Cyberoam CR10iNG review

Dave Mitchell Read more January 29, 2015

£316

Price when reviewed

Cyberoam’s CR10iNG hits the sweet spot for value, coming in at a price that many small businesses and SoHos will find difficult to resist. Yet the low price doesn’t mean a compromised product: the CR10iNG is as tough on hackers as Cyberoam’s enterprise appliances.

For a one-off fee of £215, the CR10iNG hardware comprises a 1.8GHz Atom CPU, 1GB of system memory, a 4GB CompactFlash card for the OS and a trio of Gigabit ports. When it comes to security services, you can choose between the Security Value Subscription (SVS) or the Total Value Subscription (TVS).

cyberroam-cr10ing-front

A one-year TVS costs £101 and includes anti-malware, anti-spam, web and application filtering, IPS, a hardware warranty and an 8/5 support contract. If you eliminate anti-spam, the cost of a one-year SVS goes down to £73.

The CR10iNG functions in routed or transparent bridge modes, so it can provide its own filtering services or sit behind an existing firewall. We chose the former, and followed the web console’s quick-start wizard, which set up the network ports and offered us the option of a passive monitoring mode or applying a choice of predefined security policies.

Cyberoam’s identity-based security makes the CR10iNG incredibly versatile, by linking policies to users and groups. We installed the free corporate client utility on our users’ desktops, which logged them in to the appliance and applied a specific set of policies to their traffic.

The action takes place in the firewall rules, which define sources and destinations, and enforce service filters, blocking actions and time schedules. The same rules are used to apply virus and anti-spam scanning, web and app filtering, an intrusion-prevention system (IPS) and limits on internet usage.

Once we’d created policies for the various security services, we could enable them from the dropdown menus in the firewall rules. Web filtering comes with 11 predefined policies – if those don’t suit, we found it easy enough to browse the 85 available URL categories and create our own custom policies.

We then set up application-control policies, where we selected from a list of more than 1,200 applications and decided to block them during working hours. Virus scanning is a cinch to set up, and we chose to apply this to POP3, SMTP, FTP, HTTP and HTTPS traffic within our firewall rules.

Using anti-spam policies, we chose to tag the subject line of suspect inbound messages. Quarantining isn’t supported, but you can opt to drop, allow or reroute suspect messages. A handy feature is that policies can be applied to outbound mail as well.

The CR10iNG keeps up with bigger appliances when it comes to performance, with the lab’s Ixia Xcellon-Ultra NP load generators reporting a speedy 100Mbits/sec for HTTP traffic with antivirus enabled. It even held its ground with all UTM services enabled, at 65Mbits/sec.

The web UI provides detailed logs of all activity, and we recommend getting acquainted with Cyberoam’s free iView syslog server. Its light footprint had no adverse effects on our Windows 8 host and it presents a superb degree of detail on all security services. From the iView console, we were able to pull up detailed graphs on web filtering, antivirus, anti-spam and more. A useful feature is the ability to view specific user activity, so you can see all web categories, domains and sites an individual has attempted to access.

Cyberoam CR10iNG review: verdict

Cyberoam’s CR10iNG is one of the best-value UTM appliances around, punching way above its weight for features. A good choice for small businesses, it’s comparatively easy to configure and won’t be bested for performance either.