Q1 : How Cyberoam Provides Security In Wi-fi Environments?
A : Cyberoam can effectively provide security to organizations in dynamic Wi-Fi environments where it’s not easy to track users by IP addresses alone. It provides strong user authentication other than monitoring Internet access controls and reports with an identity-based approach. It also offers separate network access Guest and Employee.
Q2 : Is Cyberoam Regulatory Compliance?
strong>A : Equipped with Layer 8 identification and its controls, Cyberoam network security appliances enable organization to comply with all stipulated regulatory compliance norms such as HIPAA, CIPA, PCI-DSS, GLBA, etc.
Q3 : How To Setup The Maximum Session Timeout Globally For All Users?
A : System Administrator can configure the maximum session timeout for all users by following the steps as described below. We need to log on to the Web Admin Console as an administrator with Read & Write permission for relevant features. Then we should go to Identity > Authentication > Firewall, under Global Settings against Maximum Session Timeout, and uncheck Unlimited and specify the timeout in minutes. Lastly, we need to click on apply to activate the changes.
Q4 : How Can We Disable Email Notification For Virtual Host Failover?
A : We need to login to CLI Console via Telnet or SSH or we can access the CLI Console by clicking Console Button on the upper right corner of the Web Admin Console screen display. Then we need to choose option 4, “Cyberoam Console”. After selecting Cyberoam Console we can execute the following command to disable mail notifications for virtual host failover,
console> set virtual host failover mail-notification to disable
Q5 : What Is Dmz Port In Cyberoam?
A : Virtual Host maps the services of any public IP address to services of a host in any private network. This virtual host is used as the Destination address to access internal or a DMZ server. A Virtual host might be a single IP address or a range of IP addresses or Cyberoam interface itself.
Q6 : How To Configure Ctas Settings To Automatically Logout Inactive Users?
A : We must be logged in to Web Admin Console with administrator privileges with Read & Write permission for the related task. Then we need to configure Cyberoam Transparent Authentication (CTAS) by setting the Inactivity Timeout and Data Transfer Threshold for users authenticating using CTAS from Identity > Authentication > Firewall > CT
Q7 : Does Cyberoam Protect Organizational Network Against Ip Spoofing?
A : The power-packed feature of Cyberoam’s Unicast Reverse Packet Forwarding, also called Anti Spoofing, protects organizational network against IP Spoofing, and all kinds of attacks that utilize IP Spoofing techniques, like DoS attacks, etc. Cyberoam scrutinizes all incoming packets and rejects all such packets that do not carry a confirmable Source of IP Address. In other words, if the source IP address of a packet does not match with any entry on Cyberoam’s routing table, or if the packet is not from a direct subnet, then Cyberoam rejects the packet.
AS Settings.
Q8 : What Is Cyberoam Client?
A : Cyberoam SSL VPN client helps the user to access the organizational network remotely from anywhere, anytime. It provides the user with the ability to create point to point encrypted channels between a remote user and the organization’s internal network. Combination of SSL certificates with username and password is needed to access the organizational network.
Q9 : What Do You Mean By Integrated Security Over Single Cyberoam Network Security Appliances?
A : The Layer 8 technology goes through each and every single security module of the Cyberoam security appliances. All security features are centrally configured and are managed from a single firewall page easily. Layer 8 binds these securities features and creates a single, consolidated security unit which enables the system administrator to change security policies dynamically while accounting for user movement, like joiner, leaver, elevating hierarchy etc.
Q10 : What Do You Mean By Cyberoam?
A : Cyberoam is an organization which is providing products and services related to IT security. Cyberoam has worldwide operations, with an extremely strong presence in India, Middle East Countries, Africa, and Latin America. Their client includes all industries and verticals with top private and government organizations in India.
Q11 : How Does Cyberoam Layer Technology Functions?
A : By definition, Cyberoam Layer 8 Technology, functions over its network security appliances by treating every single user identity as the 8th layer or the “human layer” in the network protocol stack. This allows the system administrators to uniquely identify users, control activity of these users in the internet network, and enable policy setting and reporting by username.
Q12 : What Are The Benefits Of Cyberoam’s 8 Layer Technology?
A : Following are the benefits rendered by Cyberoam’s 8 Layer Technology:
1. Identification of attackers and victims with their username can be identified.
2. Instant visibility by system administrators into the source of the attacks.
3. Controlling who is doing what in the entire organizational network.
4. Allowing creation of identity-based policies
5. Reporting to track identity-based usage, problems, intrusions and so forth.
Q13 : How do Cyberoam Does add Speed To The Security System?
A : IT professionals often waste much time in the knowledge source of attacks or attackers in any case of security breach, due to the lack of granular identity features in other security systems. Cyberoam’s Layer 8 provides instant visibility into the source of attacks while identifying victims and attackers by their username followed by a proactive remedy of security incidents. In this way, Cyberoam speeds up the security.
Q14 : What Is Cyberoam Iview Logging And Reporting System?
A : In Cyberoam’s Layer 8 identity-based reporting system known as Cyberoam iView, gives an in-depth analysis of the network activities for each and every single user. All network attacks are exhibited on a single screen on the dashboard with the third level of drilled down reports (approximately 1200+ reports) facilitating any investigation of attacks and users responsible for them.
Q15 : How To Customize The Default Sms Sent To Guest Users?
A : We can customize the Default SMS sent to Guest Users by executing the steps as follows:
At first, we need to login to Web Admin Console with a profile having read & write permission for the relevant features.
Then we need to go to System > Configuration > Messages and expand the tool SMS Customization.
Last, we need to click on to edit the Default SMS Text.
Q16 : What Is Inactivity Timeout?
A : Cyberoam allows system administrators to set the inactivity timeout duration and data transfer threshold of all users.
Inactivity Timeout is the inactive or idle time in minutes after which the user will be logged out automatically and has to authenticate again.
Data Transfer Threshold is the threshold value specified in Bytes for transferring of data. If the quantum of data is not transferred within the specified Inactivity Time, the user will be marked as inactive.
Q17 : What Are The Different Types Of Firewalls?
A : The National Institute of Standards and Technology (NIST) 800-10 categorize three types of firewalls:
Packet filters.
Stateful inspection.
Proxies.
Q18 : Why Do We Need A Dmz?
A : The second or internal firewall permits traffic only from the DMZ to the internal network. This is perceived to be more secure since two devices would need to be compromised before an attacker can access the internal LAN. As a DMZ segregates a network, security controls can be perfectly tuned for each and every single segment.
Q19 : What Is A Dmz In Networking?
A : In network security, a DMZ or demilitarized zone (known as a perimeter network also) is a physical or logical subnetwork which points their external services to a network not trusted, generally a large network like that of the Internet.
Q20 : What Is A Firewall On A Network?
A : Firewall is a system designed to prevent unauthorized access to or from any private networks. Firewall can be implemented either in hardware or software form, or a combination of both. Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially the intranets.
Q21 : How To Configure Web Clients Settings To Automatically Logout Inactive Users?
A : We must be logged in to Web Admin Console with administrator privileges before configuring Web Clients (iOS, Android and API) and set the Inactivity Timeout and Data Transfer Threshold for iOS, Android and API users authenticating using Web Clients from Identity > Authentication > Firewall > Web Client Settings.
Q22 : How Does Cyberoam Boosts Organizational Productivity?
A : Cyberoam’s content and application filtering mechanism manage the indiscriminate Internet surfing tendency of its users through customized policy setting for different users and groups, thereby marking limitations on access based on time duration and predefined blocked sites over 100 categories. Cyberoam network security appliances also provide all users with time and role-based bandwidth management system which prevents users from consuming huge amounts of bandwidth for nonproductive internet surfing and unnecessary downloads. Instant Messaging Controls allow administrators to control who can chat with whom over messengers, webcam and can transfer files
Q23 : Do You Know The Default Ip Address For Cyberoam?
A : Cyberoam Appliances are shipped with default configuration:
Port A IP address (LAN zone):172.16.16.16/255.255.255.0. Port B IP address (WAN zone): 192.168.2.1/255.255.240.0.
Q24 : How Can We Set Authentication Mechanism For L2tp Or Pptp Vpn Users?
A : Cyberoam facilitates administrator to set the authentication protocol used by L2TP and PPTP VPN users.
Following are the steps described below to set authentication mechanism for L2TP or PPTP VPN users.
We should logon to the console via Telnet or SSH, to access the CLI Console by clicking on the upper right corner of Web Admin Console display. Then we must choose option 4.
Cyberoam Console followed by executing the command to set authentication method for L2TP users:
console> set VPN L2tp authentication <ANY/CHAP/MS_CHAPv2/PAP> OR
We should execute the following command to set authentication method for PPTP users:
console> set VPN PPTP authentication <ANY/CHAP/MS_CHAPv2/PAP>
Q25 : What Do You Mean By Cyberoam Device?
A : Cyberoam’s Unified Threat Management hardware appliances provide complete security to any organization, ranging from large-cap enterprises to its branch offices. Multiple security features have been integrated over a single named as Layer 8 Identity-based platform which makes security look very simple but highly effective.