Advertisment

Sophos CR10iNG UTM Review

Read the full UTM review, which is easy to setup UTM comes at affordable price point with several security features and protects the network from the various threats.

author-image
Ashok Pandey
New Update
Cyberoam CR10iNG
  • Overall Rating

  • Performance

  • Features

  • Price

Price : ₹ Total Value Subscription: 20,000/Year

Key Specs

    2 USB and 4 ethernet ports, Multiple Link Management, VPN, 3G/4G/WiMAX Connectivity, IPv6 Ready, 1.8 GHz Atom CPU, 1 GB of system memory, a 4 GB CompactFlash card

Pros : Easy to setup, user-friendly web console, numerous preconfigured policies, effective protection

Cons : None

Bottomline : Sophos CR10iNG UTM is a viable appliance that can protect networks against malware. The compact device can be setup easily and its web console lets you configure policies easily as well as provides you with detailed reports. The appliance is capable of protecting the network against various threats as well as attacks such as DoS.

Advertisment

Sophos CR10iNG security appliance is made keeping the business security demands in mind as well as the growing risk from several threats. Additionally, this provides wired and wireless network functionality as well as anti-spam, content filtering, anti-virus, intrusion detection and prevention, anti-spyware, SSL VPN services along with a powerful firewall.

The CR10iNG has the 7 layer technology that includes Application, Presentation, Session, Transport, Network, Data-Link, and Physical, additionally it treats “User Identity” as the 8th Layer in the protocol stack.

The space saving design and easy to setup web console: The CR10iNG hardware is equipped with a 1.8 GHz Atom CPU, 1 GB of system memory, a 4 GB compact flash card for the OS and a trio of Gigabit ports. When it comes to security services, you can choose between the Security Value Subscription (SVS) or the Total Value Subscription (TVS). In which Security Value Subscription (SVS) includes Gateway Anti-Virus & Anti-Spyware, Intrusion Prevention System, Web & Application Filtering (Web Filtering & Application Visibility & Control) and 8 x 5 Email, phone and chat Tech Support. And Total Value Subscription (TVS) includes Gateway Anti-Virus & Anti-Spyware, Intrusion Prevention System, Web & Application Filtering (Web Filtering & Application Visibility & Control), Gateway Antispam and 8 x 5 Email, phone and chat Tech Support.

Advertisment

This has the capability to function in two modes – Gateway or Bridge. When deployed in Gateway mode, it acts as a Gateway for the networks to route the traffic, while when deployed in bridge mode can work as a layer 2 (transparent bridge) or layer 3 bridge. Depending on the network requirement, this can be setup easily using the web-based user-friendly interface.

Using its web console quick stat wizard we set up the device in our existing network. The web console lets us set up the network ports and provides the option of a passive monitoring mode or applying a choice of predefined security policies.

This comes with Sophos’s identity-based security or layer 8th security. Using this added security layer, admin can create a permanent profile for the user which makes all future authentication possible based on identity-based decision parameters such as username, IP address, MAC address and session ID. Using the credentials, the user can get access to The internet based on various usage parameters including access time, Internet quota, security policies, web filtering, etc. Also, the user profile can't is changed, no matter what machine he/she operates from in the organization.

Advertisment

Securing the network

Setting up the appliance is fairly simple, in our test setup we used the gateway mode. We created a network utilizing just two ports (LAN and WAN). Then we registered the product using the key so that it can be synchronized with the Sophos servers and update the firmware as well as latest signatures of viruses, spyware, spam, etc.

The appliance works as a firewall as well as can protect websites and web-based applications from Application Layer (Layer 7) attacks like SQL injection, cross-site scripting (XSS), URL parameter tampering, etc. This can work with Ipv6-based URLs. Its IPS provides protection against DoS attacks, backdoor activity, blended threats, etc.

Advertisment

To test anti-virus capabilities of this device, we created a Windows machine with Apache web server running on it and then dumped different types of viruses (macros, zipped files, etc). We tried to download these viruses from a machine behind CR10iNG. For effective scanning and blocking, click on ‘ANTI VIRUS>HTTP’ (we used HTTP protocol for downloading viruses) and change the scan mode to batch mode. Now while we tried to download viruses we found out that over 85% of those viruses were blocked.

To test DoS capabilities, we used a Windows 7 and Kali 1.1.0 machines, and setup a server. To flood the server, we used LOIC tool as well as used Kali flood commands. First we began with LOIC (DOS attacking tool) and ping our local server. The appliance protected the server and tool was unable to attack our server, Similarly using the Kali flood commands we tried to attack the server, and again it protected the server.

To test anti-spam capabilities, we created a POP3 server using Microsoft Windows Server 2003, and created a test domain with a test user, and dumped spam mail in the mailbox (on the WAN side). Next, we downloaded these emails from a mail client on the LAN side. But before doing this, we created a few rules by clicking on ‘ANTI SPAM>Spam Rules’. Once we downloaded these emails we found that more than 95% of them were scanned and tagged by CR10iNG.

Advertisment

Besides checking these capabilities, we also found that CR10iNG was quite capable of blocking harmful websites like porn sites. But no matter how good an enterprise-class UTM is, it should provide elaborate reports on harmful activities. To check such activities, click on ‘LOGS & REPORTS> View Reports.’ This would redirect you to ‘Sophos iVIEW.’ Here log in and you can find all the necessary reports in a graphical manner for future analysis and immediate action.

The web UI provides detailed logs of all activity. It's light footprint had no adverse effects on our host machine and performed well in all our security tests. Its iView console provides get the detailed graphs on web filtering, antivirus, anti-spam and more. A useful feature is the ability to view specific user activity, so you can see all web categories, domains, and sites an individual has attempted to access.

sophos review cyberoam utm-review
Advertisment

Stay connected with us through our social media channels for the latest updates and news!

Follow us: