Interfaces

• 4 Copper GbE Ports
• Configurable 
• Internal/DMZ/WAN Ports
• 1 Console Ports (RJ45/DB9)
• 2 USB Ports

Built-in Wireless LAN

• Wireless Standards - IEEE 802.11 a/b/g/n (WEP, WPA,WPA2, 802.11i , TKIP, AES, PSK)
• Antenna, Detachable 3x3 MIMO  
• Access Points, Up to 8 bssid
• Transmit Power (EIRP), 11n HT40 : +15dBm 11b CCK: +15dBm 11g OFDM:+15dBm
• Receiver Sensitivity, -68dBm at 300Mbps -70dBm at 54Mbps. -88dBm at 6Mbps
• Frequency Range , 2.412 GHz - 2.472 GHz, 5.200 GHz - 5.825 GHz
• Number of Selectable Channels, USA (FCC) - 11 channels, EU (ETSI) / Japan (TELEC) - 13 channels
• Data Rate, 802.11a/g: 6, 9, 12, 18, 24, 36, 48, 54Mbps 802.11b: 1, 2, 5,5, 11Mbps 802.11n: up to 450Mbps

System Performance*

• Firewall Throughput (UDP) (Mbps) 1,500
• Firewall Throughput (TCP) (Mbps) 1,000
• New sessions/second 5,000
• Concurrent sessions 150,000
• IPSec VPN Throughput (Mbps) 210
• No. of IPSec Tunnels 100
• SSL VPN Throughput (Mbps) 75
• WAF Protected Throughput (Mbps) 45
• Anti-Virus Throughput (Mbps) 300
• IPS Throughput (Mbps) 200
• UTM Throughput (Mbps) 110

Stateful Inspection Firewall

• Layer 8 (User - Identity) Firewall
• Multiple Security Zones
• Access Control Criteria (ACC) - User - Identity, Source " " Destination
  Zone, MAC and IP address, Service
• UTM policies - IPS, Web Filtering, Application Filtering,
  Anti-Virus, Anti-Spam and Bandwidth Management
• Layer 7 (Application) Control " " Visibility
• Access Scheduling
• Policy based Source " " Destination NAT
• H.323, SIP NATTraversal
• 802.1q VLAN Support
• DoS " " DDoSAttack prevention
• MAC " " IP-MAC filtering and Spoof prevention

Gateway Anti-Virus " " Anti-Spyware

• Virus, Worm, Trojan Detection " " Removal
  Spyware, Malware, Phishing protection
  utomatic virus signature database update
  Scans HTTP, HTTPS, FTP, SMTP, POP3, IMAP, IM,
  VPN Tunnels
  Customize individual user scanning
  Scan and deliver by file size
  Block by file types
  Add disclaimer/signature

Gateway Anti-Spam

• Inbound/Outbound Scanning
• Real-time Blacklist (RBL), MIME header check
• Filter based on message header, size, sender, recipient
• Subject line tagging
• IP address Black list/White list
• Redirect Spam mails to dedicated email address
• Image-based Spam filtering using RPD Technology
• Zero hour Virus Outbreak Protection
• IP Reputation-based Spam filtering

Intrusion Prevention System

• Signatures: Default (4500+), Custom
• IPS Policies: Multiple, Custom
• User-based policy creation
• Automatic real-time updates from CRProtect networks
• ProtocolAnomaly Detection
• DDoS attack prevention
• SCADA-aware IPS with pre-defined category for ICS and SCADA
  signatures

Web Filtering

• Inbuilt Web Category Database
• URL, keyword, File type block
• Categories: Default(82+), Custom
• Protocols supported: HTTP, HTTPS
• Block Malware, Phishing, Pharming URLs
• Schedule-based access control
• Custom block messages per category
• Block JavaApplets, Cookies,Active X
• CIPA Compliant
• Data leakage control via HTTP, HTTPS upload

Application Filtering

• Inbuilt Application Category Database
• 11+ Application Categories: e.g. Gaming, IM, P2P, Proxy
• Schedule-based access control
• Block
  - P2P applications e.g. Skype
  -Anonymous proxies e.g. UItra surf
  - “Phone home” activities
• Layer 7 (Applications) " " Layer 8 (User - Identity) Visibility
• Securing SCADA Networks
  - SCADA/ICS Signature-based Filtering for Protocols -
  Modbus, DNP3, IEC, Bacnet, Omron FINS, Secure
  DNP3, Longtalk
  - Control various Commands and Functions

Web Application Firewall

• Positive Protection model
• Unique "Intuitive Website Flow Detector" technology
• Protection against SQL Injections, Cross-site Scripting
• (XSS), Session Hijacking, URL Tampering, Cookie
  Poisoning
• Support for HTTP 0.9/1.0/1.1
• Extensive Logging " " Reporting

Virtual Private Network

• IPSec, L2TP, PPTP
• Encryption - 3DES, DES, AES, Twofish, Blowfish, Serpent
• HashAlgorithms - MD5, SHA-1
• Authentication - Preshared key, Digital certificates
• IPSec NAT Traversal
• Dead peer detection and PFS support
• Diffie Hellman Groups - 1,2,5,14,15,16
• External CertificateAuthority support
• Export Road Warrior connection configuration
• Domain name support for tunnel end points
• VPN connection redundancy
• Overlapping Network support
• Hub " " Spoke VPN support

SSL VPN

• TCP " " UDPTunneling
• Authentication -Active Directory, LDAP, RADIUS,
  Cyberoam
• Multi-layered ClientAuthentication - Certificate,
  Username/Password
• User " "Group policy enforcement
• Network access - Split and Full tunneling
• Browser-based (Portal)Access - Clientless access
• Lightweight SSLVPN Tunneling Client
• Granular access control to all the Enterprise Network
  resources
• Administrative controls - Session timeout, Dead Peer
  Detection, Portal customization
• TCP- basedApplicationAccess - HTTP, HTTPS,
  RDP, TELNET, SSH

Instant Messaging (IM) Management

• Yahoo and Windows Live Messenger
• Virus Scanning for IM traffic
• Allow/Block Login
• Allow/Block File Transfer
• Allow/Block Webcam
• Allow/Block one-to-one/group chat
• Content-based blocking
• IM activities Log
• Archive files transferred
• Custom Alerts

Wireless WAN

• USB port 3G/4G and Wimax Support
• Primary WAN link
• WAN Backup link

Bandwidth Management

• Application and User Identity based Bandwidth
  Management
• Guaranteed " " Burstable bandwidth policy
• Application " " User Identity based Traffic Discovery
• Multi WAN bandwidth reporting
• Category-based bandwidth restriction

User Identity and Group Based Controls

• Access time restriction
• Time and Data Quota restriction
• Schedule based Committed and Burstable Bandwidth
• Schedule based P2P and IM Controls

Networking

• Failover - Automated Failover/Failback, Multi-WAN failover,
  3GModem failover
• WRR based load balancing
• Policy routing based onApplication and User
• IP Address Assignment - Static, PPPoE, L2TP, PPTP " " DDNS
  Client, Proxy ARP, DHCP server, DHCP relay
• Support for HTTP Proxy
• Dynamic Routing: RIP v1" " v2, OSPF, BGP, Multicast
  Forwarding
• Parent Proxy support with FQDN
• “IPv6 Ready”Gold Logo

Administration " " System Management

• Web-based configuration wizard
• Role-based access control
• Firmware Upgrades via Web UI
• Web 2.0 compliant UI (HTTPS)
• UI Color Styler
• Command Line Interface (Serial, SSH, Telnet)
• SNMP (v1, v2c, v3)
• Multi-lingual support: Chinese, Hindi, French, Korean
• Cyberoam Central Console (Optional)
• NTP Support

User Authentication

• Internal database
• Active Directory Integration
• Automatic Windows Single Sign On
• External LDAP/RADIUS database integration
• Thin Client support - Microsoft Windows Server 2003
• Terminal Services and Citrix XenApp
• RSAsecurID support
• ExternalAuthentication - Users andAdministrators
• User/MAC Binding
• Multiple Authentication servers

Logging/Monitoring

• Graphical real-time logging and monitoring
• Syslog support
• Log Viewer - Firewall, IPS, Web filter, Anti Virus, Anti Spam,
  Authentication, System andAdmin Events

On-Appliance Cyberoam-i View Reporting

• Integrated Web-based Reporting tool -
  Cyberoam-iView
• 1000+ drilldown reports
• 45+ Compliance Reports
• Historical and Real-time reports
• Multiple Dashboards
• Username, Host, Email ID specific Monitoring Dashboard
• Reports - Security, Virus, Spam, Traffic, Policy violations,
  VPN, Search Engine keywords
• Multi-format reports - tabular, graphical
• Exportable formats - PDF, Excel
• Automated Report Scheduling

IPSec VPN Client**

• Inter-operability with major IPSec VPN Gateways
• Supported platforms: Windows 2000, WinXP 32/64-bit,
  Windows 2003 32-bit, Windows 2008 32/64-bit, Windows Vista
  32/64-bit, Windows 7 RC1 32/64-bit
• Import Connection configuration

Certification

• Common Criteria - EAL4+
• ICSAFirewall - Corporate
• Checkmark UTM Level 5 Certification
• VPNC - Basic and AES interoperability
• “IPv6 Ready”Gold Logo

Hardware Specifications

• Memory 2GB
• Compact Flash 2GB
• HDD 250GB or higher

Compliance

• CE
• FCC

Dimensions

• H x W x D (inches) - 1.7 x 6 x 9.1
• H x W x D (cms) - 4.4 x 15.3 x 23.2
• Weight - 2.3kg, 5.07 lbs

Power

• Input Voltage - 100-240 VAC
• Consumption - 33.5w
• Total Heat Dissipation (BTU) 114

Environmental

• Operating Temperature - 0 to 40 °C
• Storage Temperature 0 to 75 °C
• Relative Humidity (Non condensing) 10 to 90%