Cyberoam UTMWhite paper

A Security Solution is as Good as it’s Configured

How a Well-Designed UI Gets it There

www.cyberoam.com

Executive Summary

Three elements have evolved together for security solutions to

reach the current stage – Features, interfaces and security

administrators. On the one hand, security features moved from

rudimentary firewalls to application firewalls that demanded high

granularity and expanded in breadth with the emergence of

Unified Threat Management solutions. On the other hand, the

interface itself evolved from -based black screens to

, to to today’s technology, delivering

higher levels of security by minimizing security errors. Driven by

these two elements, security administrators have begun to expect

greater depth and breadth of security in features, while

demanding ease-of-use and interfaces that involve shorter

learning curves, fewer security errors and downtime.

CLI software

GUIs Web GUIs Web 2.0

www.cyberoam.com I sales@cyberoam.com Elitecore Product

Security

Administrators

Features Interfaces

Contents

.........................

..........................

...............

Is your Security Solution Putting you at Risk?

What should Security Software GUIs Deliver?

Security Software Risks – Caution to Administrators

5 Questions Security Administrators Pose

15-Point Security Software Checklist

What is Cyberoam

.......................................

...............................

....................................................................

1

2

3

4

5

6

www.cyberoam.com I sales@cyberoam.com Elitecore Product

Web 2.0

Web GUIs

CLI

Software GUIs

Is your Security Solution Putting you

at Risk?

That is a truth that has

been ignored far too long. Although a well-designed user interface

solves this problem, security softwares, with their focus on features and

granularity, have always lagged behind web portals in adopting usability

and new interface technologies. In the process, they have ignored the

fact that security GUIs in particular should not increase security risk and

downtime.

When basic firewalls first emerged in the late 1980s, they walked in with

Command Line Interface - - making administrators enter hundreds of

lines of code from configuration to policy setting to checking logs and

taking corrective action.

Soon, these firewalls began offering that applications

and operating systems were already providing. Administrators were

quick to move to this easier interface.

During the late 90s, the Internet was expanding at a furious pace; the dot

com boom and bust were around the corner; firewalls and other security

solutions followed web portals and moved to . This was the

true beginning of usability.

Soon, application firewalls emerged with increasing granularity. At the

same time, Unified Threat Management solutions began delivering

multiple security solutions over a single interface. While solutions

became more complex, the technical capability and inclination of

administrators moved towards ease-of-use and intuitive UIs. But with

the average UI coming with some 40 flaws , interfaces had some

catching up to do.

The emergence of during the mid-2000s finally introduced the

ability to deliver the intuitive interface that security solutions needed.

Although the solutions are still to incorporate this technology, Web 2.0

enables them to ease administrator tasks, minimize security errors and

downtime while enhancing administrator productivity. A note of caution

here security administrators should be wary of solutions which, carried

away by the Web 2.0 flexibility, add more fizz than functionality.

a security solution is as good as it is configured

CLI

Software GUIs

Web GUIs

Web 2.0

-

*

www.cyberoam.com I sales@cyberoam.com Elitecore Product

1

What should Security Software GUIs

Deliver?

First and foremost, as with all interfaces, a good security software GUI

lets the administrator feel in control. This is borne out in our survey

where 55% administrators would like to have simple navigation, the

single largest demand from them. Another 34% asked for clarity in

message, buttons and menu. These 2 factors were leading to long

configuration times, longer learning curves and in quite a few cases,

security errors and downtime. Given these facts, the key elements of

good security software GUIs are to:

The end result would be satisfied administrators. At Microsoft several

years ago, Word for Windows' print merge feature was generating a lot

of lengthy (average = 45 minutes) support calls. As a result of usability

testing and other techniques, the user interface for the feature was

adjusted. In the next release, support calls 'dropped dramatically' .

Similarly, security software GUIs that are administrator-friendly, reduce

the need to use Help and Search buttons as well as tech support calls.

Further, they minimize security errors, simplify policy creation and

editing, speed up response time, reduce down time and can make the

difference between keeping all the systems up and leaving a gap in

security. Plus, they lead to higher satisfaction levels for administrators

and their team - in a 1992 Gartner Group study, usability methods raised

user satisfaction ratings for a system by 40% .

• Minimize errors - by predicting what the administrator is

likely to do

• Enhance productivity - through consistency and intuitive

ability

• Reduce training need and the learning curve

*

*

Key Elements of Good

Security Software GUIs

• Minimize Errors

• Enhance Productivity

• Reduce Training

www.cyberoam.com I sales@cyberoam.com Elitecore Product

2

Security software, more than any other software product carries

inherent security risks which can be controlled through usability.

Ranging from complex navigation, slowing the response time, hard-to-

see alerts, complexity in configuring and applying policies and expired

subscriptions, the list is endless. The idea is to reduce the frequency and

severity of errors and enable administrators to recover from errors easily

and quickly.

Effective navigation makes up 80% of usability.

Administrators require precise instructions for the start and end points,

and clarity in the navigation steps. Since most security softwares have

optional features based on subscription, navigation should be clear for

administrators who hold the entire bundle as well as those that operate

with limited features. Multiple back and forths among screens lead to

confusing GUIs that can cause long security policy creation cycles,

leading to administrator frustration.

When administrators have to search for reports,

take a long time to drill down to the origin of the threat, and longer still to

change policies to minimize its spread, it has serious security

implications for the entire network.

Zero-day threats, feature malfunction, say IPS, Anti-

virus, Anti-spam, invalid access attempts to the solution, the solution

itself being under attack, or any number of such happenings, must be

displayed as a difficult-to-miss alert on the GUI.

Creating a policy, say to control access to applications,

can involve controlling a long list of signatures running into the

thousands. Cumbersome GUIs with long scrolling windows or multiple

scrolls between the outer window and an inner window can easily

disorient administrators, making them miss some applications or add

some that are best left accessible. Typically, at the end of a policy

configuration, administrators must know how to apply a policy, say scan

or block, must understand whether they've achieved what they set out

to achieve, including helping them grasp the implication of order of rows

where policy in a higher row overrides that in the rows below.

Renewals and updates can go unnoticed when

the subscription details remain hidden or are unclear as they do in many

software GUIs. Placing them on the dashboard with no ambiguity in the

message helps to make sure that the organization's security cover is up-

to-date.

To sum up, usability is a matter of not just productivity and ease-of-use,

but more importantly, of higher levels of security in case of security

softwares. Web 2.0 techniques used judiciously with the principles of

usability can achieve this goal.

Here is a representative list of risks that administrators must look

out for with security solutions:

Complex Navigation:

Slow Response Times:

Dashboard Alerts:

Applying Policies:

Renewals and Updates:

Security Software Risks -

Caution to Administrators

Security Software Risks

• Complex Navigation• Slow Response Times• Dashboard Alerts• Applying Policies• Renewals and Updates

www.cyberoam.com I sales@cyberoam.com Elitecore Product

3

5 Questions Security Administrators

Pose

Security administrators typically pose the following 5 key questions and

concerns. Given similar feature sets, they need to use these questions

during their evaluation phase to select a more intuitive GUI:

1. Security administrators need to understand

the meaning and context of a term before applying a policy. They

cannot employ a method of trial and error. When disallowing certain

site categories to users, they need to look for a definition of the

category itself eg. productive, harmful, unproductive, bandwidth

consuming and a sample set of sites within the category itself

without having to change screens. They need to look for best

practices recommended by the vendor as a security expert although

they might customize this to meet their requirements.

2. Administrators are human. They make mistakes. They

need to look for fool-proof solutions that make them double-check

when an error can lead to expensive and time-consuming mistakes.

This can take the form of confirmatory questions and disallowing

certain changes. Similarly, they need to look for a solution that gives a

confirmation at each successful stage, easing the pressure of going

wrong.

3. Certain policies and settings require a

solution restart, bringing to halt downloads, uploads,

communications and system back-ups in progress. Administrators

must look for solutions that provide a warning prior to such policy

creation, so that they can choose the time to apply the change and

hence allow the solution to restart.

4. Navigating a new GUI is like walking in a new city without

the familiar landmarks. Hence, they need to look for solutions with

certain familiar elements to reduce the learning curve unless they are

looking for a radically new solution.

5. Administrators and their team mates find it easier

making fair guesses and figuring out for themselves rather than read

lengthy user guides in making a first time deployment and policy

creation. Hence, they need to look for GUIs that minimize the guess

work, which comes from clarity in titles and placement.

What does this mean?

Did I go wrong?

Why didn't you warn me?

Where am I?

Where can I find it?

5

5 Questions to Evaluate a

GUI

•

•

•

•

•

What does this mean?

Did I go wrong?

Why didn't you warn me?

Where am I?

Where can I find it?

www.cyberoam.com I sales@cyberoam.com Elitecore Product

4

15-Point Security Software Checklist

When business representatives did a cost-benefit analysis for a new

system, they estimated that a well-designed GUI front end had an

Internal Rate of Return of 32%. This was realized through a 35%

reduction in training, a 30% reduction in supervisory time, and improved

productivity, among other things . Looking at it from the security

administrator point-of-view, the 32% rate of return on the vendor-side

indicates a saving in training time to security administrators and fewer

deployment and support calls that they are forced to make, not to speak

of the security errors that are eliminated.

To generate such benefits to administrators, we have compiled the

following 15-point checklist, including navigation, design and text

elements, that administrators must consider when evaluating security

solutions:

1. Are the start and end points clear?

2. Are multiple paths and intermediate steps between the start and

end points clear as with a GPS?

3. Do administrators know at which point they are on the GUI?

4. Does policy creation involve multiple back and forths between

screens, features or between CLI and GUI?

5. Can a policy be undone mid-way if the administrator decides that it

does not meet the corporate security policy?

6. Are error, renewal and update messages prominent in display on the

dashboard?

7. Is critical information readily available?

8. Does the page fit the window size horizontally with key elements?

9. Are page scrolls kept to a minimum?

10. Is the layout and design uncluttered?

11. Are the policy and category definitions clear to the administrator?

12. Are the tabs and messages clear and consistent?

13. Does each single word or title have a unique meaning?

14. Are the save-submit buttons clear in meaning and layout?

15. Are warnings clear in their implication?

Navigation

Layout & Design

Meaning and Readability

*

Checklist for Evaluating

Security Solutions

• Navigation

• Layout & Design

• Meaning and Readability

www.cyberoam.com I sales@cyberoam.com Elitecore Product

5

6

www.cyberoam.com I sales@cyberoam.com Elitecore Product

Unified Threat Management

(UTM)

SSL VPN Cyberoam iViewIntelligent Logging & Reporting

Cyberoam Central Console(CCC)

Cyberoam

Endpoint Data Protection

Toll Free Numbers

USA : | India :

APAC/MEA : | Europe :

+1-877-777-0368 1-800-301-00013

+1-877-777-0368 +44-808-120-3958

C o p y r i g h t © 1999-2010 E l i t e c o r e Te c h n o l o g i e s L t d. A l l R i g h t s R e s e r v e d . Cyberoam & Cyberoam logo are

registered trademarks of Elitecore Technologies Ltd. ®/TM: Registered trade marks of Elitecore Technologies or of the owners

of the Respective Products/Technologies.

Although Elitecore attempted to provide accurate information, Elitecore assumes no responsibility for accuracy or completeness

of information neither is this a legally binding representation. Elitecore has the right to change, modify, transfer or otherwise

revise the publication without notice.

What is Cyberoam

Cyberoam Identity-based Unified Threat Management is at the

forefront in incorporating principles of usability and Web 2.0 technology

to provide a security software GUI that is easy to use for security

administrators. It also minimizes security errors and enhances

administrative productivity. Available from Version X in 2010, it took a

full architectural revamp and a complete change in its GUI to deliver this

intuitive interface to administrators.

The aim was clear - given the increasingly ubiquitous nature of UTMs in

organizations, to deliver a GUI which administrators can deploy and

configure rapidly and by themselves.

For sales enquiries, please contact us at sales@cyberoam.com

Cyberoam Awards & Certifications

Cyberoam Security Portfolio

Cyberoam UTM Features

•

•

•

•

Application Firewall

VPN (SSL VPN & IPSec)

IPS (Intrusion Prevention System)

Anti-Virus and Anti-Spyware

•

•

•

•

Anti-Spam

Content & Application Filtering

Bandwidth Management

Multiple Link Management

Data Protection

& Encryption

Device

Management

Application

Control

Asset

Management

*http://www.amanda.com/resources/ROI/AMA_ROIWhitePaper_28Feb02.pdf