Review: Cyberoam CR35wi UTM device
Cyberoam's CR36wi identity-based unified threat management (UTM) device takes a big brother stance on security for small and medium enterprises (SMEs).
The device provides high performance security protection for up to 50 users, and includes firewall, anti-virus, anti-spam, anti-spyware, Web and applications filter, and an intrusion protection system.
The UTM device, which connects to a company's network, is small, compact and easy to configure and manage. If there's a security problem in the network, it's easy to pinpoint the location of the problem and what caused it.
It's suited for the small company that doesn't have a designated IT department or extensive resources.
When testing the device on IT distributor IndIT's network via an iPad and notebook, I found Cyberoam's console to be simple and easy to manage.
A PC server is linked to the Cyberoam appliance via the network, which is also connected to the Internet via ADSL and 3G. A virtual private network can be set up on a cellphone, tablet PC, desktop PC or netbook. No one can infiltrate the virtual private network without a password.
The device provides an IT administrator a bird's eye view of which applications are accessed by certain users and can allocate what Web sites employees can or cannot access.
In addition, the administrator can set up times when a user can access Web sites. For instance, Facebook can be set to be accessed after working hours. Content filtering is very flexible and a lock-down can be set to prevent online streaming such as YouTube videos, uploads and downloads.
The CR35wi has a user-friendly access feature, in that users can simply log into their PC or mobile device using their Windows password. The same password can be used to manage multiple devices; however each device needs to first be registered onto the network.
The biggest selling point of Cyberoam's CR35wi UTM device is that it is identity-based. This means anybody can be tracked on the network, and the IT administrator can see exactly what each staff member is doing at anytime.
Instant messaging chat groups can also be monitored or blocked. The UTM device can monitor which documents were opened or how many times a certain Web site has been accessed and whether it's work-related or not.
The appliance can handle multiple gateways and can cater for network failover; as the IT administrator can plug in an ADSL connection, as well as a 3G card, so if the ADSL fails, then the wireless connectivity will take over.
The solution has a rich graphical user interface with usage reporting and graphs that shows who accesses the Internet the most, what Web sites are accessed, who the top e-mail senders are and spam senders.
It also monitors incoming threats in real-time, malware detection and intrusion prevention. It takes into account that majority of threats are insider threats, and gives full power to the IT administrator to protect the network from the inside and out.