Cyberoam


Cyberoam Technologies, a Sophos Company, is a global network security appliances provider, with presence in more than 125 countries.

Business Field

The company offers User Identity-based network security in its Firewalls/ Unified Threat Management appliances, allowing visibility and granular control into users' activities in business networks. For SOHO, SMB and large enterprise networks, this ensures security built around the network user for protection against APTs, insider threats, malware, hacker, and other sophisticated network attacks.
Cyberoam has sales offices in North America, EMEA and APAC. The company has its customer support and development centers in India and has 550+ employees across the globe. It has a channel-centric approach for its sales with a global network of 4500+ partners. The company also conducts training programs for its customers and partners.

Product Overview

Cyberoam’s product range offers network security, centralized security management, centralized visibility, and Cyberoam NetGenie for home and small office networks.
Cyberoam network security appliances include multiple features like Firewall – VPN, Gateway Anti-Virus, Anti-Spyware & Anti-Spam, Intrusion Prevention System, Content & Application Filtering, Web Application Firewall, Application Visibility & Control, Bandwidth Management, Multiple Link Management for Load Balancing and Gateway Failover, over a single platform.

Identity based Security- Layer 8 Technology

Cyberoam's Layer 8 Technology also known as Identity based Security, adds an 8th Layer in the network protocol stack, thereby considering user’s identity as part of the firewall rule matching criteria. Cyberoam attaches user identity to security while authenticating, authorizing & auditing, the network allowing a network administrator to see and control the ‘user’ on a network instead of just an IP address. This enables the administrators to identify users, control Internet activity of users in the network, set user based policies and reporting by username.

Cyberoam Security Training Academy

Cyberoam has tied up with NESCOT -its first Master UK Training Academy. NESCOT offers Cyberoam certified security courses which includes basic-level course namely 'CCNSP' and advanced-level course namely 'CCNSE'.

Security flaw in HTTPS traffic inspection

A Tor Project researcher and a Google software security engineer revealed in July 2012 that all Cyberoam appliances with SSL traffic inspection capabilities had been using the same self-generated CA certificate by default.
This made it possible to intercept traffic from any victim of a Cyberoam device with any other Cyberoam device - or, indeed, to extract the key from the device and import it into other DPI deep packet inspection devices, and use those for interception.
Cyberoam issued an over-the-air update for its unified threat management appliances in order to force the devices to use unique certificate authority SSL certificates when intercepting SSL traffic on corporate networks. After the hotfix was applied, each individual appliance was required to have its unique CA certificate.