fit 10 - hargun - cyberoam
DESCRIPTION
TRANSCRIPT
![Page 1: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/1.jpg)
HARI GUNAWANFIT 04 Juni 2010PT. Jerbee Indonesia
![Page 2: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/2.jpg)
EKSTERNAL•VIRUS•SPAM•SPYWARE•HACKING•PHISHING,PHARMING•ROOTKITS
INTERNAL•MALICIOUS INTENT•INFORMATION LEAKAGE•IDENTITY THEFT
ANCAMAN KEAMANAN JARINGAN
![Page 3: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/3.jpg)
Unified Threat Management (UTM)
Evolution of the traditional firewall into an all-inclusive security product that has the ability to perform multiple security functions in one single appliance: network firewalling, network intrusion prevention and gateway antivirus (AV), gateway anti-spam, VPN, content filtering, load balancing and on-appliance reporting.
![Page 4: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/4.jpg)
1.Firewall
2. VPN
3. Intrusion Detection & Prevention
4. Gateway Level Anti-virus for Mails, Website, File Transfers
5. Gateway level Anti-spam
6. Content Identification & Filtering
7. Bandwidth Management for Applications & Services
8. Load Balancing & Failover Facilities
Unified Threat Management (UTM)
![Page 5: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/5.jpg)
Benefits of UTM Appliances
Reduced complexity All-in-one approach simplifies product selection, integration and support
Easy to deployCustomers, VARs, VADs, MSSPs can easily install and maintain the products
Remote Management Remote sites may not have security professionals – requires plug-and-play appliance for easy installation and management
Better Man Power ManagementReduction in dependency and number of high end skilled Human resources
Managed ServicesSecurity requirements & day to day operations can be outsourced to MSSPs
![Page 6: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/6.jpg)
Lack of user Identity recognition and control Inadequate in handling threats that target the user – Phishing,
Pharming
Unable to Identify source of Internal Threats Employee with malicious intent posed a serious internal threat Indiscriminate surfing exposes network to external threats 50 % of security problems originate from internal threats – Yankee
Group Source of potentially dangerous internal threats remain anonymous
Unable to Handle Dynamic Environments Wi-Fi DHCP
Unable to Handle Blended Threats Threats arising out of internet activity done by internal members of
organization External threats that use multiple methods to attack - Slammer
Lack of In-depth Features Sacrificed flexibility as UTM tried to fit in many features in single
appliance. Inadequate Logging, reporting, lack of granular features in individual
solutions
Challenges with Current UTM Products
Need for Identity based UTM…
![Page 7: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/7.jpg)
Identity is missing on firewall, antivirus & Anti-spam
![Page 8: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/8.jpg)
Products
• Cyberoam UTM• Cyberoam iView (Open source Logging & Reporting)• Cyberoam Central Console (Centralized Management)• Cyberoam EndPoint Data Protection
![Page 9: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/9.jpg)
Layer 8 Firewall (Patent-pending Technology)
Cyberoam Unified Threat Management (UTM)
![Page 10: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/10.jpg)
Patent Pending: Identity-Based Technology
User
![Page 11: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/11.jpg)
Cyberoam is the only Identity-based Unified Threat Management appliance that provides integrated Internet security to enterprises and educational institutions through its unique granular user-based controls.
![Page 12: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/12.jpg)
Database of millions of sites in 82+ categories
Blocks phishing, pharming, spyware URLs
HTTP upload control & reporting
Web and Application Filtering Features
Block & Control Applications such as P2P, Streaming,
Videos/Flash
Local Content Filter Database to reduces latency and
dependence on network connectivity.
Customized blocked message to educate users about
organizational policies and reduce support calls
![Page 13: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/13.jpg)
Application and Identity-based bandwidth allocation
Committed and burstable bandwidth
Time-based, schedule-based bandwidth allocation
Restrict Bandwidth usage to a combination of source, destination and
service/service group
Identity-based Bandwidth Management
![Page 14: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/14.jpg)
Authentication and External Integration
![Page 15: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/15.jpg)
Advanced Multiple Gateway Features
Schedule based bandwidth assignment
Gateway Alerts on Dashboard
Bandwidth Utilization Graphs
Active-Active Auto Link Failover & Load
Balancing
Active-Passive Auto Link Failover
Source & Destination Routing
Support for more than 2+ ISP links
![Page 16: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/16.jpg)
Educate Users with Custom Denied Messages and Reduce Your Support Calls
James
http://www.screensaver.com
Dear Mark,
The web site you are trying to access is listed within the category SpywareandP2P
It can result in download of spyware and adware which result in popups. They are a threat to you and the enterprise and can slow the network down.
http://www.screensaver.comhttp://www.screensaver.com
Dear Mark,
The web site you are trying to access is listed within the category SpywareandP2P
It can result in download of spyware and adware which result in popups. They are a threat to you and the enterprise and can slow the network down.
![Page 17: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/17.jpg)
Scans WEB, FTP, Pop3, SMTP & IMAP traffic Self-service quarantine area Signature update ever 30 Mins Identity-based HTTP virus reports Disclaimer Addition to outbound emails Spyware and other malware protection including “Phishing” emails Block attachment based on Extensions (exe, .bat, .wav etc)
Gateway Anti- Virus Features
![Page 18: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/18.jpg)
Spam filtering with (RPD) Recurrent Pattern Detection technology
Virus Outbreak Detection (VOD) for zero hour protection
Self-Service quarantine area
Content-agnostic
Change recipients of emails
Scans SMTP, POP3, IMAP traffic
Gateway Anti-Spam Features
![Page 19: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/19.jpg)
Protects against Image-based Spam and spam in different languages
The spam catch rate of over 98%
1 in Million false positives in spam
Local cache is effective for >70% of all spam resolution cases
RPD (Recurrent Pattern Detection)
![Page 20: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/20.jpg)
Multiple and Custom IPS policies Identity-based policies
Identity-based intrusion reporting
Ability to define multiple policies
Reveals User Identity in Internal Threats scenario
IPS Features
Intrusion Prevention System (IPS)
![Page 21: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/21.jpg)
Cyberoam in Numbers
More than virus signatures in the anti-virus
database
URLs categorized in
categories
Spam Detection
False Positives
IPS Signatures
500,00
0
More than 50
Million
82+
* 98%* 1 in million
More than 5500+
![Page 22: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/22.jpg)
Other Network / System Features
• High Availability (Active-Active / Active-Passive)
• Stateful Failover
• VPN Failover
• Dynamic Routing (RIP, OSPF, BGP)
• NTP Support
• Multiple Configurable Syslog Server Support
• GUI based Real Time Firewall Log
• Roll Back (Roll back to last upgraded version)
… And Much More
![Page 23: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/23.jpg)
CONTOH APLIKASI CYBEROAM
![Page 24: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/24.jpg)
Subscription free On-Appliance Reporting
Real-time Monitoring and Alerting
Over 1100+ Drilldown Reports
Reports in HTML, MHTML, PDF, & CSV formats & Email Alerts
Web 2.0 GUI and Reporting interface.
iView(Cyberoam Aggregated Reporting & Logging Software)
![Page 25: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/25.jpg)
![Page 26: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/26.jpg)
![Page 27: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/27.jpg)
![Page 28: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/28.jpg)
Instant Messaging Logging & Control
• Yahoo & Windows Live Messaging
• Control Who Communicates with Whom
• Control Webcam usage
• Control Voice Usage
• Individual as well as Group Control
![Page 29: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/29.jpg)
Control who can chat with whom
Archive Communication
Control communication medium(chat, video, voice)
Data Protection
Productivity
![Page 30: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/30.jpg)
Reduces operational complexity and deployment time
Minimizes errors and lowers administration cost Enables the MSSPs to
have different personnel for managing different customer deployments
Ease of use with view of multiple devices and network status at a
glance
Cyberoam Central Console – CCC Series
![Page 31: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/31.jpg)
![Page 32: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/32.jpg)
Cyberoam for End Point Data Protection
1. Need for Data Protection
2. Data Protection & Encryption
3. Device Management
4. Application Control
5. Asset Management
![Page 33: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/33.jpg)
Medical records of 741 patients lost by a hospital
60% corporate data lies unprotected on endpoints
Lost USBs
Lost Multimedia Discs
Wrong Email Attachment
Lost iPods
Personal information of 11.1mn customers of leading oil refinery (USA) found on streets
Bank employee accidentally sent sensitive customer details to wrong email address
12,500 handheld devices forgotten at the back of taxis every 6 months in UK
9000 USB sticks found in people's pockets at the local dry cleaners in UK
Need for Data Protection
![Page 34: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/34.jpg)
What Places Data At Risk?
ApplicationsWeb, Mail, IM, P2P, Printing, FTP
Removable DevicesUSBs, CDs/DVDs, MP3, Digital cameras
InsidersUnauthorized transfer of sensitive data; Malware-laden email for information access; Sensitive data sent to wrong person
Data At Risk• Intellectual property related to R&D
• Business plans, RFP / Tender quotes • Product launch dates and
roadmap • Customer data
MaliciousUnintentional
![Page 35: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/35.jpg)
Cyberoam End Point Data
ProtectionProtect your Data. Protect your Assets.
![Page 36: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/36.jpg)
Cyberoam End Point Data Protection
• Comprehensive End Point Data Protection Suite
• Modules
• Data Protection & Encryption• Device Management• Application Control• Asset Management
![Page 37: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/37.jpg)
Prevent Data Leakage – Email Attachments
Control data shared as attachment in emails Send customized warning message to user and alert to
administrator
Data Protection & Encryption
![Page 38: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/38.jpg)
Record Data Shared over Webmails
Record content of Webmail such as Yahoo, Gmail & Msn
![Page 39: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/39.jpg)
Prevent Data Leakage - Attachments over Instant Messengers
Attachment:
.doc NOT ALLOWED
File name: confident NOT ALLOWED
Size: > 2 MB
Control data shared as attachment over Instant Messengers Send customized warning message to user and alert to
administrator
.exe
.jpg
![Page 40: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/40.jpg)
Before deleting
Operation
Modify
Delete
Fixed
Floppy
CD rom
RemovableNetwork
Unknown
.jpg
.doc
Before modifying
Before copying/cut to
Before copying/cut from
Mode of Transfer
File Name/Extn.
Back up
Read
Document
Prevent Accidental / Malicious Deletion of Data
Selective Action & Back-up of Document
• Control operations over a document and its mode of transfer• Back up files before specific actions
![Page 41: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/41.jpg)
PrinterPrinter Type Selected files/Extn.
Attachment:.xls
Attachment:.doc
Shared
Local
NetworkVirtual
Database Server
PrinterPrinter Type Selected files/Extn.
Attachment:.xls
Attachment:.doc
Shared
Local
NetworkVirtual
Database Server
Prevent Data Leakage through Printed Files
Copy of Printed File Saved in Database Server
• Control access to printers in the system• Save shadow copy of printed file
![Page 42: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/42.jpg)
Encrypt entire device
Attachment:.xls
Attachment:.doc
Attachment:.jpg
Decrypt before reading
Encrypt selected files
Data Sharing Through Removable Devices
• Encrypt all/selected files while writing to removable device• Decrypt files while reading from a removable device only in
organization network
• - Data in your lost USB device cannot be decrypted and is safe
Encrypts Data, Blocks Data Sharing
![Page 43: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/43.jpg)
Record Chat Sessions even for SKYPE
Chat session
logs
Back up server
![Page 44: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/44.jpg)
Protect your Data by controlling data over device
• Allow only authorized devices
Device Management
Storage Device
Communication Interface Device
USB Device
Network Devices Others
Dial Floppy, CD, Burning device, Tape, Removable device
Serial ports, parallel ports, modems, Bluetooth
Dial-up connection
USB keyboard, mouse, modem, storage, hard disk, others
Wireless LAN adapter, PnP adapter, Virtual LAN adapter
Audio equipment, Virtual CDROM, any new device
Device Management
![Page 45: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/45.jpg)
Protect your Data by Controlling Applications
• Prevent data loss through unauthorized/indiscriminate use of applications
• Granular, policy-based application controls
- Protect sensitive data & enhance employee productivity- Prevent legal liability, network outages
IM tools
Entertainment(MP3, MP4, MPEG)
Pirated software Screensavers
Password crackers
Application Control
![Page 46: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/46.jpg)
QUESTION ?
![Page 47: FIT 10 - Hargun - Cyberoam](https://reader038.vdocuments.us/reader038/viewer/2022103111/54bce9e34a7959c06c8b4571/html5/thumbnails/47.jpg)
TERIMA KASIH