Sophos Cyberoam UTM Reviews

Cyberoam is our low-end product that we use for smaller customers or ones where application security is not a priority. Cyberoam has good AD integration for user configuration and web controls which we like a lot and it’s easy to manage and maintain.  We mostly use the virtual models in VMware.

The virtual cyberoam has allowed us to segment our cloud customers via a virtual firewall instance per customer as a second level of security behind our primary systems firewalls.  This allows the customer granular controls at their level and then allows us overriding controls at a parental level.  Makes for great security.

You can now load the Sophos software onto a Cyberoam box to use the new feature set, although it would be nice if it came with it.

Sophos bought Cyberoam a short while ago and they have amalgamated the Sophos technologies with the existing Sophos ones and some from astaro which they previously bought..  So there is now a Sophos firmware which you can install onto the Cyberoam instead of the Cyberoam one. Because it’s Linux based it’s very portable.

Great product for the price.

Cyberoam was bought by Sophos and the new Sophos firewalls take the next step adding more functionality and capability in the box. Cyberoam was bought by Sophos and the new Sophos firewalls take the next step adding more functionality and capability in the box.  

• Management Console
• Security
• Bandwidth management

I've used it for six years.

Yes once when we updated a new firmware, then we again rolled back to previous one.

Customer Service:

Customer service is very poor.

Technical Support:

They have good technical support.

When we purchased it, it was complex, but now it’s straightforward. The SSO is introduced in our premise only. At that time we only had the requirement of SSO.

The first time through the vendor, and the second time our own in house team did it.

Pricing and licensing is high.

• Web filtering
• Application filtering
• IPS
• QoS

I used to work for a Cyberoam distributor. In one of my projects, I deployed it in a university with 1500 users (students), all of whom had different QoS and web category policies, different authentication policies. I then had to connect the university’s branches, in different cities, with a Site to Site VPN using AD authentication available for just the account. This was to restrict access only to the accounting application server of the other branch. It was quite complicated to do, but it was very successful.

In another project for a bank, I secured a banking application server and attached a database using two Cyberoam devices on the edge, with a Juniper device in the middle. This was for securing three different segments - internal users, internal developers and external visitors. The final topology was so secure that, even for some testing purposes, we were not able to break in to change the configuration and access the system as a third party.

Not very often, but there are some minor bugs in the products. I think their quality control can improve.

I’ve used it since 2008, so seven years so far.It is a complex product so I’d rate the performance and number of features as 10/10, and 7/10 for the consistency and programing.

Generally speaking, the Cyberoam development is quite simple, easy and straight forward. Overall it depends on the network complexity.

Compared to a Cisco router, Cyberoam UTMs need to be restarted more often. From my point of view, this is acceptable, since many aspects of the product functions in layer seven, while a Cisco router just routes!

Since all the products models from the smallest to the strongest have the same features and capabilities, I can say that the product is extremely scalable. However, if you need to upgrade the whole device to a stronger model, I would say scalability is 8/10, which considering the differences between the number of ports in different models (I could even give 9/10, but let’s stay with 8/10!).

Customer Service:

It really depends on the retailer, representative and local distributor. Nothing much to say.

Technical Support:

One of the most considerable advantages of Cyberoam over the competitors is the after sales support. The 24/7 support assists the customers, even from minor to very major issues, and they chase up the issue until the final resolution by email and phone. They are really trustworthy.

In a different continent, a different company, and as a customer (not a distributor) I still used the same brand, Cyberoam! It’s cheap, flexible, easy to configure and easy to manage.

I’ve been using the product for ages and I have deployed it in hundreds of networks and complexities. However, using the configuration wizard, the initial configuration is extremely easy and straightforward (depending on the network complexity of course).

I have always installed it myself.

It's hard to estimate, as it depends on the complexity, and scale of the network.It takes anywhere from one day to less than a week in normal situations.

I have evaluated Juniper, WatchGuard and a couple of minor brands. So far, I can still raise the flag of Cyberoam.

Since the features on the model are the same, and it is just the hardware that gets improved for higher models, I usually advise a model one and a half times bigger than the number of the network users. For instance a 1000 user network can be easily served by a 1500NG. However based on my experience, since not all the users are active simultaneously, even 1 to 1 is sufficient. Considering the capability of HA, expansion is simple if needed.

There are many features that are valuable, but the Bandwidth Management and Web/Application Filter policies are the most valuable.

It has minimized the bandwidth consumption as a result of which many other applications run smoothly.

The most important improvement Cyberoam needs is the multiple ISP segregation.

I used this solution from 2012 through 2014.

Sometimes the proxy server turns idle, then we need to restart the service.

Customer Service:

It's one of the best.

Technical Support:

It's one of the best.

I have not used a previous solution.

The initial setup is straightforward and simple.

We used a vendor team.

• Firewall rules
• Full control on access management
• It's simple

The scalability needs work.

I've used it for four years.

No issues encountered.

No issues encountered.

It needs improvement.

Customer Service:

8/10.

Technical Support:

8/10.

We used Cisco, but it was complicated and expensive so we switched.

We used a vendor to do the implementation, and they were 8/10.

Cisco

The UTM features. It’s a one stop IT security solution managed from the Cyberoam Central Console (CCC).

Dealing with security threats is a lot easier as it’s less of a CLI interface, and more of a GUI.

I’ve used it for 12 months.

I met the whole system working when I resumed duty as a Network Security Support Engineer 12 months ago.

Since I resumed my post, the entire Cyberoam system has been stable.

Since I resumed my post, the entire Cyberoam system has been stable.

Customer Service:

8/10.

Technical Support:

8/10.

I met an already functional system when I resumed my present appointment.

I was made to understand that implementation was an in-house arrangement.

• Cost effectiveness
• Easier to manage
• Turnaround time in getting issues resolved faster

The product is very good and very near perfect in terms of service delivery, cost effectiveness and manageability.

Outstanding and must have product for efficient and effective network security. Cyberoam is the only identity-based UTM solution. It offers a well-coordinated protection through tightly integrated security solutions over a single interface.Most UTMs only offer IP-address based security. Cyberoam is the only UTM solution that offers user identity-based security, protecting enterprises from unpredictable, insider threats.Functioning with Layer 8 technology, Cyberoam gives complete visibility into “Who is doing What” in the network and allows policies to be created at the user level based on work profiles. Considering Active High Availability, load balancing, failover mechanism, bandwidth management capabilities and other features, it is worth buying.

Policy configuration and implementation is a bit lengthy process. Nothing else of any significance that we found but yes, it is a bit pricey.

After implementing Cyberoam UTM in our data-center. We tested it by initiating various kind of DDOS attacks. Cyberoam identified every attack, notified us about it and prevented the network from any kind of damage and disturbance. It controls bandwidth to a great extent by use of policy for single user to groups. Easy deployment, good hardware specification, classy reporting tools, no user count restrictions etc. A features-packed and powerful UTM appliance at the higher end of the price spectrum, but worth it.

Cyberoam UTM appliances work for small, medium and enterprise networks of your organization. It’s a complete hardware firewall with a bandwidth management utility. The internet web filtering facility is available with a group base and a user base in UTM. You can also monitor user activity over the internet and all URL logging with UTM. You can restrict the user, by prohibiting them from unwanted URL categories like jobs, sports, matrimonial, etc. The bandwidth usage graph can be sorted by user, group, entire organization, daily, weekly, and monthly, allowing you to make decisions about increasing bandwidth for organizations. Fail over facility is also available and therefore if any one ISP is disconnected, it is automatically switched over to an ISP2. Backup and restore facilities are available allowing you to take an entire configuration backup and then restore everything if there are problems.

This UTM comes with the user base license so you may have to purchase a different model according to your user numbers. Its costs are high. They provide first year support for free then after that they charge for support. An upgrade charge will be also applicable.

UTM has all the necessary features to manage internet connectivity and security. It provides protection against spam and threat attacks. Their development team is very busy developing new features so that more technical facilities will be available in the new version.