Cyberoam CR250i review
Based in the US and India, Cyberoam has traditionally avoided the UK network security market, but now it feels the time is right for us to gain the benefit of its UTM appliances. This is a mature market, with businesses already facing a range of choices, but Cyberoam aims to stand out with its identify-based security.
The CR250i targets SMBs and delivers an impressive array of security measures including firewall, IPsec VPNs, antivirus, antispam, intrusion prevention and web-content filtering. This 1U rack appliance has a quartet of network ports for LAN, WAN and DMZ duties, and supports routed and transparent bridge modes, so you can use it as a firewall or place it behind an existing one.
We opted for the bridge mode and found the smart web interface made light work of initial installation. A wizard ran through port configuration and offered to run in passive monitoring mode or apply one of two default security policies for users. At this stage it becomes more complicated, but this is down to the number of options
Ports are grouped into zones that are used by firewall rules to define sources and destinations and apply service filters, blocking actions and time schedules. Using the advanced rule features, you can specify antivirus and antispam functions, add policies for IDP, limit internet access and apply bandwidth restrictions.
At user level the appliance has its own database, or you can import users and groups from AD, NT domain and LDAP servers or use RADIUS authentication.
Along with web filtering and bandwidth controls, policies are provided for applying surfing quotas, data-transfer restrictions in megabytes and permitted access times.
These can be applied to groups or individual users, where the latter can be a name or just an IP address of a system; IP address pools can be used, too.
The end result is that policies can be applied at almost any level of an organisation, and you can force users to authenticate with the appliance so policies follow them whichever system
For web filtering you have more than 80 categories to choose from, although performance could be better. With the gambling category applied to all our users, we Googled for online poker sites and watched the appliance block more than 90% of our access attempts.
Online bingo sites proved to be trickier, as Cyberoam managed to block us from only half the 50 sites visited. Antispam measures were more effective, as running live mail through the appliance for a week returned a 97% accuracy with no false-positives.
Reporting is a cut above the rest as you can monitor bandwidth usage for applications, users and groups, see a live traffic view for each IP address, and monitor all sites being visited. Reports can be exported to CSV files and, although somewhat basic, you have a selection of common regulatory compliance reports.
The CR250i impresses with the sheer number of security features on offer, and Cyberoam doesn’t charge an arm and a leg for the optional extras. Its identify-based security is a smart feature, although web filtering is the weakest link and accuracy needs to be improved.
|Warranty RTB years||1|
|Warranty C&R years||0|
|Warranty On-site years||0|
|Warranty extra information|
|Processor||Intel Pentium 4|
|CPU nominal frequency||2.80GHz|
|Hard disk configuration||1 x 80GB Hitachi ATA hard disk|
|Total hard disk capacity||80|
|Gigabit LAN ports||2|
|10/100 LAN ports||2|
|Software subscription options and pricing||£878|