Solution Briefs

Cyberoam virtual network security appliances can be deployed as Next-Generation Firewalls or UTMs and offer industry-leading network security to virtual data-centers, “Security-in-a-Box” set-up for MSSPs/organizations, and “Office-in-a-Box” set-up. By offering comprehensive security features available in its hardware security appliances, in virtualized form, these virtual appliances offer Layer 8 Identity-based security on a single virtual appliance, which is as strong as security for the physical networks.

Cyberoam offers a complete virtual security solution to organizations with its virtual network security appliances (Next-Generation Firewalls/UTMs), virtual Cyberoam Central Console for centralized management, and Cyberoam iView software for centralized logging and reporting.

Take control of what you want, how much you want, how you want it with Cyberoam Virtual Network Security Appliances!

WHAT you want

  • Get a virtual security solution for virtualized environments without deploying a hardware security appliance anymore
  • Get support to scale-up your security in virtual network as your business grows

HOW MUCH you want

  • Upgrade your virtual security appliances using a simple activation key to match your growing business needs
  • Get benefits of a shared infrastructure by capitalizing on the lean and peak periods of network activities

HOW you want

  • Choose between individual and a mix of physical and virtualized environments without worrying about security
  • Get deployment flexibility with a licensing model that is based on the number of vCPUs
  • Upgrade to a higher virtual security appliance model only when you want to even when the number of network users increase beyond the recommended number for a given model
Cyberoam virtual network security appliance range includes :’

  • CRiV-1C (Support upto 1 vCPU)
  • CRiV-2C (Support upto 2 vCPU)
  • CRiV-4C (Support upto 4 vCPU)
  • CRiV-8C (Support upto 8 vCPU)
  • CRiV-12C (Support upto 12 vCPU)

The virtual platforms supported by Cyberoam virtual network security appliances:

  • VMware ESX/ESXi
  • VMware Workstation
  • VMware Player
  • Hyper-V
  • KVM
  • Citrix XenServer

Technical Specifications

  CRiV-1C CRiV-2C CRiV-4C CRiV-8C CRiV-12C
Hypervisor Support Vmware ESX/ESXi 4.0/4.1/5.0, VMware Workstation 7.0/8.0/9.0, VMware Player 4.0/5.0, Microsoft Hyper-V 2008/2012, KVM, Citrix XenServer
vCPU Support (Min / Max) 1 / 1 1 / 2 1 / 4 1 / 8 1 / 12
Network Interface Support (Min / Max) 3 / 10 3 / 10 3 / 10 3 / 10 3 / 10
Memory Support (Min / Max) 1 GB / 4 GB 1 GB / 4 GB 1 GB / 4 GB 1 GB / 4 GB 1 GB / 4 GB

System Performance*

  CRiV-1C CRiV-2C CRiV-4C CRiV-8C CRiV-12C
Firewall Throughput (UDP) (Mbps) 1,500 3,000 3,500 4,000 4,000
Firewall Throughput (TCP) (Mbps) 1,200 2,500 3,000 3,500 4,000
New sessions/second 25,000 30,000 40,000 50,000 60,000
Concurrent sessions 230,000 525,000 1,200,000 1,500,000 1,750,000
IPSec VPN Throughput (Mbps) 200 250 300 350 400
No. of IPSec Tunnels 200 1,000 1,500 2,000 2,500
SSL VPN Throughput (Mbps) 300 400 550 550 750
WAF Protected Throughput (Mbps) 300 500 800 1,400 1,550
Anti-Virus Throughput (Mbps) 900 1,500 2,000 2,200 2,450
IPS Throughput (Mbps) 450 750 1,200 1,800 1,900
Fully Protected Throughput** (Mbps) 250 450 1,000 1,400 1,550
Authenticated Users/Nodes Unlimited Unlimited Unlimited Unlimited Unlimited

* Antivirus, IPS and Fully Protected Throughput performance is measured based on HTTP traffic as per RFC 3511 guidelines. Actual performance may vary depending on the real network traffic environments.

** Fully Protected Throughput is measured with Firewall, IPS, Web & Application Filtering and Anti-Virus features turned on.

Along with the flexibility to deploy hardware and virtual appliances for network security, Cyberoam virtual network security appliances (Next-Generation Firewalls/UTMs) protect virtual networks from attacks on hypervisor management console, hypervisor & Guest OS, virtualized web-facing applications and servers and allows organizations to secure Zero Trust Networks with comprehensive security features in virtualized form.

Protection for Virtualized Networks Cyberoam virtual network security appliances remove blind spots within the virtualized environments with their ability to scan inter-VM traffic, also allowing granular firewall and security policies over inter-VM traffic. In cases where the hypervisor management console is placed in live production virtual environment due to lack of segmentation within virtual environments, organizations get security from threats like hyperjacking and other hypervisor vulnerabilities with administrators segregating the Hypervisor Management Console in DMZ and routing all traffic through the virtual security appliance. Cyberoam enables role-based administrator controls even in collapsed DMZ in case of virtualized networks, allowing separation of administrator duties along with identity-based logs and reports with Cyberoam’s on-appliance reporting feature. The virtual security appliance allows Identity-based security policies over user authentication, service authorization and reporting (AAA) that offers visibility and user-based access controls in virtual environments, thus securing Zero Trust Networks.

Comprehensive Virtual Security Cyberoam virtual security appliances consolidate multiple security features like firewall, VPN, Anti-Spam, Anti-Virus, IPS, WAF, Web & Application Filtering, Bandwidth Management, and more, in a single virtual appliance that makes virtual environments as secure as the physical infrastructure.

Ease of Deployment Cyberoam virtual security appliances are easy to deploy with a licensing model that provides the flexibility to allot the number of vCPUs for Cyberoam virtual security appliance based on customer requirements. A simple key activation to upgrade to higher models and no hard limits on crossing recommended usage limits make Cyberoam virtual security appliances easy to deploy in your virtual set-ups.

Compliance Management Cyberoam virtual security appliances segregate and secure traffic and data in virtualized environments, enabling organizations and MSSPs to meet regulatory requirements. Identity-based logs and reports with the on-appliance reporting feature supports display of compliance.

Centralized Management Organizations have the flexibility to deploy individual and a mix of hardware and virtual security appliances in their network infrastructure, which can be managed centrally using the virtual Cyberoam Central Console.

Complete Virtual Security Solution Cyberoam virtual security appliances, along with other security offerings like the virtual Cyberoam Central Console and Cyberoam iView software, offer a complete virtual security package to organizations.

Cyberoam secures all types of virtualization scenarios with its virtual network security appliances.

Virtual Data Center

In cases where the hypervisor management console is placed in live production virtual environment due to lack of segmentation within virtual environments, virtual networks are prone to attacks like hyperjacking; exploits attacking vulnerabilities in hypervisor, management console, hypervisor & Guest OS; security risks arising out of loss of separation of duties between security/network security and operations; and attacks on virtualized servers and web-facing applications. With an external hardware security appliance that lacks the ability to scan traffic within the virtual environments, organizations are left with blind spots in their networks. Cyberoam virtual security appliances, offering consolidated network security, can scan traffic within the virtual environments and allow granular firewall and security policy enforcement on inter-VM traffic, besides allowing logs and reports, which enables the virtual data center to display and manage compliance requirements

Enterprise/MSSP "Security-in-a-Box"

Enterprises and MSSPs face the challenge of handling the growth and expansion of their business or customers’ business that requires immediate capacity upgrades. Those managing multiple virtual appliances for security of their own/ customers’ networks need a centralized security management solution for consistent security policies across branch offices and customer networks along with a centralized logging and reporting solution. Cyberoam virtual security appliance (Next-Generation Firewall/UTMs) consolidates the security requirements of branch offices/ multiple customer networks into a virtual security appliance that offers comprehensive virtual security. Its easy upgrade enables enterprises and MSSPs to upgrade their subscription services in no time and respond immediately to the rising security needs of their branch offices and customers. Cyberoam offers a complete virtual security solution to enterprises/MSSPs with Cyberoam virtual network security appliances, virtual Cyberoam Central Console for centralized management and Cyberoam iView software for centralized logging and reporting.

Security in Virtual office or "Office-in-a-Box"

Users connecting to an ‘Office-in-a-Box’ network using multiple devices, specifically their personal devices that lack security, increase the risk of security threat in the entire virtual network. User-based access controls become even more important in a virtual office set-up or a Virtual Desktop Infrastructure (VDI). Cyberoam’s Layer 8 Identity-based security policies over user authentication, service authorization and reporting (AAA) secure the Zero Trust virtual networks. Cyberoam’s user-based controls enable controlled access to network resources. For users working from home, Cyberoam virtual security appliances’ VPN feature allows a threat-free tunnel for secure access to network resources.