Cyberoam Cyberoam

Unified - Management
Threat Unified Threat Management
Unified Threat Management Solution
for New Age Network Threats
Presented by AUNALLY MALOO – Mart
Networks on Behalf of Nadiyya Ahmed
Coast Data Systems Ltd
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Agenda of Presentation

Launch of Sea Cables in Region

Benefits it will bring
Threats/Risks it will bring
Understanding Threats - External & Internal
Need for Multiple Security Solutions
Unified Threat Management - A solution to
fight against multiple attacks and threats
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

SEACOM & TEAMS MAKE HISTORY IN KENYA –

The right type of change
 Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Great change expected with fibre roll-out

The SEACOM fiber-optic cable is a privately funded venture which
will link Southern and Eastern Africa to the global telecommunications
networks.

TEAMS (The East African Marine System), and the Eastern Africa
Submarine Cable System (EASSy) on the other hand are
government-backed ventures.

SEACOM and TEAMS have landed at Mombasa while the other is

expected to be operational by mid-2010.

The fibre roll-out will connect the East African region to the rest of
the world empowering the East Africans to become digital citizens.
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Benefits that fibre optic will bring

Huge increase in bandwidth

Faster connectivity

Instant Communication

Reduced cost of communications

Rural Areas will be connected through internet

E-commerce, E-business and E-learning will grow

The region will open up to important business hubs

across the globe
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Benefits that fibre optic will bring

Online services such as mobile banking will grow

Growth of Entertainment Avenues

Internet will emerge as the main media for businesses

The network will become highly interconnected

Networks will comprise of mobile workforce, customers,

partners, guests and third party contractors

and the list goes on …

Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Threats/Risks that fibre optic will bring

High and cheap connectivity can be used for questionable

and even criminal purposes

It will attract the attention of hackers who can hack into

computers, spread viruses and access credit cards remotely

Financial loss through theft or data corruption will increase

Companies with no or low security will be more vulnerable

A whole industry of criminal gangs operating around the

globe for financial gains through the use of malicious threats
may start taking the region seriously

The increased ability to access harmful sites will also be a

concern for parents.
 Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Why will these attacks increase?

• The network will be exposed to external users –

Partners, Suppliers, Customers, Guests, etc
e
ar
w
Spyware py
Spam
Internal users communicating over Wor
m P/ S
Phishing
P2 Ha
multiple protocols: P2P, IM, Web 2.0 us cking
Vir

Growing presence of dynamic

Environments: Wi-Fi, DHCP

e
ag
k
Lea
ta
Da
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Understanding the Threats

External Threats
Cyberoam UnifiedCyberoam - Management
Threat Unified Threat Management

In a nutshell…
External threats comprise of

Viruses, Worms, Trojans

Malware

Spam

Intrusions

Spyware

Phishing and Pharming

Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

2 Understanding
External Threats

Who is the attacker? Professional Criminals have taken over

- Consortiums dedicated to creating and distributing malware

What is the motive? It’s big business

- Malware authors driven by financial gain
- Steal confidential information from targeted companies

Who are the victims

- Corporations, Key Individuals

What is the result?

- Data Leakage
- Loss of competitive position
- Inability to meet regulatory compliance
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

ORGANIZATION SCENARIO

HACKER ORGANIZATION

A Hacker located at a remote location sends spam mails to many recipients in an

organization.
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

The Spam goes undetected by the traditional security solution and lands into your inbox
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

BANK MAIL
YOU ARE ELIGIBLE FOR A SPECIAL OFFER

CLICK
TO KNOW MORE

The fraudulent email appears to be from your Bank. Unaware, you click on the link in the
email.
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

INTERNATIONAL BANK

ENTER YOUR PASSWORD

PIN BANK361487544

PASSWORD **********
SUBMIT

The link is deceiving and resembles your Bank’s webpage. You are asked to verify your
account details which is actually a ‘phishing’ mail, that has thrown you a bait.
 Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

HACKER ENTERPRISE

After filling your account details and click ‘Enter’ you are shown a “website unavailable”
page. The details entered on this fraudulent webpage are in fact passed to the hacker.
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Hacker receives your bank details and empties all the money from your account.
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

INTERNATIONAL BANK

ENTER YOUR PASSWORD

PIN BANK361487544

**********
PASSWORD
YOU HAVE 0 BALANCE
IN YOUR ACCOUNT SUBMIT

When you try to log-in the next time on your genuine Bank’s website, you are shocked to
find that you have no money left.
Cyberoam Cyberoam
Unified Threat Unified- Management
Threat Management

Some Facts…

63% of companies report virus and worm attacks.

Trojan attacks have occurred in 58% companies.

60% of spam-sending bots also send email-borne

Malware

Image spam accounts for almost 35% of worldwide

spam mail and 70% of bandwidth taken by spam

More than 48% of corporate PCs are infected by some kind of

spyware.

An average of 343,000 newly-activated zombies are

reported everyday
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Understanding the Threats

Internal Threats
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Understanding
Internal Threats

Insider Attacks

Insiders – employees themselves

- User Ignorance - Malicious Intent

Why Insider threats can lead to greater damage

Employees have access to valid information and are privy to the

organization’s vulnerabilities

Insider attacks - more difficult to detect than external attacks

Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Source: IDG

2 Insider Threats l Who is behind the Breach?

Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

ORGANIZATION SCENARIO

You receive an email from your friend. Your friend has sent you a video, which they would
like you to watch.
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

YOUR FRIEND HAS SENT YOU

DOWNLOADING VIDEO FROM VIDEO
NEWTUBE
CONGRATULATIONS
CLICKDOWNLOADING INSTALLED
CODEC SUCCESSFULLY
TO KNOW MORE

PLAYER CANNOT DOWNLOAD THIS FILE

PLEASE DOWNLOAD MISSING CODEC

DOWNLOAD CODEC CLICK HERE

To view the video, you are asked to download the supporting format. While you are
downloading, a mal-ware enters your computer.
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

The mal-ware significantly slows down your computer. The mal-ware has made your
computer a zombie and is made to perform malicious activities. You are not aware of it.
Cyberoam Cyberoam
Unified Threat - Management Management
Unified Threat

Some Facts…

50% of security problems originate from internal threats

IM threats are growing at 50% per month

One in three instant message users have received SPIM (spam

over IM)

51% of executives say they do personal surfing during business

hours

Financial losses from unauthorized access to data and theft of

proprietary information has gone up
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

The solution - Need for Multiple Security Solutions for Internal

and External Threats

IDP Firewall
Multiple link Anti-Virus
Management

Bandwidth
Management Content
Filtering
Anti- VPN
Spam

But multiple solutions bring high expense and operational problems

• Dealing with multiple solution operation, vendors and updates

• Multiple AMCs (Annual Maintenance Contracts) and subscriptions

• Multiple reports redundancy lead to excessive time spent in understanding threat patterns
Cyberoam Cyberoam
Unified Threat
- Management
Unified Threat
Management

UTM : Unified Threat Management

All in one solution to fight against multiple attacks

and threats
Cyberoam Unified ThreatCyberoam - Management Management
Unified Threat

Unified threat management (UTM) refers to a comprehensive

security product which integrates a range of security features
into a single appliance.

A true UTM Appliance should have following features in single

solution:

1. Firewall
2. VPN
3. Intrusion Detection & Prevention
4. Gateway level Anti-virus
5. Gateway level Anti-spam
6. Content Identification & Filtering
7. Bandwidth Management for Applications & Services
8. Load Balancing & Failover Facilities

UTM
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Benefits of UTM Appliances

Reduced complexity
All-in-one approach simplifies product selection, integration and support

Easy to deploy
Customers, VARs, VADs, MSSPs can easily install and maintain the products

Remote Management
Remote sites may not have security professionals – requires plug-and-play appliance for
easy installation and management

Better Man Power Management

Reduction in dependency and number of high end skilled Human resources

Managed Services
Security requirements & day to day operations can be outsourced to MSSPs
 Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Challenges with Traditional and Current UTM Products

Lack of user Identity recognition and control

Inadequate in handling threats that target the user – Phishing, Pharming

Unable to Identify source of Internal Threats

Employee with malicious intent posed a serious internal threat
Indiscriminate surfing exposes network to external threats
50 % of security problems originate from internal threats – Yankee Group
Source of potentially dangerous internal threats remain anonymous

Unable to Handle Dynamic Environments

Wi-Fi
DHCP

Unable to Handle Blended Threats

Threats arising out of internet activity done by internal members of organization
External threats that use multiple methods to attack - Slammer

Lack of In-depth Features

Sacrificed flexibility as UTM tried to fit in many features in single appliance.
Inadequate Logging, reporting, lack of granular features in individual solutions
Need for Identity based UTM…
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Layer 8 Firewall

Cyberoam is the only UTM firewall that identifies users

directly by the username rather than through IP addresses.
This is Layer 8 Firewall as opposed to traditional firewalls that are Layer 7.
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Identity-Based Technology

User
Cyberoam Cyberoam - Management
Unified Threat Management
Unified Threat

Cyberoam – Identity Based Security

Cyberoam is the only Identity-based Unified Threat

Management appliance that provides integrated Internet
security to enterprises and educational institutions through
its unique granular user-based controls.

Router
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Cyberoam CRi UTM Appliance Range

Large Enterprises

CR 1500i
CR 1000i
CR 500i

Small to Medium Enterprises

CR 300i
CR 200i
CR 100ia

Small Offices

CR 50ia
CR 25i
CR 15i
 Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Awards

2008 Emerging Vendor of the Year for

Network Security

Business Hardware
of the Year 2009
ZDNET Asia- IT Leader of
the Year 2008
Best Integrated Security
Appliance
Best Security Solution for
Education
June 2009, CR 15i Best Unified Security

Tomorrow’s Technology
Today 2007
2008 – Best Content Filtering
CRN – Emerging
SMB Product of the Year Tech Vendors 2007

2007, 2008 Finalist

Finalist - 2008 Global Network Middle
Excellence in East Award
Network Security 2008 Finalist Channel 2007 Finalist American
VAR Editor’s Choice for
Solution Middle East Award Business Awards
Best UTM (2007)
 Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Sample Clientele
 Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Presence in 70+ Countries

Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Business alliances
Cyberoam Unified
Cyberoam
Threat- Management
Unified ThreatManagement

Cyberoam in Numbers base

virus data
the anti-
virus sig natures in
2.5 Million
More than s
eg orie
cat
82+
d in
orize
ateg
Lsc
UR
n
illio
40 M

*9 8% 3500+
IPS
*1 Spa Sig
nat
in mD ures
mil ete
lion False ction
Pos
es itiv
Cyberoam Cyberoam
Unified - Management
Threat Unified Threat Management

Question/Answer Session
For more information please contact
our following offices:

Kenya:
sales@coastdata.co.ke

Dubai:
salesmea@mart-metworks.co.uk

UK:
sales@mart-networks.co.uk

Thank you!