Signatures Default (4500+), Custom
* IPS Policies Multiple, Custom
* User-based policy creation
* Automatic real-time updates from CRProtect networks
* Protocol Anomaly Detection
* DDoS attack prevention
Web Filtering
* Inbuilt Web Category Database
* URL, keyword, File type block
* Categories Default(82+), Custom
* Protocols supported HTTP, HTTPS
* Block Malware, Phishing, Pharming URLs
* Schedule-based access control
* Custom block messages per category
* Block Java Applets, Cookies, Active X
* CIPA Compliant
* Data leakage control via HTTP, HTTPS upload
Web Application Firewall
* Positive Protection model
* Unique "Intuitive Website Flow Detector" technology
* Protection against SQL Injections, Cross-site Scripting (XSS), Session Hijacking, URL Tampering, Cookie Poisoning
* Support for HTTP 0.9/1.0/1.1
Virtual Private Network
* IPSec, L2TP, PPTP
* Encryption 3DES, DES, AES, Twofish, Blowfish, Serpent
* Authentication Preshared key, Digital certificates
* IPSec NAT Traversal
* Dead peer detection and PFS support
* Diffie Hellman Groups 1, 2, 5, 14, 15, 16
* External Certificate Authority support
* Export Road Warrior connection configuration
* Domain name support for tunnel end points
* VPN connection redundancy
* Overlapping Network support
* Hub & Spoke VPN support
SSL VPN
* TCP & UDP Tunneling
* Authentication Active Directory, LDAP, RADIUS, Cyberoam
* Multi-layered Client Authentication Certificate, Username/Password
* User & Group policy enforcement
* Network access Split and Full tunneling
* Browser-based (Portal) Access Clientless access
* Lightweight SSL VPN Tunneling Client
* Granular access control to all the Enterprise Network resources
* Administrative controls Session timeout, Dead Peer Detection, Portal customization
* TCPbased Application Access HTTP, HTTPS, RDP, TELNET, SSH