Specifications
Interfaces
| Copper GbE | 3 |
| Internal/DMZ/WAN Ports | Yes |
| Console Ports (RJ45/DB9) | 1 |
| USB Ports | 2 |
Built-in Wireless LAN
| Wireless Standards | IEEE 802.11 a/b/g/n (WEP, WPA, WPA2,802.11i , TKIP, AES, PSK) |
| Antenna | Detachable 2×2 MIMO |
| Access Points | Up to 8 SSID |
| Transmit Power | 802.11a: 12dBm ± 2dBm 802.11b: 17dBm ± 2dBm 802.11g: 16dBm ± 2dBm 802.11an (HT20): 12dBm ± 2dBm@MCS7 802.11an (HT40): 11dBm ± 2dBm@MCS7 802.11gn (HT20): 15dBm ± 2dBm@MCS7 802.11gn (HT40): 14dBm ± 2dBm@MCS7 |
| Receiver Sensitivity | 802.11a: ≤ -76dBm@54Mbps 802.11b: ≤ -85dBm@11Mbps 802.11g: ≤ -76dBm@54Mbps 802.11gn (HT20): ≤ -75dBm@MCS7 802.11gn (HT40): ≤ -72dBm@MCS7 802.11an (HT20): ≤ -74dBm@MCS7 802.11an (HT40): ≤ -71dBm@MCS7 |
| Frequency Range | 2.412 GHz – 2.472 GHz, 5.200 GHz – 5.825 GHz |
| Data Rate | 11a: Up to 54Mbps 11b: Up to 11Mbps 11g: Up to 54Mbps 11n: Up to 300Mbps |
System Performance*
| Firewall Throughput (UDP) | 400 (Mbps) |
| Firewall Throughput (TCP) | 300 (Mbps) |
| New sessions/second | 2,000 |
| Concurrent sessions | 27,500 |
| IPSec VPN Throughput | 100 (Mbps) |
| No. of IPSec Tunnels | 25 |
| SSL VPN Throughput | 25 (Mbps) |
| Anti-Virus Throughput | 100 (Mbps) |
| IPS Throughput | 90 (Mbps) |
| UTM Throughput | 60 (Mbps) |
Stateful Inspection Firewall
- Layer 8 (User – Identity) Firewall
- Multiple Security Zones
- Access Control Criteria (ACC) – User – Identity, Source & Destination Zone, MAC and IP address, Service
- UTM policies – IPS, Web Filtering, Application Filtering,Anti-Virus, Anti-Spam and Bandwidth Management
- Layer 7 (Application) Control & Visibility
- Access Scheduling
- Policy based Source & Destination NAT
- H.323, SIP NAT Traversal
- 802.1q VLAN Support
- DoS & DDoS Attack prevention
- MAC & IP-MAC filtering and Spoof prevention
Gateway Anti-Virus & Anti-Spyware
- Virus, Worm, Trojan Detection & Removal
- Spyware, Malware, Phishing protection
- Automatic virus signature database update
- Scans HTTP, HTTPS, FTP, SMTP/S, POP3, IMAP, IM, VPN Tunnels
- Customize individual user scanning
- Scan and deliver by file size
- Block by file types
- Add disclaimer/signature
Gateway Anti-Spam
- Inbound Scanning
- Real-time Blacklist (RBL), MIME header check
- Filter based on message header, size, sender, recipient
- Subject line tagging
- IP address Black list/White list
- Redirect Spam mails to dedicated email address
- Image-based Spam filtering using RPD Technology
- Zero hour Virus Outbreak Protection
- IP Reputation-based Spam filtering
Intrusion Prevention System
- Signatures: Default, Custom
- IPS Policies: Multiple, Custom
- User-based policy creation
- Automatic Signature updates
- Protocol Anomaly Detection
- DDoS attack prevention
- SCADA-aware IPS with pre-defined category for ICS and SCADA signatures
Web Filtering
- On-cloud Web Category Database
- URL, keyword, File type block
- Categories: Default(89+), Custom
- Protocols supported: HTTP, HTTPS
- Block Malware, Phishing, Pharming URLs
- Schedule-based access control
- Visibility and Controls for HTTPS based Micro-Apps like Facebook chat, Youtube video upload
- Custom block messages per category
- Block Java Applets, Cookies, Active X
- CIPA Compliant
- Data leakage control via HTTP, HTTPS upload
Application Filtering
- Inbuilt Application Category Database
- Schedule-based access control
- Block
- Proxy and Tunnel
- File Transfer
- Social Networking
- Streaming Media
- Storage and Backup
- Layer 7 (Applications) & Layer 8 (User – Identity) Visibility
- Securing SCADA Networks
- SCADA/ICS Signature-based Filtering for Protocols – Modbus, DNP3, IEC, Bacnet, Omron FINS, Secure DNP3, Longtalk
- Control various Commands and Functions
Virtual Private Network
- IPSec, L2TP, PPTP
- Encryption – 3DES, DES, AES, Twofish, Blowfish, Serpent
- Hash Algorithms – MD5, SHA-1
- Authentication – Preshared key, Digital certificates
- IPSec NAT Traversal
- Dead peer detection and PFS support
- Diffie Hellman Groups – 1,2,5,14,15,16
- External Certificate Authority support
- Export Road Warrior connection configuration
- Domain name support for tunnel end points
- VPN connection redundancy
- Overlapping Network support
- Hub & Spoke VPN support
VSSL VPN
- TCP & UDPTunneling
- Authentication – Active Directory, LDAP, RADIUS, Cyberoam
- Multi-layered Client Authentication – Certificate, Username/Password
- User & Group policy enforcement
- Network access – Split and Full tunneling
- Browser-based (Portal)Access – Clientless access
- Lightweight SSL VPN Tunneling Client
- Granular access control to all the Enterprise Network resources
- Administrative controls – Session timeout, Dead Peer Detection, Portal customization
- TCP- based Application Access – HTTP, HTTPS, RDP, TELNET, SSH
Instant Messaging (IM) Management
- Yahoo and Windows Live Messenger
- Virus Scanning for IM traffic
- Allow/Block Login
- Allow/Block File Transfer
- Allow/Block Webcam
- Allow/Block one-to-one/group chat
- Content-based blocking
- IM activities Log
- Archive files transferred
- Custom Alerts
Wireless WAN
- USB port 3G/4G and WiMAX Support
- Primary WAN link
- WAN Backup link
Bandwidth Management
- Application and User Identity based Bandwidth Management
- Guaranteed & Burstable bandwidth policy
- Application & User Identity based Traffic Discovery
- Multi WAN bandwidth reporting
- Category-based bandwidth restriction
User Identity and Group Based Controls
- Access time restriction
- Time and Data Quota restriction
- Schedule based Committed and Burstable Bandwidth
- Schedule based P2Pand IM Controls
Networking
- Failover – Automated Failover/Failback, Multi-WAN failover, 3G Modem failover
- WRR based load balancing
- Policy routing based on Application and User
- IP Address Assignment – Static, PPPoE, L2TP, PPTP & DDNS Client, Proxy ARP, DHCP server, DHCP relay
- Support for HTTP Proxy
- Dynamic Routing: RIP v1& v2, OSPF, BGP, PIM-SIM, Multicast Forwarding
- Parent Proxy support with FQDN
- “IPv6 Ready” Gold Logo
Administration & System Management
- Web-based configuration wizard
- Role-based access control
- Firmware Upgrades via Web UI
- Web 2.0 compliant UI (HTTPS)
- UI Color Styler
- Command Line Interface (Serial, SSH, Telnet)
- SNMP(v1, v2c, v3)
- Multi-lingual support: Chinese, Hindi, French, Korean
- Cyberoam Central Console (Optional)
- NTP Support
User Authentication
- Internal database
- Active Directory Integration
- Automatic Windows/RADIUS Single Sign On
- External LDAP/RADIUS database integration
- Thin Client support – Microsoft Windows Server 2003
- 2-factor authentication: 3rd party support**
Terminal Services and Citrix XenApp - External Authentication – Users and Administrators
- User/MAC Binding
- Multiple Authentication servers
Logging/Monitoring
- Graphical real-time logging and monitoring
- Syslog support
- Log Viewer – Firewall, IPS, Web filter, Anti Virus, Anti Spam, Authentication, System and Admin Events
IPSec VPN Client***
- Inter-operability with major IPSec VPN Gateways
- Supported platforms: Windows 2000, WinXP 32/64-bit, Windows 2003 32-bit, Windows 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 32/64-bit
- Import Connection configuration
Certification
- ICSAFirewall – Corporate
- Checkmark UTM Level 5 Certification
- VPNC – Basic and AES interoperability
- ” IPv6 Ready ” Gold Logo
Hardware Specifications
| Memory | 1GB |
| Storage | 4GB |
Compliance
- CE
- FCC
Dimensions
| H x W x D (inches) | 1.35 x 8.75 x 6.8 |
| H x W x D (cms) | 3.43 x 22.23 x 17.3 |
| Weight | 1.10 kg, 2.42 lbs |
Power
| Input Voltage | 100-240 VAC |
| Consumption | 22W |
| Total Heat Dissipation (BTU) | 75 |
Environmental
| Operating Temperature | 0 to 40 °C |
| Storage Temperature | -25 to 75 °C |
| Relative Humidity (Non condensing) | 10 to 90% |
*Antivirus, IPS and UTM performance is measured based on HTTP traffic as per RFC 3511 guidelines. Actual performance may vary depending on the real network traffic environments.
**For details, refer Cyberoam’s Technical Alliance Partner list on Cyberoam website. ***Additional Purchase Required.
Contact Us
Ready to use Cyberoam CR10wiNG? Contact us to know more about our services or submit the form below.