Cyberoam Unified Threat Management appliances enchanced with identity-based firewall
Elitecore technologies, vendor of UTM appliances has introduced a unique user identity-based firewall that delivers consolidated, single-point security in the integrated security appliance.
Three factors form the key to providing comprehensive security without compromising business flexibility in a UTM. The critical issue is of single point control over the multiple security solutions. Next are high levels of granularity and complete ease of use.
Cyberoam solves these three issues through new developments that include user identity-based firewall, enabling consolidation of multiple security features, schedule-based access to network components, assignment of application based QoS and application prioritization & routing for interactive applications like VoIP, in addition to a browser-based user-friendly installation wizard.
Cyberoam ensures this through its user-identity based firewall that embeds user identity in the firewall rule matching criteria unlike traditional firewalls that allow firewall rule creation based only on source and destination IP addresses. While eliminating the need for IP addresses as intermediate components to identify and control the user, user identity binds all the security features – Firewall, VPN, Anti-virus, Anti-spam, Intrusion Detection and Prevention, Content Filtering, Bandwidth Management and Multiple Link Management – to create a single, consolidated Cyberoam security unit rather than let them function in a disconnected fashion.
This allows administrators to change security policies dynamically while accounting for user movement – joiner, leaver, rise in hierarchy – through easy to configure policies.
In a key development that enhances granularity, Cyberoam addresses enterprise need to offer temporary access rights to users by allowing schedule to be attached to the firewall rule. “IT administrators can now create temporary rights for one time access to network components, eliminating the continued existence of such rights past their requirement,” says Chib. “For example, they can create 30 minutes access to FTP server to the user, John on a particular day at the end of which John will no longer have access to the server.”
Further, Cyberoam offers application-based QoS so that administrators can ensure high quality in interactive applications like VoIP, video conferencing. They can even prioritize bandwidth, ranging from 0 to 7 for these applications and can route it via high speed Internet links out of multiple ISP links, ensuring high quality interaction.
Thirdly, Cyberoam simplifies the complex task of network configuration with a new intuitive browser-based user-friendly wizard, which reduces the need for technical expertise for configuring Cyberoam.