Disclaimer

The content of this material are challenges faced onsite and how I personally resolved them. Please be noted that solutions posted here

1> should not be considered as ultimate. The material may be considered for reference only.

2> should not be considered as guarantee that solutions may work. Contact Cyberoam support before making any changes.

3> blog does NOT belong to the Cyberoam. It's a blog...a personal blog.

Changes done after referring this site may seriously damage the network. So...

........DO CHANGES AT YOUR OWN RISK

(please contact cyberoamsupport before implementing any changes)

Monday 25 June 2012

False Sense of Security - NGFW (Next Generation Firewall)

I am often questioned by my partners about how is Cyberoam different from the new buzz NGFW.  In reality, Cyberoam and new NGFW share many common features. 
UTM and NGFW are 2 different terms coined by two different analyst firms.  IDC coined UTM and Gartner coined NGFW.  One key difference is the technology used to deliver the functions.  It is believed that UTMs just provides multiple features on a single platform without integrating the features together.  Whereas NGFW delivers features like IPS, AV and application control while integrating these into Firewall.
NGFW Major features vs Cyberoam
* NGFW integrates security functions in to a single engine and define security controls through firewall.  NGFW also enables user based access control.
Cyberoam is a ID based firewall that implements Layer 8 technology.  It not only ties all the security policies and access controls to firewall, but also to the user.  You can apply Web Filter, Application Filter, Antivirus, Anti spam, QoS, IPS, VPN to Firewall as well as to a User/Group
* NGFW are believed to deliver wire-speed network security and suitable for large networks.
Cyberoam delivers high performance network security ranging from small to large networks.  It has firewall throughput up to 10Gbps with UTM throughput of up to 1.2 Gbps.
* NGFW optimizes application control
Cyberoam offers comprehensive Layer 7 Application Control, that is capable of identifying and controlling applications using standard and non standard ports and protocols, even encrypted SSL tunneled traffic.  Cyberoam identifies and controls more than 2000 layer 7 applications.  Cyberoam also does application based QoS, IM control as well as Data Leak Prevention.
* NGFW provides greater visibility with advanced monitoring and reporting
Cyberoam integrates custom built SIEM solution called iView for more than 1000 user based reports.  iView provides reports for Applications, web filter, threats, web trends, internet usage, as well as compliance reports.  It also provides module wise live reporting.  All logs and reports are stored on appliance hard drive. 
Conclusion
At the end of the day, NGFWs are just a subset of Cyberoam UTM
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)