111427201-CR-vs-Cisco-ASA

8/12/2019 111427201-CR-vs-Cisco-ASA

1/7

Cyberoam vs. Cisco ASA 5500 Series i

Features Comparison

(Based on Datasheets)

CyberoamCR 15i, 15wi, 25i, 25wi 25ia,35ia, 35wi, 50ia, 100ia, 200i,

300i, 500ia, 750ia, 1000ia,1500ia, 2500ia

Cisco ASA 5500 Series5505 Base/ Security Plus,5510 Base/ Security Plus,

5520, 5540, 5550, 5580-20,5580-40, 5585-X with SSP-10,20,40 ,60

Security - Firewall, Intrusion Prevention System, Application Filtering

Cyberoam shield Firewall Decision Parameters- Identity, Group, MAC and IP

Address, Services based Number of IPS signatures 3000+ Application Categories- 11+ e.g. Gaming, IM, P2P, Proxy

Benefits Access to vital resources based on users identity Protection against internal and external intrusion attempts Protection against Denial of Service attacks Provide business friendly environment to critical applications

Stateful Inspection Firewall Yes Yes

Appliance Deployment Modes:Gateway (Route), Transparent(Bridge)

Yes Yes

Application Visibility and ControlYes, IP Address and User based

controlYes

Intrusion Prevention System(Checkmark Certified) Yes

Not Certified, needs AIP SSC and AIP

SSM (Advanced Inspection andPrevention Security Services Module

and Card)

Identity-Based IntrusionPrevention System

Yes, with Multiple IPS Policy Support Yes

DoS and DDoS Prevention Yes Yes

Instant Messaging Control

IP Address and User based individualand Group control over Webcam, File

Transfer, Voice and Text ChatCommunication

YesSecurity - Web Content Filtering

Cyberoam Shield:82+ URL categories covering millions of websites

Benefits URL, keyword, File type block Blocks Malware, Phishing, Pharming URLs, Java Applets, Cookies

and Active X Data leakage control via HTTP, HTTPS upload Provides Schedule-based access control Custom block messages per category

Identity- Based Web ContentFiltering ( Checkmark Certified) Individual user and Group based

Not Certified. Need to purchase PlusLicense of CSC-SSM (Content Security

and Control). CSC SSM offers URLfiltering through Trend Micro

CSC-SSM hardware supports ASA5510, 5520 and 5540 only

8/12/2019 111427201-CR-vs-Cisco-ASA

2/7

Cisco ASA 5500 SeriesCyberoam

5505 Base/ Security Plus,CR 15i, 15wi, 25i, 25wi 25ia,Features Comparison

(Based on Datasheets)5510 Base/ Security Plus,

35ia, 35wi, 50ia, 100ia, 200i,5520, 5540, 5550, 5580-20,

300i, 500ia, 750ia, 1000ia,5580-40, 5585-X with SSP-10,

1500ia, 2500ia20,40 ,60

Web and Content FilteringDatabase Strength

Excellent (82+ Categories)80+ categories, Need to purchase

Plus License of CSC-SSM.

Domain Name based HTTPSFiltering

Yes No

Phishing Protection Yes (Blocks emails and Web traffic)Need to purchase Plus License of

CSC-SSM

Pharming Protection Yes Yes

Spyware Sites Protection YesNeed to purchase Plus License of

CSC-SSM

Anonymous Proxy Protection Yes No

Data Leakage Prevention Yes No

Embedded URL Filtering Yes No

Search Engine Safe SearchEnforcement

Yes No

Security - Web Application Firewall

Cyberoam Shield: Positive Protection model Unique "Intuitive Website Flow Detector" technology

Benefits Protection against SQL Injections, Cross-site Scripting (XSS),

Session Hijacking, URL Tampering, Cookie Poisoning

On-Appliance Web ApplicationFirewall

Yes Does not have WAFWAF Management

WAF can be configured and managedfrom UTM interface

Does not have WAF

Positive Protection Model withoutSignatures

Yes Does not have WAF

Intuitive Website Flow Detector Yes Does not have WAF

Security - Anti Spam

Cyberoam Shield: IP Reputation Filters RPD (Recurrent Pattern Detection) Technology Spam Detection Rate 98% False Positive Rate 1 in 1 million

Benefits Blocks 80% spam before downloading to the mail server Zero hour response to email threats

Gateway Anti Spam (Checkmark

Premium Level Certified)Yes

Not certified. Need to purchase Plus

License of CSC-SSM

8/12/2019 111427201-CR-vs-Cisco-ASA

3/7




35ia, 35wi, 50ia, 100ia, 200i,5520, 5540, 5550, 5580-20,


1500ia, 2500ia20,40 ,60

IP Reputation Filters Yes Yes

Domain White-listingYes, to customize Cyberoam email

security shield as and when requiredNo

Identity-Based Anti Spam Yes Yes

Language and Content

Independent Anti Spam EngineYes No

Mail Virus Outbreak Detection Yes No

Gateway Anti Spam ProtocolsProtected

SMTP, POP3, IMAP Does not support IMAP

HTTPS Traffic Scanned formalware

Yes No

Self Service User BasedQuarantine for Spam Mails

Yes No

Security - Anti Virus

Cyberoam Shield : Number of Anti Virus Signatures 4 Millions Virus Catch Rate 99.5% Signature Update frequency 30 minutes Malware scanning upto 7 compression levels Scans more than 40 types of compressed files

Benefits Scanning of Web, Email, VPN and IM traffic Protection against Virus, Worm and Trojan Protection against Spyware, Malware and Phishing Customizable individual user scanning Scan and deliver by file size Block content by file types

Gateway Anti Virus (CheckmarkCertified)

YesNot certified, uses TrendMicro

InterScan

Identity Based Anti Virus Yes Yes

Self Service User BasedQuarantine for Virus Mails

Yes No

Gateway Anti Spyware

(Checkmark Certified) Yes

Not certified, uses TrendMicro

InterScan

Gateway Anti Virus ProtocolsProtected

HTTP, HTTPS, SMTP, POP3, IMAP, FTP Does not support IMAP

8/12/2019 111427201-CR-vs-Cisco-ASA

4/7




35ia, 35wi, 50ia, 100ia, 200i,5520, 5540, 5550, 5580-20,


1500ia, 2500ia20,40 ,60

Appliance Management

Cyberoam Shield : Plug n play UTM Interactive customizable GUI Multi-lingual GUI Role based access control Centralized management and upgrade support

Benefits: Reduced Opex and Capex Ease of use

Available Formats Appliance Appliance

Ease of Use Click here for demo Online Demo not available

Web 2.0 GUI Click here for demo Online Demo not available

Management Interface Web and CLI (TELNET, SSH) Web and CLI

Automated Windows Single SignOn

Yes Yes

Authentication, Authorization,Accounting

Local, Windows PDC, AD, LDAP, RSASecurID and Radius

Local, Windows PDC, AD, LDAP, RSASecurID and Radius

Central Management and UpgradeSupport

Cyberoam Central Console Yes

Secure Remote Access- Virtual Private Network

Cyberoam Shield: VPN IPSec, L2TP, PPTP and SSL* VPN Connection Redundancy

Benefits: Secure and clean VPN Connectivity any time, anywhere

Identity Based VPN Yes Yes

Checkmark Certified VPN Yes No

XAUTH Support For VPNLocal, Windows PDC, AD, LDAP, RSA

SecurID and RadiusYes

VPNC Basic and AES Certified VPNGateway Yes Information not published

VPN Connection Fail-Over Yes Yes
http://livedemo.cyberoam.com/corporate/webpages/login.jsphttp://livedemo.cyberoam.com/corporate/webpages/login.jsphttp://livedemo.cyberoam.com/corporate/webpages/login.jsphttp://livedemo.cyberoam.com/corporate/webpages/login.jsphttp://livedemo.cyberoam.com/corporate/webpages/login.jsphttp://livedemo.cyberoam.com/corporate/webpages/login.jsp

8/12/2019 111427201-CR-vs-Cisco-ASA

5/7




35ia, 35wi, 50ia, 100ia, 200i,5520, 5540, 5550, 5580-20,


1500ia, 2500ia20,40 ,60

Resource Monitoring and Management Bandwidth Management

Cyberoam Shield: Application, Web Category and User Identity based Bandwidth

Management Guaranteed & Burst-able bandwidth policy Application & User Identity based Traffic Discovery

Benefits: Increased productivity Monitoring and controlling of bandwidth usage

Granular Bandwidth ManagementIP Address, User, Web Category,Application, Application Category

based

Supports QoS

Bandwidth (Data Transfer) Quota Yes No

Connectivity Load Balancing, High Availability and Networking

Cyberoam Shield: Failover - Automated Failover/Failback, Multi-WAN failover 3GModem failover WRR based Load balancing IPv6 Ready Gold Logo

Benefits: Uninterrupted business connectivity Load balancing for n number of links, based on ports availability Ready to handle next generation network traffic

Server Load Balancing Yes No

Multiple ISP Load BalancingYes, number of links depends on

number of ports available onappliance

Supports Network Load balancing

Rule based ISP Gateway Fail-Over Multiple rules and protocol supported Yes

High AvailabilityActive-Passive / Active-Activewith stateful failover support

Not supported in 5505Active-Standby / Active-Active

Does not support stateful failover

Dynamic Routing RIPv1, RIPv2, OSPF, BGP Yes

802.1q VLAN Tagging Yes Yes

VLAN over WAN Yes No3G and Wimax (WWAN) Support Yes No

Security over WiFi (WLAN) Yes No

Visibility Logging and Reporting

Cyberoam Shield:

1000+ Reports, 45+ Compliance Reports Multiple format support Graphical and Tabular Exportable Formats - PDF and MS Excel Multiple Dashboards Report Scheduling

Benefits Complete visibility of network, resources and users

On-Appliance Reporting**Yes, Web Based Report Engine, No

extra costNo

8/12/2019 111427201-CR-vs-Cisco-ASA

6/7

Features Comparison

(Based on Datasheets)

CyberoamCR 15i, 15wi, 25i, 25wi 25ia,35ia, 35wi, 50ia, 100ia, 200i,300i, 500ia, 750ia, 1000ia,

1500ia, 2500ia

Cisco ASA 5500 Series5505 Base/ Security Plus,5510 Base/ Security Plus,

5520, 5540, 5550, 5580-20,5580-40, 5585-X with SSP-10,

20,40 ,60

Compliance Reports HIPAA, GLBA, SOX, PCI, FISMA NoSyslog Support Yes up to 5 syslogs Yes

External Reporting

Indigenously Designed Logging andReporting Solution - Cyberoam iViewwhich provides In-depth logging andreporting for multiple devicesapartfrom Cyberoam

Open Source CyberoamiView

Cyberoam iView Appliance

Cyberoam-iView provides reports forCisco ASA

Comprehensive user wise blendedreporting

Yes Not Comprehensive

Instant Messenger Logging andReporting

IP Address and User based individualand Group Logging and Reporting ofWebcam usage, File Transfer, Voiceusage and Text Chat Communication

No

Multi WAN bandwidth reporting Yes No

HTTP Upload Report Yes No

Extensive Logging and Log Viewer Yes No

Data transfer reporting Yes No

Application Traffic Discovery IP Address and User based No

Transparent Mail activity reporting

Sends one copy of the email on apreconfigured email address forarchiving and forensic analysis

purpose

No

Version 1.2-10.01.2158-4/04/2012
http://www.cyberoam-iview.org/http://www.cyberoam-iview.org/http://www.cyberoam-iview.org/http://www.cyberoam-iview.com/http://www.cyberoam-iview.com/http://www.cyberoam-iview.com/http://www.cyberoam-iview.org/http://www.cyberoam-iview.org/

8/12/2019 111427201-CR-vs-Cisco-ASA

7/7

Cyberoam Certifications and Awards

iSource of information

http://www.cyberoam.com

http://www.cisco.com/en/US/products/ps6120/index.html

Disclaimer1. * Available only in CR 25ia, CR50ia, CR100ia, CR200i, CR300i, CR 500ia, CR 750ia, CR1000ia, CR1500ia and 2500ia Appliances2. **Only for the previous day for CR15i Appliances3. This comparison is based on our interpretation of the publicly available information as on date of preparing this comparison. The features /

characteristics of the subject product under comparison, which may have direct impact on the accuracy and / or validity of this comparison, arelikely to change without prior notice. The information contained in this comparison is and intended to provide broad consumer understanding andknowledge of factual information of various products. This comparison is merely our opinion / interpretation, which may be subject to furthermodification / rectification in future in case of receipt of any fact / information regarding the subject products under comparison. People usinginformation should also research original sources of information and should not rely only upon this comparison while selecting any product. Thiscomparison is not exhaustive and may not be accurate. Elitecore makes no warranty as to the reliability, accuracy, usefulness, or completeness ofthe comparison. The materials / information in this comparison are provided "as is" and without warranties of any kind either expressed or implied.To the fullest extent permissible pursuant to applicable law, Elitecore disclaims all warranties of accuracy or otherwise in respect of the comparison.Elitecore does not warrant or make no representations regarding the use of or the result of the use of the comparison in terms of their correctness,accuracy, reliability, or otherwise. Elitecore retains the right to revise these rules / conditions at any time. This document is confidential andintended for private circulation only.
http://www.cyberoam.com/http://www.cisco.com/en/US/products/ps6120/index.htmlhttp://www.cisco.com/en/US/products/ps6120/index.htmlhttp://www.cyberoam.com/

111427201-CR-vs-Cisco-ASA

Documents

Transcript of 111427201-CR-vs-Cisco-ASA