Siyaram Silk Mills Ltd Mumbai, India
Cyberoam UTM Forms an Integral Part of Siyaram's Futuristic Security Landscape
About Siyaram Silk Mills Ltd, Textile Industry
Siat is an agro-industrial group of companies specialized in the establishment and management of industrial as well as smallholders' plantations and allied processing and downstream industries. The main focus rests on oil palm and rubber, while cattle ranching is gaining importance in the group.
Siat seeks majority equity participation in the capital of private agro-industrial companies and provides management and engineering services. The head office is located in Brussels.
We have deployed eighteen
(18) Cyberoam UTM
appliances across six main
locations and other remote
sites. The primary reasons
for choosing Cyberoam are
its intuitive interface and
identity based reporting,
which the other solutions
Like every fast progressing company, Siyaram's decided to take up a major
modernization drive. Under the drive they decided to revamp the existing network to
cater to the present and futuristic needs. An enterprise-wide secure IT environment
was an integral part of the new network landscape.
The new futuristic network landscape had a few important inherent considerations.
Siyaram's production and corporate infrastructure is spread over six different
locations. Remotely located nation-wide branch offices also form an important
auxiliary network, which has to be secured to the mainstream. Mr. Ananthakrishnan
(Head-IT, Siyaram's) wanted a fully redundant network which can provide round-theclock
connectivity to the six main locations and other remote offices. The remote
locations are connected to the main network through leased lines with VSAT
(Satellite) providing backup to the leased line.. Moreover, for the remote locations, the
failover deployment would be such that in case of the leased line failure, the total
traffic would be redirected through the, hitherto passive, VSAT link. Security over the
distributed network is highly demanding.
“With organizational growth, the number of locations and Internet users multiplied.
However, not everyone required aWorld WideWeb connection. Our aim is selective
Internet access to achieve effective and productive information dissemination,” said
Siyaram's adopted Active Directory Service (ADS) as a backbone for the entire
organization. Apart from the other needs stated above, they needed a UTM that
would cater to three primary requirements, viz,
1. Neutralize virus and malware threats
2. Manage various levels of access using identity
3. Link bandwidth management using identity-based services
The Cyberoam Solution
“We went through a very detailed evaluation process where in we actually put UTMs
from three vendors to detailed and rigorous testing in a live user environment for a
period of one month each. Based on these detailed tests, we zeroed in on Cyberoam
UTM. We have deployed eighteen (18) Cyberoam UTM appliances across the six
The deployment details are:
locations and other remote sites on a High-Availability mode. We chose Cyberoam
CR500i for the central location, Cyberoam CR250i for the DR site and Cyberoam
CR50i appliances to provide perimeter security to branch offices and remote
locations. The primary reasons for choosing Cyberoam are its intuitive interface and
identity based reporting, which the other solutions lack,”Mr.Ananthakrishnan said
Cyberoam's Firewall page provided centralized access and management to all the
security services. This facility simplifies the process of policy creation, irrespective to
the security service. Coupled with extremely user-friendly interface, Mr.
Ananthakrishnan found the complex task of UTM management, simplified resulting
into less training investment.
Cyberoam allows remote management of itsWeb Admin Console (GUI) over Secure
HTTP. This ensures that the distributed appliances can be managed remotely without
on-site deployment of a skilled person.
“Cyberoam UTM uses Kaspersky Antivirus, which is one of the leading anti-virus
vendors. The results are quite encouraging,” Mr. Ananthakrishnan said. As
Cyberoam scanned theWeb and the mail traffic for malware and virus, the possibility
of infection creeping in through the gateway is effectively mitigated.
The image based spam capture is also providing encouraging results.
The in-house URL based filtering database of Cyberoam is very impressive. It helps
protect against spyware and other malware by preventing the users from accessing
such sites. Apart from porn and P2P sites, it also has categories to block Phishing and
“We have divided our users into different groups based on their professional
responsibilities,”Mr. Ananthakrishnan said. The groups have profile-based access to
the Internet, eg. HR is the only group with access to jobs' sites. Moreover, as a part of
the corporate policy, no user is allowed to access Porn, Instant Messaging, streaming
and downloading. Because of lack of filtering and access management earlier, the
highest bandwidth hoggers were the stock market sites, which now has been
restricted to be accessed by only the Securities Dept.
While describing Cyberoam's superior identity-based policy management, Mr.
Anantkrishanan said, “One of the major advantages of Cyberoam is that it allows
group based rule creation, which can be further fine-tuned to an individual user's
level. So you can have a different group policy and a different granular user-based
policy.” Cyberoam's Identity based policies and reporting also helps him to keep a
direct track and control over the end user's online activities.
Siyaram's is also in the process of implementing SAP. To facilitate this
implementation, Cyberoam helped them split and prioritize the total available
bandwidth among service, group and users, respectively. Cyberoam's multilink
manager made sure that the organization always had a live Internet link, providing
round the clock connectivity.