Recently, Cyberoam has launched a VMware-based virtual CCC appliances which would prevent the need for deploying a dedicated hardware appliance and allow organizations to use their existing VMware environment and provide greater flexibility. It’s also more eco-friendly alternative.

These virtual CCC appliances are available for both VMware Server and VMware workstation environments. This allows greater flexibility for administrators who want to manage their security environment for complex networks.

It needs to be mentioned that the virtual CCC appliances carry the same features and security management capabilities as the dedicated CCC hardware appliances: the familiar web GUI interface for managing, searching and sorting dispersed Cyberoam UTM appliances, role-based administration privileges, email alerts for expiry of subscription modules, excess disk usage etc. and the CCC Log Viewer to offer logs and views of administrator actions on CCC as well as dispersed UTM appliances.

The CCC virtual appliances can be downloaded from Cyberoam’s website, and immediately after activation, customers can manage up to 5 Cyberoam UTM appliances for free, beyond which appliance licenses can be purchased.

An organization decided to invest in an IT security solution to take care of its network security. As a result, spam levels went down and viruses sneaking past the network gateway were effectively reduced. The statistics looked impressive. But the picture wasn’t rosy all around. With security taking centre stage, the IT administrator blocked all access to Instant Messengers to stop malware through IMs, idle chat among employees and more. Employees were left not too happy about it as they lost a critical tool of instant communication to the company’s security initiatives! A Sales Manager travelling to another country to close an important deal wasted crucial time in trying to source important information for the business proceedings, because the company chose to ignore the benefits of VPN technology due to fear of VPN security loopholes. Internet access was restricted in the company to minimize the fear of Internet malware and other threats that could clog the network – leaving the sales and marketing teams at a disadvantage in using viral marketing campaigns or gathering real-time information on competitor moves. Security was certainly in but it was achieved at a cost of connectivity and productivity in the organization.

Intelligent Security: Secures while Enhancing Connectivity & Productivity

Network security devices that select security and sacrifice connectivity and productivity in the process, disturb the Security-Connectivity-Productivity balance and put organizations behind in the race for business growth. A Unified Threat Management appliance that integrates multiple features on a single platform and offers policy controls over its features helps organizations achieve a balanced growth by helping them achieve security, connectivity and productivity, without compromising any one of them

Cyberoam UTM: Assuring Security, Connectivity, Productivity

Cyberoam Unified Threat Management appliances offer features that ensure SECURITY over network, content and administrative security; ensure CONNECTIVITY through business continuity, network availability and future-ready connectivity; assure PRODUCTIVITY by enabling employee productivity, IT resource optimization and administrator productivity in organizations. . To find out more about Cyberoam’s Security-Connectivity-Productivity principle, go to www.cyberoam.com.

Differing Bandwidth Needs by Users, Applications, Websites
Bandwidth requirements differ by users and their job roles, and the importance of applications and websites, which are typical to a business. Organizations should have the flexibility to assign committed and maximum bandwidth to important users in their set-up while users with job roles that require Internet access which is not time-critical should be assigned lower bandwidth. Also, business-critical applications like VOIP, SalesForce should get committed, high share of total bandwidth for better QoS while non-business applications like YouTube should be assigned a lower share.

Cyberoam UTM saves the day for IT managers!
Cyberoam enables bandwidth policies based on users, user-groups, applications, and website categories to organizations. For eg., committed bandwidth to VoIP, SalesForce; low share to websites with non-business video, music, zero bandwidth to P2P. It allows organizations to assign committed and burstable bandwidth to users, website categories, applications and firewall rules for optimal bandwidth use. Cyberoam’s bandwidth management feature is tightly integrated with other security features like Anti-Virus, Anti-Spam, Web Filtering, Application and Instant Messaging controls, among others, on a single UTM appliance which protects organizations from bandwidth leaks through virus, malware and other threats in the network.

HTTPS- The Switch from Safe to Unsafe
Everyone loves “extra-security”. So, everyone, read “all and sundry websites”, started shifting to HTTPS protocol for that added bit of safety. So much so that today, even our day-to-day communication sites like Gmail and Facebook run on HTTPS.

Once a port and protocol combination that was used for productive purposes, HTTPS is now being used for day-to-day communications by common surfers. This popularity has led to HTTPS becoming a chosen vector for malware attacks. In other words, the secure socket layer is no more secure.

The Gain becomes a Pain
Data transmitted over HTTPS/SSL being encrypted, it remains elusive to traditional firewalls in a security setup as they are unable to see through this traffic and remain blind to its content. Because HTTPS hides the traffic from view, it has been popularly used by cyber criminals to mask malicious codes. For organizations whose network security systems don’t give complete visibility into the HTTPS traffic, HTTPS increases risks for them. If an employee visits an HTTPS site that has malware, the malware can enter the organization’s network without the network security solution identifying it.

Data Leakage Adds to HTTPS WoesJust as malware can be transmitted unchecked over HTTPS, the risk of data leakage over HTTPS is huge too. Organizations face the risk of malicious insiders leaking sensitive information, such as personnel records, credit card numbers or proprietary information and intellectual property. A traditional network security solution may not be able to block files from being uploaded over HTTPS based websites. This presents risk of data leakage in organizations.

Cyberoam Offers Complete Visibility & Control over Encrypted Traffic
Cyberoam UTM provides complete visibility as well as control over SSL traffic, thus restoring the sanctity of HTTPS traffic. It scans HTTPS Web Traffic for threats, such as viruses/ worms and spyware. Similarly, VPN traffic is scanned to ensure security. Cyberoam helps organizations prevent data leakage by offering an option of blocking files uploads over HTTPS.

If one were to identify a significant factor that needs every organization’s attention to achieve and maintain its compliance state, it would be the USER. A Control over user activities in the network along with, of course, comprehensive reporting and archiving are important for solving the compliance challenge. Questions asked should be-

Who is accessing the network?
What are they allowed to access?
What are they actually accessing?
Do we have logs and reports to demonstrate good compliance?

Think compliance and most organizations get bogged down with the thought of complicated documentation process and training people for complying with the requirements. Cyberoam Unified Threat Management appliances that provide comprehensive network security reduce the complexities involved around meeting the compliance requirements. Its unique Layer 8 technology binds security with user-identity, allowing IT teams to easily set up policies for each user or group based on their role and business needs. This facilitates in building a cost-effective security and maintaining a safe network which is an important prerequisite for all major compliance norms.

Cyberoam UTM appliances enforce a way to identify a user in the network, typically by having the user enter valid credentials that can be verified along with Device MAC address and IP address (or in IP less environments) for proper authentication of the user. Based on their role and business needs, users can be authorized to access selective websites, applications and servers in DMZ.

Cyberoam goes a step further by providing security incident monitoring, log management, compliance management and forensic analysis using its on-appliance reporting. Cyberoam UTM’s inbuilt compliance reports relieve organizations from a painful audit process to support compliance requirements like HIPAA, SOX, PCI DSS, CIPA and more.

Recently, Cyberoam announced the launch of CCC500 and CCC1000 appliances, scaling to meet the demands of MSSP and distributed enterprise networks having up to 1000 Cyberoam UTM appliances. Apart from expanding product range, the all new CCC firmware brings better flexibility, controls and security management capabilities.

CCC simplifies security management by enabling centralized policy creation and implementation, subscription and signature updates for Cyberoam UTM appliances deployed at branch offices and client offices for all UTM features like Firewall, Intrusion Prevention System, Anti-Virus scanning, and more.

Basically, the new Central Console was conceived as a cost-effective security management platform for large enterprises and MSSPs. It enables them to save enormous time, costs and technical training requirements for a large number of deployments in remote locations by simply pre-provisioning Cyberoam UTM appliances from a central location.

The new CCC provides the flexibility to group distributed Cyberoam UTM appliances based on geographies, appliance models, firmware versions, organizations (for MSSPs) and subscriptions. The new CCC GUI is powered by Web 2.0 with dynamic views for managing, searching and sorting UTM appliances along with customizable and multiple dashboards to help in quick monitoring and remedial actions.

In addition, there is support for template-based configuration where MSSPs can define custom policies (e.g. for education vertical) to create vertical-focused policies for their clients in minimum time.

CCC also guards against potential misuse of administrator privileges by using role-based administration permissions. Further, it gives administrators plenty of flexibility by scheduling updations of security policies with facility to take automated and manual backup of UTM configurations. CCC allows you to centrally view and analyze logs of dispersed UTM appliances.

Click here to listen to the podcast

You can also get live updates from RSA conference website in relation to the RSA conference in San Francisco. I’ve been invited as a speaker and my speaking session is on the 15th of February. For further details, visit https://cm.rsaconference.com/US11/catalog/speakers.do?sort=fullNameReversed

Check out a synopsis for the given topic

This session will depict a detailed research into social media activities for a random sample of 20 organizations and their employees who are active on social networks. The objective is to map out their corporate DNA using accidental revelations, unmonitored tweets and logical deductions, and mine for insider information that wouldn’t be readily available to outsiders.

Applications such as Twitter, Facebook and Linkedin are increasingly being employed by organizations to connect with investors, analysts, customers and partners. However, there is a downside to business opportunities created by these tools. Harmlessly-intended forum posts, remarks, tweets, or status updates by employees, when fitted together as in a jigsaw puzzle, reveal startling facts about the organization which only an insider might be aware of. It’s possible to make use of this information pool to create a competitive profile for their business which can reveal a lot more than what is desired.

Among intangible disclosures, a surveillance agent can learn about the organization’s core values, hierarchy, communication styles, employee morale and motivation, industry environment, business challenges, systems and processes and many other internal details.

Among tangible disclosures, the footprints left behind in social networks can influence anti-competitive practices, industrial espionage and intellectual property fraud. Accordingly, it will be shown that one can learn about an organization’s future plans, confidential financial data, products, personnel records, clients or trade secrets without having to employ the skills-set of a hacker, or finding an insider to be coerced, bribed or blackmailed.

In this session, the audience will be taken down intelligence gathering activities carried out on a sample of 20 businesses that have active accounts across Linkedin, Twitter and Facebook. In addition, the social media accounts of individual employees, along with online sentiment generators have been used to sketch out patterns in disclosure and their potential use for customers, competitors, and media. It will also be shown what steps could have been taken by the chosen sample of organizations to protect their business interests.

Why is it called “extensible security”?

The threat landscape for enterprises is continuously evolving due to the periodic emergence of new threats such as the recent Zeus Trojan attack which caused great financial loss to the banking sector. Enterprise IT teams have a need to update their security appliance with new features and/or update the protection level of existing Anti-Malware, IPS and more to tackle any new threat variants.

However, this is easier said than done. The truth is most enterprise-class security products are based on closed systems, running on hard-coded architecture of the legacy appliance and thus, cannot cope with evolving security requirements. This leads to unnecessary hardware upgrade costs.

In fact, these appliances lose their performance value with time because they cannot be upgraded in field to counter new threats; such systems deliver slow performance from the very next day the system was designed. Any fresh attack deteriorates the system speed further. Hence, the user will have to make a tough choice between declining system performance and protection against new attacks.

To solve this problem, Cyberoam has brought in its CR range of UTM appliances which run on a multicore-aware software architecture. This software does not depend on the appliance hardware, making it easily reprogrammable to deliver new patches and policies online to address any fresh attacks. Thus, the appliance’s performance does not deteriorate with time.

In addition, Cyberoam’s extensible firmware can update with future security needs of an enterprise. It can effortlessly grow with future security needs of an organization, neutralizing unanticipated threats without degrading system performance