Banco Terra, Mozambique, Africa
Cyberoam Provides Secure Connectivity to Axiom Telecom, Saudi
About Banco Terra, BFSI

Banco Terra is a commercial bank in Mozambique with specific focus on expanding credit and financial services to disadvantaged communities in rural and semi-urban areas of the country. The major shareholders of the bank include Europe-based development finance institutions - Rabobank, RfW and Norfund and GAPI-SI, a domestic institution which promotes entrepreneurship in Mozambique by improving the creditworthiness of SMEs and community-based organizations.


We needed a good firewall, anti spam, and virus and content filtering. Internet is the primary business enabler as it is used for back-office administration, mailing and maintaining the contact with the outside world.

Mr.Carino Modan
IT Manager
Banco Terra



The Banco Terra network was a new completely new implementation. Mr. Carino Modan, the IT Manager for Banco Terra was looking for a reliable Internet security platform to protect the bank and its users.

Says Mr. Modan, “We did not want to take any chances with our security requirements. We were looking for a feature-rich solution which would give us maximum ROI while addressing our major security concerns - all in a single package.” The concerns are listed below.

  • Basic Perimeter Protection: The bank was looking for a gateway firewall to control Internet traffic and prevent unauthorized access to its sensitive internal resources.

  • Spam-free Email Traffic: Email was an extremely critical operation for day-to-day business activities at Banco Terra. The bank was concerned that employee productive time was being wasted in deleting spam messages and frequently checking for false positives not to mention the storage space and bandwidth costs for unwanted mails. So, they were looking for an anti-spam solution with high spam catch rate which would scan mails across all protocols including SMTP, POP3 and IMAP and keep false positive rate low.

    The bank also wanted the solution to easily recognize spam based on images, foreign characters and mail attachments which would be auto-adaptive in the face of zero hour attacks, without any need for manual intervention.

  • Protection against Malware: The bank was looking for a gateway anti-virus solution to prevent both web- and email-borne malware from entering the network and reducing IT help desk calls. In essence, they wanted to avoid problematic situations where for example, a single spyware attack has the power to slow down infected machines in the network while eating into business-critical bandwidth. The bank was especially concerned about the possibility of their network being made vulnerable to further attacks through accidental visits to malware-laden website/blog pages or unsafe downloads. For this, they wanted their anti-virus solution to scan viruses for HTTP and FTP over HTTP traffic on the web. The bank was also concerned about mail-based virus, Trojan, spyware, adware and phishing attempts and wanted a solution which could identify mass outbreaks of such threats and proactively block them from entering the network.

  • Surfing Control for Employee Productivity: The bank wanted a content and application filtering solution to block unwanted sites while enforcing productive surfing among employees and to prevent phishing and pharming.

  • Achieving Business Continuity: The bank was looking for a solution which could bridge the geographical distance between the head office and the six branches so that users could securely connect from any location and use the bank‘s resources. Also, they wanted to avoid downtime issues due to any Internet connection breaking down. For this, they wanted the solution to be capable of automatically routing VPN traffic through alternate Internet connections.
The Cyberoam Solution

After taking a view of other available products in the market such as Cisco ASA and Watchguard, Banco Terra finally zeroed in on Cyberoam UTM after a proof of concept prior to installation. According to Mr. Modan, “The main thing that impressed me about Cyberoam UTM was that it precisely met all our business requirements while easily fitting into our budget. Cyberoam has ensured that all aspects of IT management are dealt with properly in our organization as a result of which, our productivity related to banking operations has gone up.”

Banco Terra deployed three Cyberoam CR50i appliances in gateway mode at the Head Office. Of these, the first one is being used for Internet access, the second one for back-up and the third one to ensure VPN connectivity for branches. In addition, they have deployed six Cyberoam CR25i appliances in gateway mode at the branch offices.

Cyberoam UTMs deployed at Banco Terra had Firewall, VPN, Gateway Anti-Spam, Anti-Virus & Anti-Spyware and Content Application Filtering enabled on them, leading to the following business benefits:

  • Firewall Protection:

    Cyberoam‘s Stateful Inspection ICSA and Checkmark-certified firewall acted as a perimeter security solution to protect the bank‘s sensitive information from unauthorized outside access.

  • Spam Control

    Cyberoam‘s Gateway anti-spam feature enables the bank to filter all their mails over SMTP, POP3 and IMAP protocols and automatically detect, tag, quarantine and block spam.

    With a 98% spam catch rate, Cyberoam‘s Recurrent Pattern Detection (RPD) TM technology delivers real-time protection against spam outbreaks and eliminates false positives. It is highly effective against image-based spam and spam based on foreign characters.

  • Surfing Control

    Cyberoam‘s 82+ category strong web content filtering keeps the bank‘s resources surfing productively. By customizing user identity-based policies, the bank provides selective Internet access and surfing rights based on the user‘s working needs. It also blocks unauthorized sites including pornography, chatting, phishing and pharming sites.

  • Secure, Uninterrupted Business Connectivity

    One of the CR50i appliances deployed at the Head Office was used to ensure IPSec VPN connectivity along with six CR25i appliances at branches. This allows branch office users to seamlessly connect to the Head Office network and access their work. Thus, the bank found the right solution to flexibly operate its business from different locations.

    Threat-free Tunneling (TFT)-driven VPN ensures that all the traffic is securely encrypted and no malware sneaks through it.

    Also, Cyberoam ensures transparent VPN failover for branches in order to provide uninterrupted connectivity for branch users. When an Internet connection fails, this feature dynamically switches traffic over to the active connection, maintaining uninterrupted VPN service.