Prioritize Access to Business Applications With Cyberoam s Application Visibility & Control



Similar documents
App-ID. PALO ALTO NETWORKS: App-ID Technology Brief

REPORT & ENFORCE POLICY

Cyberoam Perspective BFSI Security Guidelines. Overview

Total Business Continuity with Cyberoam High Availability

Achieving PCI-Compliance through Cyberoam

White paper. Cyberoam UTM. Cyberoam. 360 Protection. on a Shoe-String Budget. I sales@cyberoam.com

May Palo Alto Networks 232 E. Java Drive Sunnyvale, CA

Next-Generation Centralized Security Management for MSSPs & Distributed Enterprises

How To Choose A Network Firewall

1110 Cool Things Your Firewall Should Do. Extending beyond blocking network threats to protect, manage and control application traffic

STEELHEAD HYBRID NETWORKING

The Ultimate Guide to Gaining Control of the WAN

How To Control Your Network With A Firewall On A Network With An Internet Security Policy On A Pc Or Ipad (For A Web Browser)

Protecting Your Network Against Risky SSL Traffic ABSTRACT

How To Control Your Computer With Watchguard Application Control

Automate your IT Security Services

How To Manage A Network With Ccomtechnique

Implementing Microsoft Office Communications Server 2007 With Coyote Point Systems Equalizer Load Balancing

Firewall Feature Overview

Protect your internal users on the Internet with Secure Web Gateway. Richard Bible EMEA Security Solution Architect

Application Delivery Networks: The New Imperative for IT Visibility, Acceleration and Security > White Paper

Cyberoam Next-Generation Security. 11 de Setembro de 2015

Getting the Most Out of Your Existing Network A Practical Guide to Traffic Shaping

Cyberoam and Bandwidth

Stopping secure Web traffic from bypassing your content filter. BLACK BOX

What s Next for the Next Generation Firewall Vendor Palo Alto Networks Overview. October 2010 Matias Cuba - Regional Sales Manager Northern Europe

Applications erode the secure network How can malware be stopped?

SSL Encryption and Traffic Inspection ADDRESSING THE INCREASED 2048-BIT PERFORMANCE DEMANDS OF 2048-BIT SSL CERTIFICATES

UNIFIED PERFORMANCE MANAGEMENT

SSL VPN Client Installation Guide Version 9

Providing Secure IT Management & Partnering Solution for Bendigo South East College

How To Secure Your Employees Online With Zscaler.Com And Your Website From Being Infected With Spyware Or Malware

Voice, Video and Data Convergence > A best-practice approach for transitioning your network infrastructure. White Paper

Assuring Your Business Continuity

Next-Generation Firewall Overview

Application Intelligence, Control and Visualization

Introducing IBM s Advanced Threat Protection Platform

Content-ID. Content-ID URLS THREATS DATA

HOLDING ON TO YOUR BANDWIDTH

Are Innocent Insiders Taking Away Your Data?

Elfiq Networks Vital for Hospitality

Application Visibility and Monitoring >

White Paper. ZyWALL USG Trade-In Program

Real-Time Security Intelligence for Greater Visibility and Information-Asset Protection

Using Palo Alto Networks to Protect the Datacenter

White Paper. The Assurance Checklist for Branch Networks A pragmatic guide for building high performance branch office networks.

How to Prevent Secure Web Traffic (HTTPS) from Crippling Your Content Filter. A Cymphonix White Paper

Controlling SSL Decryption. Overview. SSL Variability. Tech Note

A Websense White Paper Implementing Best Practices for Web 2.0 Security with the Websense Web Security Gateway

Wireless Security with Cyberoam

Architecture. The DMZ is a portion of a network that separates a purely internal network from an external network.

How To Create A Qos

Cyberoam. Unified Threat Management. Comprehensive Network Security

Next-Generation Firewall Overview

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

Next-Generation Firewall Overview

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

1 ABSTRACT 3 2 CORAL IP INFRASTRUCTURE 4

The changing face of global data network traffic

Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release

Ensure VoIP and Skype for Business Call Quality and Reliability with NetScaler SD-WAN

Verizon Managed SD WAN with Cisco IWAN. October 28, 2015

ADS Integration Guide

Microsoft Office Communications Server 2007 & Coyote Point Equalizer Deployment Guide DEPLOYMENT GUIDE

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

February Considerations When Choosing a Secure Web Gateway

Cisco IWAN and Akamai Intelligent Platform : Maximize Your WAN Investment

Radius Integration Guide Version 9

CORPORATE HEADQUARTERS Elitecore Technologies Ltd. 904 Silicon Tower, Off. C.G. Road, Ahmedabad , INDIA

ASSURING THE PERFORMANCE OF CLOUD-BASED APPLICATIONS

SonicWALL Corporate Design System. The SonicWALL Brand Identity

Cisco ASA and Cloud Web Security: Best-in-Class Network Security Combined with Best-in-Class Web Security

Optimize Your Microsoft Infrastructure Leveraging Exinda s Unified Performance Management

White paper. Cyberoam. Cyberoam s Layer 8 Technology Protecting the weakest link in your security chain the USER!

Secure your Virtual World with Cyberoam

Fidelis XPS Power Tools. Gaining Visibility Into Your Cloud: Cloud Services Security. February 2012 PAGE 1 PAGE 1

Transform your WAN as a business asset and improve your productivity with UC

10 Strategies to Optimize IT Spending in an Economic Downturn. Wong Kang Yeong, CISA, CISM, CISSP Regional Security Architect, ASEAN

Astaro Gateway Software Applications

Transcription:

White paper Cyberoam UTM Prioritize Access to Business Applications With Cyberoam s Application Visibility & Control www.cyberoam.com

Contents Executive Summary Identifying APPLICATIONS to Manage them Identifying USERS behind Applications Managing Application QoS in Organizations Cyberoam Unified Threat Management: Conclusion - Application Visibility- Application Security - Managing Bandwidth with Policy, User, Time-based Controls - Maximizing Network Security and Productivity 2 4 5 1

Executive Summary The story of application evolution in organizations is the story of evolution of communication, entertainment and collaboration over the World Wide Web. What started off as a means of instant communication via email and Instant Messengers, was quickly followed with entertainment in the form of bandwidth-hungry gaming, chat, audio and video downloads. Collaboration tools like Microsoft Sharepoint and Google Docs moved to WebEx, Adobe Connect, GoToMeeting solutions, bringing people together and carrying sales and marketing pitches to internal/external audience, encouraging collaborative working. Applications are a mix of personal and professional applications that are taking the web and hence organizations by storm. For example, applications like SaaS, SalesForce, and NetSuite's ERP are purely business applications that are rich in business intelligence. However, socio-buisness applications like Facebook, Twitter, YouTube, and Instant Messengers, while making personal life more meaningful, are turning out to be businessenablers too. Nevertheless, uncontrolled and unmonitored use of socio-business applications can become a significant threat to security and productivity in organizations. Organizations are quickly waking up to the fact that access to applications must be controlled not just for the vast number of vulnerabilities they introduce to the network, but also for the excessive mis-use of bandwidth they consume and the considerable loss of productivity. With employees indulging in non-business application usage with gaming, audio-video downloads through peer-to-peer networks like Kazaa, and more, businesscritical applications are forced to deal with insufficient bandwidth, resulting in poor Application QoS and frustrated users. The solution is to identify and control access to specific applications so as to achieve optimal bandwidth utilization for business-critical applications. 2

Identifying APPLICATIONS to Manage them Traditionally, it didn t matter which application was going through the network, because applications followed the port-protocol combination. All HTTP applications followed port 80. All SSL applications followed port 44. Organizations need a shift from their traditional goal of block the bad stuff to a new goal of enable the good stuff to meet the bandwidth challenge. Things changed when applications rose exponentially in number and variety. There were business-critical applications like VoIP, SAP and Salesforce; socio-business applications like Facebook and Gmail; noncritical applications like YouTube and itunes; and finally the undesirable applications like BitTorrent, gaming applications and more. Some chose not to flow through traditional ports for the sake of greater efficiency and success in packet transit, while some chose this route to bypass the limitations of the firewall. The day of port hopping arrived. Not to mention proxy avoidance sites and software like ByPassU, YouMask, UltraSurf that bypass traditional firewalls, allowing users to surf unfettered on the World Wide Web. As a result, sophisticated application-level threats started hitting organizational networks. The already-scarce bandwidth was consumed by a small group of applications, notwithstanding their little use to the business. Business-critical applications like VoIP suffered, in other words, business suffered! The need for applications visibility became urgent and foremost! Identifying USERS behind Applications Back then, it didn't seem to matter who received the traffic in the organization as long as the destination or source address was acceptable because few people had access to Internet. Things changed when Internet access became ubiquitous across the organization - not everyone required access to every application. While Salesforce, Microsoft Sharepoint or Google Docs would always require priority in access, and itunes would be a straight forward decision of limited or no availability, things started getting vague when one thought of social media applications like You Tube, LinkedIn and file transfers over Instant Messengers. This is where recognition of the User started becoming significant. Managing Application QoS in Organizations As QoS takes on a more prominent role throughout a wide array of businesses, organizations require greater controls over applications, especially the socio-business applications like Facebook that challenge business-critical applications for bandwidth. Facebook began as a social media application and is finding an increasing number of users for its chat and mail facility. However, creating communities of partners or customers over Facebook has become an integral part of marketing and communication too for organizations. Organizations hence needed a shift from their traditional goal of block the bad stuff to a new goal of enable the good stuff to meet the bandwidth challenge. Besides, as long as critical applications were residing within the network, simple rules that blocked black and even grey applications seemed to do the job with a fair degree of efficiency. But with SaaS, collaboration and Cloud taking the traditionally internal applications outside the network, the bitter fight for bandwidth has already arrived. These applications would be up there in the cloud jostling for users' time, space and bandwidth with external applications.

Given the bandwidth-hungry nature of applications like audio, video, conferencing and certain collaboration functions, organizations would be perpetually short of bandwidth if their firewalls were unable to identify applications and users. So the real challenge isn't just of identifying applications as they come into the organizations, but also of optimizing bandwidth as per the need for an application by users to ensure Application QoS within organizations. Cyberoam Unified Threat Management Application Visibility - Application Security The real challenge isn't just of identifying applications as they come into the organizations, but also of optimizing bandwidth as per the need for an application by users to ensure Application QoS Cyberoam offers visibility over Layer 7 (the application layer) and Layer 8 (the user layer) to give complete information on which applications are accessed within the organization by which user, irrespective of their ports and protocols. Organizations get full transparency over applications entering their networks using standard Port 80, 44, non-standard ports, port hopping or tunneling through encrypted SSL traffic indicating application-layer threats that can be blocked using firewall policies, right at the network perimeter to ensure Application Security. Cyberoam s Application Visibility & Control 4 www.cyberoam.com I sales@cyberoam.com Elitecore Product

Cyberoam Security Portfolio Data Protection & Encryption Unified Threat Management (UTM) Cyberoam Central Console (CCC) Application Control SSL VPN Cyberoam iview Intelligent Logging & Reporting Cyberoam Endpoint Data Protection Device Management Asset Management Cyberoam Awards & Certifications Managing Bandwidth with Policy, User, Time-based Controls Cyberoam implements application-based Bandwidth Management to accelerate business-critical applications, stagger non-critical applications, selectively accelerate socio-business applications and block undesirable or malware-infected applications based on network policy, user and time. Business-critical applications can be given maximum bandwidth. In the same way, undesirable applications can be assigned zero bandwidth, blocking their entry into the organization. Organizations can group applications as per their requirements into business-critical, entertainment, communication, collaboration and control access through Firewall policies. Users can be distinguished based on hierarchy or their roles, business and recreational users, or through specific requirements of a user or department. For applications that are bandwidth-critical but not time-critical, limiting their access to certain times of the day eliminates the strain on bandwidth. YouTube access can be defined with a maximum bandwidth availability beyond which it would be unable to use the organization's bandwidth. However, specific nonworking hours can be pre-defined for higher bandwidth availability to this non-critical application. Maximizing Network Security & Productivity Efficiencies in managing applications mitigate internal threats like misuse of corporate resources and time by employees. With Cyberoam, organizations can provide meaningful access of applications to users. This results in balanced bandwidth usage within organizations that supports QoS of business-critical applications. Cyberoam s user-based reports, as opposed to IP-based reports of other solutions, provide at-a-glance information to track employees application usage, enabling organizations to minimize the drain on productivity through Fantasy Football, gaming, and more. Conclusion: Cyberoam Unified Threat Management appliances offer visibility and control over applications and users, irrespective of the application origin. It helps organizations in application QoS by managing the complex matrix of applications, users and time requirements to defuse the fight for bandwidth by applications, even before it begins. Cyberoam UTM appliances take security deep down to the user level with Cyberoam s Layer 8 Technology. The Cyberoam Firewall can seamlessly integrate with Active Directory that ties users to Cyberoam s security, no matter where they move within the network. This takes a deeper meaning in context of Cyberoam s Security, Compliance and Employee reports that give user-activity information in real-time to organizations. Toll Free Numbers USA : +1-877-777-068 India : 1-800-01-0001 APAC/MEA : +1-877-777-068 Europe : +44-808-120-958 C o p y r i g h t 1999-2010 E l i t e c o r e Te c h n o l o g i e s L t d. A l l R i g h t s R e s e r v e d. Cyberoam & Cyberoam logo are registered trademarks of Elitecore Technologies Ltd. /TM: Registered trade marks of Elitecore Technologies or of the owners of the Respective Products/Technologies. Although Elitecore attempted to provide accurate information, Elitecore assumes no responsibility for accuracy or completeness of information neither is this a legally binding representation. Elitecore has the right to change, modify, transfer or otherwise revise the publication without notice.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information