See

discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/284508491

Computer Network Management Using

Cyberoam Threat Manager: Issues and
Challenges
Conference Paper October 2015

CITATIONS

READS

73

5 authors, including:
Steve Adedayo
Capella University
4 PUBLICATIONS 0 CITATIONS
SEE PROFILE

Available from: Steve Adedayo

Retrieved on: 26 September 2016

COMPUTER NETWORK MANAGEMENT USING CYBEROAM THREAT MANAGER: ISSUES AND

CHALLENGES
Olu F.O**., Adedayo O.S., Ayanleke O.A., Mohammed A.N.,
.
Energy Commission of Nigeria, Abuja
**Correspondence e-mails: felixolutimi@yahoo.com and foolu@energy.gov.ng

Abstract
Online attacks continue to grow in their complexity and they impact different industries in different ways. A need to check
and track the activity of cyber terrors and attackers through threat management is therefore required. The concept of unified
threat management (UTM) is very appealing with multiple critical security technologies, integrated on a single platform,
provided by a single vendor. However, the process of evaluating UTM options is not simple. This paper discusses the issues
and challenges of cyber network management using Unified threat management (UTM) systems. The authors examine
Cyberoam UTM product which is among the most widely trusted tools in the information security arsenal. Answers to critical
questions in selecting the most suitable UTM like: Is a UTM solution right for my organization? What security features are
most important? Ease of management and support for remote users?, were provided in this paper with supporting practical
features. The paper concludes with the merits and demerits of UTM were presented and a suitable Unified threat
Management (UTM) systems like Cyberoam is recommended for organizations of all sizes.
Keywords: Network Security, Threat, Network Management, Remote

involves a distributed database, auto-polling of network

1.0 INTRODUCTION: The Need For Network

Management

devices, and high-end workstations generating real-time

graphical views of network topology changes and traffic
[1]. In general, network management is a service that
employs a variety of tools, applications, and devices to
assist human network managers in monitoring and
maintaining networks.
There are five conceptual areas of management defined
by the International Organization for Standardization
(ISO) as follows[1]:

Figure 1.0 Simple Representation of A Radial Network

1.1 Performance Management
Networks become larger and more sophisticated every
year as they continue to support the ever increasing

The goal of performance management is to measure and

demand for new services. Consequently, the task of

make available various aspects of network performance

controlling,

monitoring

and

managing

network

so that internetwork performance can be maintained at an

effectively is becoming increasingly complex.

acceptable level. Examples of performance variables that
Network management means different things to different
people. In some cases, it involves a solitary network
consultant monitoring network activity with an outdated

might be provided include network throughput, user

response times, and line utilization.

protocol analyzer. In other cases, network management

Olu F.O., Adedayo O.S., et al.

Page 1

Performance management sets up a reactive system.

problem occurs, this database can be searched for clues

When performance becomes unacceptable because of an

that may help solve the problem.

exceeded user-defined threshold, the system reacts by

1.3 Accounting Management

sending a message. Performance management also

The goal of accounting management is to measure

permits proactive methods: For example, network

network utilization parameters so that individual or group

simulation can be used to project how network growth

uses on the network can be regulated appropriately. Such

will affect performance metrics. Such simulation can alert

regulation minimizes network problems (because network

administrators

resources can be apportioned based on resource

to

impending

problems

so

that

counteractive measures can be taken.

capacities) and maximizes the fairness of network access

1.2 Configuration Management

across all users.

The goal of configuration management is to monitor

1.4 Fault Management

network and system configuration information so that the

The goal of fault management is to detect, log, notify

effects on network operation of various versions of

users of, and (to the extent possible) automatically fix

hardware and software elements can be tracked and

network

managed.

effectively. Because faults can cause downtime or

Each network device has a variety of version information

unacceptable network degradation, fault management is

associated with it[10]. An engineering workstation, for

perhaps the most widely implemented of the ISO network

example, may be configured as follows:

management elements.

problems

to

keep

the

network

running

Operating system, Version 3.2

Fault management involves first determining symptoms

Ethernet interface, Version 5.4

and isolating the problem. Then the problem is fixed and

TCP/IP software, Version 2.0

the solution is tested on all-important subsystems. Finally,

NetWare software, Version 4.1

the detection and resolution of the problem is recorded.

NFS software, Version 5.1

1.5 Security Management

Serial communications controller, Version 1.1

The goal of security management is to control access to

X.25 software, Version 1.0

SNMP software, Version 3.1

Configuration

management

subsystems

network resources according to local guidelines so that

the network cannot be sabotaged (intentionally or
store

this

information in a database for easy access. When a

Olu F.O., Adedayo O.S., et al.

unintentionally) and sensitive information cannot be

accessed by those without appropriate authorization. A

Page 2

security management subsystem, for example, can

The following are various technologies for Network

monitor users logging on to a network resource and can

Management

refuse access to those who enter inappropriate access

2.1 SNMP

codes.

The

Security management subsystems work by partitioning

Management Protocol. An SNMP-managed network

network resources into authorized and unauthorized areas.

consists of three key components: managed devices,

For some users, access to any network resource is

agents, and network-management systems (NMSs). An

inappropriate, mostly because such users are usually

agent is a network-management software module that

company outsiders. For other (internal) network users,

resides in a managed device. An agent has local

access to information originating from a particular

knowledge of management information and translates that

department is inappropriate. Access to Human Resource

information into a form compatible with SNMP. An NMS

files, for example, is inappropriate for most users outside

executes applications that monitor and control managed

the Human Resources department.

devices. NMSs provide the bulk of the processing and

Security

management

subsystems

perform

several

acronm

SNMP

stands

for

Small

Network

memory resources required for network management.

functions. They identify sensitive network resources

One or more NMSs must exist on any managed network.

(including systems, files, and other entities) and

A managed device is a network node that contains an

determine mappings between sensitive network resources

SNMP agent (small running software daemon) and that

and user sets. They also monitor access points to sensitive

resides on a managed network. Managed devices collect

network resources and log inappropriate access to

and store management information and make this

sensitive network resources.

information available to NMSs using SNMP. Managed

devices, sometimes called network elements, can be

2.0 NETWORK MANAGEMENT TECHNOLOGIES

routers and access servers, switches and bridges, hubs,

computer hosts, or printers.

Olu F.O., Adedayo O.S., et al.

Page 3

Figure 2.1: Cisco 3900 Series Router

Figure 2.0 An SNMP-Managed Network Consists of

Managed Devices and Agents

2.2 Network Management Devices

Network management devices include:
2.2.1 Router
Figure 2.2: Linksys Router

A router is a device that forwards data packets along

networks to the specific destination. A router is connected
to at least two networks, commonly two LANs or WANs
or a LAN and its ISPs network. Routers are located at
gateways, the places where two or more networks
connect.
Routers use headers and forwarding tables to determine

2.2.2 Switch
In networks, a switch is a device that filters and forwards
packets between LAN segments. Switches operate at the
LANs that use switches to join segments are called
switched LANs or, in the case of Ethernet networks,
switched Ethernet LANs [3].

the best path for forwarding the packets, and they use
protocols such as ICMP (Internet Control Message
Protocol) to communicate with each other and configure
the best route between any two hosts. Very little filtering
of data is done through routers.

Figure 2.3: Cisco Switch

Olu F.O., Adedayo O.S., et al.

Page 4

Threat), insider threats, malware, hacker, and other

sophisticated network attacks.

Figure 2.4: D-Link 24port Switch

2.2.3 Access Point
AP, short for Access Point is a hardware device that acts
as a communication hub for users of a wireless device to
connect to a wired LAN. APs are important for providing
heightened wireless security and for extending the
physical range of service a wireless user has access to.

Figure 2.6: Some Cyberoam UTM Appliances

Cyberoam

Unified

Threat

Management

hardware

appliances offer comprehensive security to large and

small organizations including branch offices. The
integrated multiple security features over a single, Layer 8
Identity-based platform make security simple and highly
effective. Examples of Cyberoam Appliance models
include
CR25iNG,

Figure 2.5: Cisco Aironet Access Point

CR100iNG,

CR200i, CR500ia,

CR200iNG-XP,

CR300iNG,

CR1500ia and CR2500iNG. The

hardware and matching software enables the NG series to

2.2.4 Cyberoam UTM
offer high throughput speeds, compared to any other
Cyberoam Technologies, a Sophos Company, is a global
UTM appliance. This assures support for future IT trends
Network Security appliances provider, with presence in
in organizations like high-speed Internet and rising
more than 125 countries. The company offers User
number of devices in organizations offering futureIdentity-based network security in its Next-Generation
ready security for small office networks[6].
Firewalls/

Unified

Threat

Management

appliances,
Cyberoam assures good security, connectivity and

allowing visibility and granular control into users'

productivity. Cyberoams Layer 8 Technology treats user
activities in business networks. For large enterprise
identity as the 8th layer or the "human layer in the
networks, this ensures security built around the network
network protocol stack. It attaches User-Identity to
user for protection against APTs (Advanced Persistent
security, by adding instant visibility into the source of

Olu F.O., Adedayo O.S., et al.

Page 5

attacks by username rather than only IP address, thus adds

error message is displayed if you try to upgrade

speed to an organizations security.

Appliance model CR100iNG with firmware for model

2.2.4.1 Powerful Hardware

CR300iNG but this release 10.6.2 is compatible with all

The NG series appliances come with a powerful hardware

Cyberoam Virtual Appliances[5].

consisting of Gigahertz processors for nano second

The Cyberoam CR300iNG is built on CyberoamOS the

security processing along with Gigabit Ethernet ports and

most intelligent and powerful Cyberoam firmware till

high port density. A complete overhaul of the appliance

date. The new firmware tightly integrates with the

design has resulted into an unmatched performance gain

hardware for network and crypto acceleration to deliver

with next-generation memory and more storage capacity.

high performance. The latest firmware CyberoamOS

2.2.4.2 FleXi Ports(XP)

10.6.2 support NG series and UTM security appliances.

The FleXi Ports in NG Series appliances offer flexible

CyberoamOS 10.6.2 has an execution point of interest to

network connectivity with I/O slots that allow additional

be accessible for all Cyberoam security appliances, hence

Copper/Fiber 1G/10G ports on the same security

it meets necessities of small business, medium sized

appliance. It allows organizations to upgrade to new

markets to large and extensive initiatives. Cyberoam has

technologies easily and cost-effectively, making them

more enhancement features on it to offer new functions to

future-ready. The FleXi Ports consolidate the number of

users on their security appliances. These enhancements

devices in a network, offering benefits of power

include: Readiness of Cyberoam in Discover mode (ATP

efficiency, reduced network complexity and reduced

mode), which will enable users (customers) and partners

operational costs.

to access Cyberoam security. User Threat Quotient

2.2.4.3 Power Rating

(UTQ), which offers security intelligence to identify

Input Voltage 100-240VAC

precarious users in a system. This feature is available as a

Consumption

report. It works by linking information obtained out of

137W

Total Heat Dissipation (BTU 467)

web traffic and relays it to proper channels. It is available

2.2.4.4 Firmware(Version10.6.2) - CyberoamOS

on both UTM appliances and Cyberoams Next-

This version of CyberoamOS is Appliance Model-

Generation Firewall

specific, firmware of one model will not be applicable on

another model and upgrade will not be successful. An

Olu F.O., Adedayo O.S., et al.

Page 6

3.0 FEATURES OF CYBEROAM UTM

Web filter blocks access to harmful websites, preventing

malware, phishing, pharming attacks and undesirable

3.1 Web Filtering

content that could lead to legal liability and direct

financial losses as is currently the global concern.

Table 3.0: Description of Web Filtering in Cyberoam UTM[6]___________________

Feature

Feature Description

Web Filtering Options

URL
Keyword
File type
Database

Web Security

Blocks embedded URLs in websites

Enforces safe search in search engines
Blocks malware, phishing, pharming URLs
Blocks Java Applets, Cookies

HTTPS Controls

Best-of-breed
Replacement

Benefit

Visibility into encrypted HTTPS Traffic

Prevents unauthorized file upload and download over
HTTP and HTTPS
Blocks unauthorized, malicious and illegal HTTPS
websites

Offers single, per-appliance subscription as opposed to

per-user subscription
Custom messages to user with reason for blocked
website
Category-based bandwidth allocation and prioritization
Data and bandwidth quota based on web categories
and time of the day

3.2 Bandwidth Management

Cyberoam Bandwidth Management offers Layer 8

Comprehensive web filtering &

content filtering

comprehensive web & internet

content filtering
Minimizes accidental and
intentional bypass by preventing
harmful websites from appearing in
search results
Data Leakage Prevention with web
filtering and content filtering
Prevents misuse of this encrypted
medium to carry out malware
attacks and unauthorized data
transfer
Controls legal liability
Right replacement for best-ofbreed solutions with
comprehensive, yet cost-effective
security
Educates users regarding best
practices in web usage
Ensures bandwidth to businesscritical applications
Prevents productivity loss

bandwidth abuse and optimizing bandwidth. It enhances

network performance and productivity.

Identity-based bandwidth control, preventing congestion,

Olu F.O., Adedayo O.S., et al.

Page 7

Table 3.1: Description of Bandwidth Management in Cyberoam UTM[6]

Feature

Feature Description

Web Category-based
Allocation

Time-based Allocation

Logging & Reporting

Bandwidth allocation based on website categories: webmail,

social media, gaming, entertainment etc.
Upload, download limits
Layer 8 Identity-based policies with category-based allocation

Gateway

Bandwidth scheduling by time of the day

Committed bandwidth to business-critical applications during
scheduling

Multiple WAN link bandwidth reporting

Options of on-appliance reporting and centralized reporting
with CCC and Cyberoam iView

Anti-Virus

Enhanced productivity with Web

Filtering
A bandwidth manager that balances
peaks and troughs in bandwidth
consumption
Assured QoS for business-critical
applications
Supports optimal use of bandwidth with
visibility into bandwidth usage
Identifies network attacks through excess
bandwidth consumption patterns
Helps meet regulatory compliance

Mark Level 5 certified gateway anti-virus is tightly

3.3 Anti-Virus & Anti-Spyware

Cyberoam

Benefit

and

Anti-Spyware

integrated with Web Filtering and Anti-Spam, securing

solution offers web, email and Instant Messaging security

organizations against blended attacks and maintaining

against malware, including viruses, worms, spyware,

high levels of security.

backdoors, Trojans and keyloggers. Cyberoams Check

Olu F.O., Adedayo O.S., et al.

Page 8

Table 3.2: Description of Antimalware in Cyberoam UTM[6]__________________________

Feature

Feature Description

Broad Security Cover

Zero-Hour Protection

Benefit

Malware scan over incoming and outgoing traffic

Virus, worm, Trojan detection and removal
Spyware, malware, phishing protection
Scan and deliver by file size

Virus Outbreak Detection (VOD) based on detection of

outbreak pattern
Signature-less protection

Layer 8 Identity-based
Security

Self-Service Virus
Quarantine

Identity-based on-appliance reporting

Differential policy creation based on users business need

Quarantine of virus-infected emails through Cyberoam AntiSpam

User right to check quarantine mails

Reduces window of vulnerability

Prevents misuse of the encrypted HTTPS
/ SSL traffic for malware propagation
Blocks attachments of executables, media
files, password-protected attachments
Protects against early-hour vulnerability
of massive virus outbreaks
Eliminates security gaps related to
signature update delays
Instant identification of source or
destination of attack based on user
identity, leading to high security
Minimizes accidental and intentional
bypass by preventing harmful websites
from appearing in search results
Real-time Email Security
Prevents mail loss
Saves IT administrator time
Meets quarantine requirements of
regulatory compliance

3.4 Intrusion Prevention System

and Distributed Denial of Service, respectively)

Cyberoam Intrusion Prevention System protects against

malicious code transmission, backdoor activity etc.

network

and

organizations

application-level
against

intrusion

attacks,

securing

Cyberoams signature-based Intrusion Prevention System

attempts,

malware,

carries thousands of automatically updated signatures,

Trojans, DoS and DDoS attacks (i.e. Denial of Service

Olu F.O., Adedayo O.S., et al.

enabling protection against the latest vulnerabilities.

Page 9

Table 3.3: Description of Intrusion Prevention System in Cyberoam UTM[6]______________________

Feature

Feature Description

Multiple Protocol
Support

Centralized Security

Logging & Reporting

Benefit

HTTP, FTP, SMTP, POP3, IMAP, P2P, IM support

Automatically detects, blocks, drops suspicious traffic

Security against network, application and

human layer attacks

Centralized custom signature creation and implementation at

remote offices

Zero-hour protection for distributed

networks
Simplified security with lower cost of
operations

Human Layer-8 Identity-based logging and reporting with

username, source, destination, period of activity
Dashboard, Top alerts, attackers and victims with severity of
attacks

Meets requirements of forensic analysis

Rapid corrective action with high security

3.5 Anti-Spam

organizations from zero-hour threats and blended attacks

Cyberoam Anti-Spam solution offers real-time spam

that involve spam, malware, phishing, Trojans and more.

protection over SMTP, POP3, IMAP protocols, protecting

Table 5: Description of Anti-Spam in Cyberoam UTM[6]____________________________
Feature

Recurrent Pattern
Detection

Virus Outbreak Detection

(VOD)

Identity-based Security

Feature Description

Automated antispam protection based on distribution pattern

Extracts and analyzes relevant message patterns
Signature-less technique
Detects, blocks emerging spam outbreaks
Content agnostic, multi-language, multi-format antispam
protection Blocks foreign language, image spam

Benefit

Signature-less detection from Cyberoam Anti-Virus and AntiSpyware

Layer 8 Identity-based requirement

Copy and route mail to pre-defined mail addresses

Email Management

Self-Service Quarantine
Area

Email Logging and

Reporting

Granular email management with message and attachment size,

subject line etc.

Quarantines malware-infected mails

Sends Spam Digest to users
User right to check quarantine mails

Data archiving
Extensive Layer 8 Identity-based reporting Top spam
receivers, senders, applications of spam
Real-time logs and reports
Options of on-appliance reporting, centralized reporting from
Cyberoam iView

Olu F.O., Adedayo O.S., et al.

Zero-hour protection with no wait for

signature updates
Narrow window of exposure
High spam catch rate
Closes early-hour vulnerability gap of
massive virus outbreaks over email
Protects against the initial peak of attack
Comprehensive Email Security
Data Leakage Prevention
Granular protection based on user work
profile
Minimizes exposure to threats and legal
implications
Increases productivity
Lower cost of compliance
Quick recovery for disaster management
Meets security and regulatory compliance
requirements
Saves IT administrator time

Meets regulatory compliance, audit,

forensic requirements

Page 10

3.6 Firewall

organizations from Denial of Service (DoS), Distributed

Cyberoam Firewall is available as a Next-Generation

Denial of Service (DDoS) and IP Spoofing attacks.

Firewall and UTM firewall. It offers stateful and deep

Cyberoams Layer 8 Human Identity-based firewall

packet inspection for network, application and user

appliance enables work-profile based policies and a single

identity-based security. Cyberoam Firewall thus protects

interface for policy creation across all features, providing

ease of management and high security with flexibility.

Table 5: Description of Firewall in Cyberoam UTM[6]________________________

Feature

Feature Description

Benefit

Human Layer 8 Identitybased Security

FUSION Technology

Firewall with Identity-based policy creation

Access Control Criteria (ACC) User-Identity, Source &
Destination Zone, MAC and IP address, Service

Policy creation for multiple security features through single

interface in firewalls
Firewalls well-integrated with VPN, IPS, Anti-Virus & AntiSpyware, Anti-Spam, Web Filtering, Bandwidth Management,
Multiple Link Management

3.7 Quality of Service

Secures dynamic IP environments like Wi-Fi

and instances where users share the endpoints
User identity-based decision making prevents
errors associated with IP address-based
policies
Simplifies audit requirements with instant user
identification

Blends Security, Connectivity, Productivity

Provides integrated perimeter security

Firewall Rule - Restricting the bandwidth for

QoS (Quality of Service) policy is used to manage and

any entity to which the firewall rule is applied.

distribute total bandwidth on certain parameters like user,

Web Category It restricts the bandwidth for

firewall, web category or application. QoS policy

the web address categorized under the Web

allocates and limits the maximum bandwidth usage of the

category.

user and controls web and network traffic [5]. The

appliance allows policy to be defined/created for:

Application It restricts the bandwidth for the

application.

User This restricts the bandwidth of a

particular user.

Olu F.O., Adedayo O.S., et al.

Page 11

Chart 3.0: User-Based Individual Configuration Interface

Chart 3.1: Firewall Rule-Based Configuration Interface

Olu F.O., Adedayo O.S., et al.

Page 12

Cyberoam allows configuration of network to establish

its easy to use GUI. However, the key features that are

how your appliance connects, interacts with your

ready for implementation on a Cyberoam- controlled

network, and allows configuring network specific

domain for an effective and optimized network include:

settings.The appliance basically has a number of physical

Virtual Private Network (VPN); Bandwidth Management;

interfaces/ports and number of interfaces depends on the

Web Filtering; Fail-Over and Load Balancing; Instant

appliance model. The physical interfaces can be

Messaging (IM) Management; Logging/Monitoring; On-

configured to provide various services. Similarly,

Appliance

by default, appliance supports only one gateway, but to

Authentication;

cope with gateway failure problems it provides an option

Prevention System. The following diagram illustrates a

to configure multiple gateways.

remote connection to a network across the internet

For web application firewall, Cyberoam offers a

through the use of a Cyberoam appliance:

Cyberoam
Gateway

I-View

Reporting;

Anti-Spam

and

User

Intrusion

subscription on its network security appliances (NextGeneration Firewalls/UTMs) to secure websites and Webbased applications in organizations against attacks such as
SQL injection, cross-site scripting (XSS), URL parameter
tampering, session hijacking, buffer overflows, and more,
including the Open Web Application Security Project
(OWASP) Top 10 Web application vulnerabilities.

4.0 CYBEROAM EDGE OVER OTHER NETWORK

MANAGERS
Chart 4.0: Cyberoam Typical Network Diagram
Cyberoam UTM has quite a number of features that can
be deployed within few minutes of configuration through
Cyberoam unlike other vendor devices allows an
administrator to implement any option that matches
his/criteria.
4.1 Bandwidth Management

The appliance optimizes bandwidth usage and prevents

network congestion, lowering bandwidth costs. It works

Olu F.O., Adedayo O.S., et al.

Page 13

in tight integration with Web Filtering, Application and

Bandwidth. This Application based policy is then applied

Instant Messaging controls to support high levels of

to Firewall Rule.

security and productivity [8].

4.2 Configuration

Scenario: Apply QoS Policy for Application Bearshare

All configurations are done from Cyberoam Web Admin

such that it gets lowest priority and 128 KBps as Total

Console using profile having read-write administrative

rights over relevant features.

Chart 4.1: Part of Application Filtering Configuration on Cyberoam

Olu F.O., Adedayo O.S., et al.

Page 14

Chart 4.2: Part of Firewall Rule Policy/User Group Configuration

Olu F.O., Adedayo O.S., et al.

Page 15

4.3 Fail Over And Link/Load Balancing

Chart 4.3: Configuration of Multiple ISP on Cyberoam

Cyberoam supports Load Balancing and Failover for

4.4 Intrusion Prevention System Feature

multiple ISP links based on number of WAN ports

Cyberoam signature-based Intrusion Prevention System

available in the Appliance. You can terminate multiple

carries thousands of automatically updated signatures,

ISP links on available physical interfaces of Cyberoam in

enabling protection against the latest vulnerabilities.

the form of Gateways. A Gateway can be configured as

4.5 Gateway Anti-Spam Feature

an Active or a Backup Gateway.

Anti-Spam solution provided on Cyberoam appliance

The Gateways can be setup in Two (2) ways: Active-

offers real-time spam protection over SMTP, POP3,

Active (all gateways are in active state and traffic is load

IMAP protocols, protecting organizations from zero-hour

balanced between all active gateways) and Active-

threats and blended attacks that involve spam, malware,

Backup (one or more gateways configured as backup, so

botnets, phishing, Trojans and more.

as to allow Administrator to configure gateway failover if

4.6 Report/Loggin Feature

any active gateway goes down).

Cyberoam offers real time visibility into the entire

network and user activity with its identity based reporting

Consider the hypothetical network in which one ISP link

feature. This offers a comprehensive insight into network

is terminated on Port B and Administrator wants to

management activities such as internet access and

terminate another ISP link on Port D

bandwidth usage, source and destination traffic etc.

Below are screen shots of reports generated through
Cyberoam I-View report feature;

Olu F.O., Adedayo O.S., et al.

Page 16

Chart 4.4 : Appliance Data Recorded On Appliance Hard Disk[9]

Olu F.O., Adedayo O.S., et al.

Page 17

Chart 4.5: Charting of Appliance Data From Hard Disk[9]

Olu F.O., Adedayo O.S., et al.

Page 18

5.0 CHALLENGES OF USING CYBEROAM

UTM

assessment. Researchers should also consider

network management as an area of further interest.

The application of Cyberoam as a network management

tool, presents its own challenges. These include:
ACRONMS
1.

2.

3.

4.

Need for intensive training, up

to certification levels, for
technical hands;

SMTP -

Small Mail Transfer Protocol

POP3 -

Post Office Protocol version 3

Product needs to be marketed more

intensively so as to make both support
and penetration impact deeper;

IMAP -

Internet Message Access Protocol

ISP -

Internet Service Provider

WAN -

Wide Area Network

Observation in the field revealed that

the resilience of the system software
(iOS) in the face of incessant power
outages needs improvement. This may
be achieved through reduction of
number of procedures or processes the
software undergoes when running.
However, adequate power backup will
protect the appliance.

QoS

Quality of Service

IM

Instant Messaging

VPN

Virtual Private Network

HTTP

HyperText Transfer Protocol

FTP

File Transfer Protocol

P2P

Pair To Pair

URL
address)

Uniform Resource Locator (web

Technical support is still scanty in the

country, thus allowing a relatively
longer response time (support). More
engineers need to acquire skills in
Cyberoam management.

CONCLUSION AND RECOMMENDATIONS

Cyberoam Unified Threat Management appliance
has been comprehensively presented as an efficient
product, where there is the opportunity to centrally
manage network monitoring, control and
maintenance, from a single station/interface. It is not
the only product available to a network manager, but
having been tested and recommended by network
managers for UTM applications, it is able to meet
most configuration policies especially those in
discussion above. In the light of the above, business
minded engineers and technology enthusiasts are
encouraged to harness opportunities in this product.
It is also recommended for proof of concept as an
Olu F.O., Adedayo O.S., et al.

REFERENCES
[1] Ralf Bendrath: Global Technology Trends and
National Regulation: Explaining Variation in the
Governance of Deep Packet Inspection(15-18 February
2009); Paper prepared for the International Studies
Annual Convention New York City
[2] Sophos Acquires Cyberoam Technologies - Cyberoam
Press Release, 10 Feb 2014;
[3] Text mode programs (CUI: Console User Interface).
http://www.winehq.org/docs/wineusr-guide/cui-programs;
Wine User Guide. Retrieved Sep 22, 2013
[4] Security Mastery With Cyberoam CR1000iNG-XP
(Aug 2015):
http://nigeriancommunicationsweek.com.ng/ebusiness/cyberoam-shows-security-mastery-withcr1000ing-xp(Nigerian Communications Week
Newsletter)

Page 19

[5] Peter Stephenson, UTM Reviews , SC Magazine, 1

December 2011

[9] Energy Commission of Nigeria (Server Room

Management Team)- Cyberoam Appliance Data.

[6] http://www.cyberoam.com/productoverview.html.

[10]
http://docwiki.cisco.com/wiki/Network_Management_Ba
sics

[7]
https://training.cyberoam.com/training/webpages/academ
yStudent/curriculum.jsp

[11] http://www.webopedia.com

[8] http://help.cyberoam.com/cyberoam

Olu F.O., Adedayo O.S., et al.

Page 20