Cyberoam CR15i review
Appliance based security solutions have traditionally been too expensive for small offices but Cyberoam aims to change all that. In an exclusive review we test its new CR15i, which targets the SOHO and remote office market with groups of up to 15 users and offers an enterprise level security package at a remarkably low price.
The CR15i looks to have hit the sweet spot for value as an initial cost of £353 exc VAT gets you a desktop appliance, 8×5 support and all software subscriptions for the first year, which comprises of a firewall, IPsec VPNs, antivirus, anti-spam, intrusion prevention, web content filtering and traffic management.
The appliance has enough grunt to handle a firewall throughput of 90MB/sec and its three Fast Ethernet ports provide LAN, WAN and DMZ functions. It supports routed and transparent bridge modes so you can either use it as a firewall or place it behind an existing one. Installation won’t take long, as on first contact with the tidy web interface you run a wizard that helps choose the right mode and guides you though setting port IP addresses and activating a default internet access policy.
Port zones are used by firewall rules to define sources and destinations, apply service filters, block actions and set time schedules. Using the advanced rule features, you can also specify antivirus and anti-spam functions, add policies for IDP, limit Internet access and apply bandwidth restrictions.
A key feature is Cyberoam’s identity-based security where you can use the appliance’s own database or import users and groups from AD, NT domain and LDAP servers or use RADIUS authentication. Using multiple policies you can implement web filtering, bandwidth controls, surfing quotas, data transfer restrictions in MB and permitted access times.
Policies can be applied to groups or individual users, with an IP address or an address pool allowing you to enforce security at any level. Reporting is also very good as you can keep an eye on bandwidth usage for applications, users and groups, see a live traffic view for each IP address, monitor all sites being visited and export the data to CSV files.
Anti-spam measures are easy to set up and you can opt to drop, tag, allow or reroute suspicious messages – quarantining is not a feature that’s available on the CR15i. We set the appliance to tag spam subjects and left it to filter live email for a week, and it was 96% accurate with only one false positive.
Cyberoam’s web filtering offers over 80 categories, and performance in the lab was particularly good. With a web policy banning games and gambling, we Googled for online bingo sites and watched the appliance block 43 out of 50 sites visited. The seven sites it missed were all relatively new UK bingo sites.
The CR15i was even tougher with online poker sites and we were blocked from the first 50 visited. Access to social network sites such as Facebook and MySpace could be blocked, and a useful feature is the ability to enter a URL and see how it’s classified.
Considering the price includes all security features, plus subscriptions and 8×5 support for the first year, the CR15i is an absolute bargain. Small offices that want the full security works need look no further.
|Warranty RTB years||1|
|Warranty C&R years||0|
|Warranty On-site years||0|
|Warranty extra information|
|Server configuration||Desktop chassis|
|CPU nominal frequency||0.50GHz|
|Hard disk configuration||Transcend CompactFlash ATA card|
|Total hard disk capacity||4|
|Gigabit LAN ports||0|
|10/100 LAN ports||3|
|Software subscription options and pricing||3yr total value subscription,|