Call a Specialist Today! 888-785-4405

Cyberoam CR25wiNG
Future-ready Security with Wi-Fi Access Point for SOHO/ROBO networks


Cyberoam – a Sophos Company, secures organizations with its wide range of product offerings at the network gateway. For the latest Cyberoam products, please visit our Sophos's store EnterpriseAV.com


Cyberoam CR25wiNG

Sorry, this product is no longer available, please contact us for a replacement.


Overview:

CR25wiNG is the Next-Generation Unified Threat Management appliance with Wi-Fi access points that offer “the fastest UTMs made for SMBs” to small offices, with high performance security over WLAN. CR25wiNG appliances come with 3x3 MIMO technology that greatly enhances wireless range and performance. It supports 802.11n/b/g wireless standards. Combined with security over wired networks offered by its range of UTM appliances, Cyberoam enables organizations to overcome the physical limitations of securely accessing network resources and offers more user flexibility, user productivity and lower network ownership costs.

The best-in-class hardware along with software to match, enables the NG series to offer unmatched throughput speeds, compared to any other UTM appliance in this market segment. This assures support for future IT trends in organizations like high-speed Internet and rising number of devices in organizations – offering future-ready security for small office networks.

Cyberoam's Layer 8 technology that treats user-identity as the 8th Layer or the HUMAN layer in the protocol stack, works even in WLAN environments, to allow Identity-based security policies in dynamic IP environment.

Cyberoam's Layer 8 technology

Cyberoam UTM features assure Security, Connectivity, Productivity

SecuritySecurity

Network Security

  • Firewall
  • Intrusion Prevention System
  • Wireless Security

Content Security

  • Anti-Virus/Anti-Spyware
  • Anti-Spam (Inbound/Outbound)
  • HTTPS/SSL Content Security

Administrative Security

  • Next-Gen UI
  • iView- Logging & Reporting

ConnectivityConnectivity

Business Continuity

  • Multiple Link Management

Network Availability

  • VPN
  • 3G/4G/WiMAx Connectivity

Future-ready Connectivity

  • "IPv6 Ready" Gold Logo

ProductivityProductivity

Employee Productivity

  • Content Filtering
  • Instant Messaging Archiving & Controls

IT Resource Optimization

  • Bandwidth Management
  • Traffic Discovery
  • Application Visibility & Control

Administrator Productivity

  • Next-Gen UI

Hardware UTM Appliances for Small & Branch Offices:

Cyberoam UTM appliances deliver unified security over a single console, enabling small offices to shift from plain firewalls to comprehensive UTM protection with cost-effective, yet powerful security against malware, spam, Trojans, DoS, DDoS, phishing, pharming and intrusions. At the same time, large organizations can implement uniform security and gain high visibility into remote and branch offices with centralized management and Layer 8 Identity-based security. These offices also gain secure remote access, redundant WAN connectivity and availability, data leakage protection and advanced networking features.

Product Features
Stateful Inspection Firewall
VPN (SSL VPN & IPSec)
Intrusion Prevention System
Anti-Virus & Anti-Spyware
Anti-Spam
Outbound Spam Protection
 Web Filtering
Bandwidth Management
Application Visibility & Control
Web Application Firewall
3G / 4G / WiMAx Connectivity
IM Archiving & Controls		 Multiple Link Management
On-Appliance Reporting
IPv6 Ready
Wi-Fi Appliances

Product Features


  CR15wiNG CR25wiNG CR35wiNG CR15iNG CR25iNG CR35iNG
Hardware Specifications
Copper GbE Ports 3 4 6 3 4 6
Console Ports (RJ45) 1 1 1 1 1 1
USB Ports 2 2 2 2 2 2
Hardware Bypass Segments# - - - - - -
Configurable Internal/DMZ/WAN Ports Yes Yes Yes Yes Yes Yes
System Performance*
Firewall Throughput (UDP) (Mbps) 1,000 1,500 2.300 1,000 1,500 2,300
Firewall Throughput (TCP) (Mbps) 750 1,000 2,000 750 1,000 2,000
New sessions/second 3,500 5,000 12,000 3,500 5,000 12,000
Concurrent sessions 60,000 150,000 350,000 60,000 150,000 350,000
IPSec VPN Throughput (Mbps) 110 210 250 110 210 250
No. of IPSec Tunnels 50 100 150 50 100 150
SSL VPN Throughput (Mbps) 50 75 100 50 75 100
WAF Protected Throughput (Mbps) -NA- 45 65 -NA- 45 65
Anti-Virus Throughput (Mbps) 180 300 525 180 300 525
IPS Throughput (Mbps) 140 200 350 140 200 350
UTM Throughput (Mbps) 80 110 210 80 110 210
Authenticated Users/Nodes Unlimited Unlimited Unlimited Unlimited Unlimited Unlimited
# If Enabled, will bypass traffic only in case of Power failure.
* Antivirus, IPS and UTM performance is measured based on HTTP traffic as per RFC 3511 guidelines. Actual performance may vary depending on the real network traffic environments.
Key Features
Layer 8 Identity-based policies   Role-based access at remote locations
Visibility into who is doing what
Comprehensive UTM Security Stateful Inspection Firewall
Intrusion Prevention System
Anti-Virus & Anti-Spyware
Anti-Spam
Web Filtering
Application Visibility & Control
On-appliance Reporting
Web Application Firewall
Outbound Spam Protection
Secure Remote Access    IPSec VPN
L2TP
PPTP
SSL VPN
WAN Connectivity & Availability   Bandwidth Management
Multiple Link Management
3G / WiMAx Support
Advanced Networking    Multi-core Processing
Extensible Security Architecture
Active-Active High Availability
IPv6 Ready Gold Certified
Wi-Fi Security  Wireless Standards IEEE 802.11 n/b/g (WEP, WPA, WPA2, 802.11i, TKIP, AES, PSK, 802.1x EAP)
Up to 8 bssid Access Points
Centralized Security Management   CCC Appliances
Cyberoam iView Open Source Solution – Logging & Reporting
Cyberoam iView Appliances – Logging & Reporting

Specifications:


Specification
Interfaces

Copper GbE Ports Configurable 4
Internal/DMZ/WAN Ports Yes
Console Ports (RJ45/DB9) 1
USB Ports 2

Built-in Wireless LAN

Wireless Standards IEEE 802.11 a/b/g/n (WEP, WPA,
WPA2, 802.11i , TKIP, AES, PSK)
Antenna Detachable 3x3 MIMO
Access Points Up to 8 bssid
Transmit Power (EIRP) 11n HT40 : +15dBm
11b CCK: +15dBm
11g OFDM:+15dBm
Receiver Sensitivity -68dBm at 300Mbps
-70dBm at 54Mbps
-88dBm at 6Mbps
Frequency Range 2.412 GHz - 2.472 GHz
5.200 GHz - 5.825 GHz
Number of Selectable Channels USA (FCC) - 11 channels,
EU (ETSI) / Japan (TELEC) - 13
channels
Data Rate 802.11n: up to 450Mbps,
802.11b: 1, 2, 5,5, 11Mbps,
802.11g: 6, 9, 12, 18, 24, 36, 48,
54Mbps

System Performance*

Firewall Throughput (UDP) 1,500 (Mbps)
Firewall Throughput (TCP) 1,000 (Mbps)
New sessions/second 5,000
Concurrent sessions 150,000
IPSec VPN Throughput 210 (Mbps)
No. of IPSec Tunnels 100
SSL VPN Throughput 75 (Mbps)
WAF Protected Throughput 45 (Mbps)
Anti-Virus Throughput 300 (Mbps)
IPS Throughput 200 (Mbps)
UTM Throughput 110 (Mbps)

Stateful Inspection Firewall

- Layer 8 (User - Identity) Firewall
- Multiple Security Zones
- Access Control Criteria (ACC) - User - Identity, Source & DestinationZone, MAC and IP address, Service
- UTM policies - IPS, Web Filtering, Application Filtering, Anti-Virus, Anti-Spam and Bandwidth Management
- Layer 7 (Application) Control &Visibility
- Access Scheduling
- Policy based Source &DestinationNAT
- H.323, SIPNATTraversal
- 802.1q VLAN Support
- DoS &DDoSAttack prevention
-M AC&IP-MAC filtering and Spoof prevention

GatewayAnti-Virus & Anti-Spyware

-Virus,Worm,Trojan Detection &Removal
- Spyware, Malware, Phishing protection
- Automatic virus signature database update
- Scans HTTP, HTTPS, FTP, SMTP, POP3, IMAP, IM, VPN Tunnels
- Customize individual user scanning
- Scan and deliver by file size
- Block by file types
-Add disclaimer/signature

GatewayAnti-Spam

- Inbound/Outbound Scanning
- Real-time Blacklist (RBL), MIME header check
- Filter based on message header, size, sender, recipient
- Subject line tagging
- IP address Black list/White list
- Redirect Spam mails to dedicated email address
- Image-based Spam filtering usingRPDTechnology
- Zero hour Virus Outbreak Protection
- IP Reputation-based Spam filtering

Intrusion Prevention System

- Signatures: Default (4500+), Custom
- IPS Policies: Multiple, Custom
- User-based policy creation
- Automatic real-time updates from CRProtect networks
- ProtocolAnomaly Detection
-DDoS attack prevention

Web Filtering

- InbuiltWeb Category Database
- URL, keyword, File type block
- Categories: Default(82+), Custom
- Protocols supported: HTTP, HTTPS
- Block Malware, Phishing, Pharming URLs
- Schedule-based access control
- Custom block messages per category
- Block JavaApplets, Cookies,Active x
- CIPA Compliant
- Data leakage control via HTTP, HTTPS upload

Application Filtering

- Inbuilt Application Category Database
- 11+ Application Categories: e.g. Gaming, IM, P2P, Proxy
- Schedule-based access control
- Block

- P2Papplications e.g. Skype
-Anonymous proxies e.g. UItra surf
- “Phone home” activities
- Keylogger
- Layer 7 (Applications) & Layer 8 (User - Identity) Visibility

Web Application Firewall

- Positive Protection model
- Unique "Intuitive Website Flow Detector" technology
- Protection against SQL Injections, Cross-site Scripting (xSS), Session Hijacking, URL Tampering, Cookie Poisoning
- Support for HTTP 0.9/1.0/1.1
- Extensive Logging & Reporting

Virtual Private Network

- IPSec, L2TP, PPTP
- Encryption - 3DES, DES, AES, Twofish, Blowfish, Serpent
- HashAlgorithms - MD5, SHA-1
- Authentication - Preshared key, Digital certificates
- IPSec NAT Traversal
- Dead peer detection and PFS support
- Diffie Hellman Groups - 1,2,5,14,15,16
- External Certificate Authority support
- Export RoadWarrior connection configuration
- Domain name support for tunnel end points
- VPNconnection redundancy
- Overlapping Network support
- Hub &SpokeVPNsupport

SSL VPN

-TCP&UDPTunneling
-Authentication -Active Directory, LDAP, RADIUS, Cyberoam
- Multi-layered ClientAuthentication
- Certificate, Username/Password
- User &Group policy enforcement
- Network access
- Split and Full tunneling
- Browser-based (Portal)Access
- Clientless access
- Lightweight SSLVPNTunneling Client
- Granular access control to all the Enterprise Network resources
-Administrative controls - Session timeout, Dead Peer Detection, Portal customization
- TCP- basedApplicationAccess - HTTP, HTTPS, RDP,TELNET,SSH

Instant Messaging (IM) Management

-Yahoo and Windows Live Messenger
-Virus Scanning for IM traffic
-Allow/Block Login
-Allow/Block FileTransfer
-Allow/BlockWebcam
-Allow/Block one-to-one/group chat
- Content-based blocking
- IM activities Log
- Archive files transferred
- CustomAlerts

WirelessWAN

-USBport 3G/4G and Wimax Support
- PrimaryWANlink
-WANBackup link

Bandwidth Management

- Application and User Identity based Bandwidth Management
- Guaranteed &Burstable bandwidth policy
- Application & User Identity based Traffic Discovery
- MultiWANbandwidth reporting
- Category-based bandwidth restriction

User Identity and Group Based Controls

- Access time restriction
-Time and Data Quota restriction
- Schedule based Committed and Burstable Bandwidth
- Schedule based P2Pand IM Controls

Networking

- Failover - Automated Failover/Failback, Multi-WAN failover, 3GModem failover
-WRRbased load balancing
- Policy routing based onApplication and User
- IP Address Assignment - Static, PPPoE, L2TP, PPTP & DDNS Client, Proxy ARP, DHCP server, DHCP relay
- Support for HTTPProxy
- Dynamic Routing: RIP v1& v2, OSPF, BGP, Multicast Forwarding
- Parent Proxy support withFQDN
- “IPv6 Ready” Gold Logo

Administration & System Management

-Web-based configuration wizard
- Role-based access control
- Firmware Upgrades viaWeb UI
- Web 2.0 compliant UI (HTTPS)
- UI Color Styler
- Command Line Interface (Serial, SSH,Telnet)
- SNMP(v1, v2c, v3)
- Multi-lingual support: Chinese, Hindi, French, Korean
- CyberoamCentral Console (Optional)
- NTPSupport

User Authentication

- Internal database
- Active Directory Integration
- Automatic Windows Single Sign On
- External LDAP/RADIUS database integration
- Thin Client support - Microsoft Windows Server 2003 Terminal Services and Citrix xenApp
- RSAsecurID support
- ExternalAuthentication - Users andAdministrators
- User/MAC Binding
- MultipleAuthentication servers

Logging/Monitoring

- Graphical real-time and historical monitoring
- Email notification of reports, viruses and attacks
- Syslog support
- Log Viewer - IPS, Web filter, Anti Virus, Anti Spam,
Authentication, System and Admin Events

On-Appliance Cyberoam-iView Reporting

- Integrated Web-based Reporting tool
- Cyberoam-iView
- 1000+ drilldown reports
- 45+ Compliance Reports
- Historical and Real-time reports
- Multiple Dashboards
- Username, Host, Email ID specific Monitoring Dashboard
- Reports - Security, Spam, Virus, Traffic, Policy violations, VPN, Search Engine keywords
- Multi-format reports - tabular, graphical
- Exportable formats - PDF, Excel
- Automated Report Scheduling

IPSecVPNClient**

- Inter-operability with major IPSecVPNGateways
- Supported platforms: Windows 2000, WinxP 32/64-bit, Windows 2003 32-bit, Windows 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 RC1 32/64-bit
- Import Connection configuration

Certification

- ICSAFirewall - Corporate
- CheckmarkUTMLevel 5 Certification
-VPNC- Basic andAESinteroperability
- “IPv6 Ready” Gold Logo

Hardware Specifications

Memory 1GB
Compact Flash 4GB
HDD 250GB or higher

Compliance

-CE
-FCC

Dimensions

HxWxD(inches) 1.7 x 6 x 9.1
HxWxD(cms) 4.4 x 15.3 x 23.2
Weight 2.3kg, 5.07 lbs

Power

Input Voltage 100-240 VAC
Consumption 33.5W
Total Heat Dissipation (BTU) 114

Environmental

OperatingTemperature 0 to 40 °C
Storage Temperature 0 to 75 °C
Relative Humidity (Non condensing) 10 to 90%

Concurrent VPN Sessions for Cyberoam UTM Appliances
Cyberoam Model IPSec VPN Tunnels IPSec Remote Access Users SSL VPN Tunnels
Cyberoam NG Series of Appliances
CR15iNG/CR15wiNG 50 15 30
CR25iNG/CR25wiNG 100 25 50
CR35iNG/CR35wiNG 150 35 75
CR50iNG 200 50 100
CR100iNG 250 100 200
CR200iNG 300 200 300
CR300iNG 400 300 400
CR2500iNG 3,000 2,500 3,000
Cyberoam i, ia, wi Series of Appliances
CR15i/CR15wi 22 15 Not Applicable
CR25ia/CR25wi 37 25 25
CR35ia/CR35wi 52 35 35
CR50ia 75 50 50
CR100ia 150 100 100
CR200i 300 200 200
CR300i 450 300 300
CR500ia 800 500 550
CR750ia 900 750 750
CR1000ia 1,500 1,000 1,000
CR1500ia 2,250 1,500 1,500
*Antivirus, IPS and UTM performance is measured based on HTTP traffic as per RFC 3511 guidelines. Actual performance may vary depending on the real network traffic environments.
**Additional Purchase Required. Inbound and Outbound Spam filtering cannot be used simultaneously.

Supports and Subscriptions:

Subscriptions:

  • Antivirus and Anti Spam Subscription: Protection against Internet and mail based malware
  • Comprehensive Value Subscription: Comprehensive Value Subscription includes Anti Malware, Anti Spam, Web and Application Filter, WAF, Intrusion Prevention System , 24x7 Support, hardware warranty and RMA fulfillment
  • Gateway Anti Spam: Zero-hour protection with industry’s highest spam detection capabilities
  • Gateway Anti Virus: Gateway level protection from viruses, worms and malicious code
  • Intrusion Prevention System: Protects from intrusion attempts, DoS attacks, malicious code transmission, backdoor activity and blended threats
  • Outbound Anti Spam: Protects service providers from recurring incidents of outbound spam in the network.
  • Security Value Subscription Plus: Cyberoam Security Value Subscription Plus includes Anti Malware, Web and Application Filter, Intrusion Prevention System , 24x7 Support, hardware warranty and RMA fulfillment
  • Security Value Subscription: Cyberoam Security Value Subscription includes Anti Malware, Web and Application Filter and Intrusion Prevention System, 8x5 Support, hardware warranty and RMA fulfillment
  • Total Value Subscription Plus: Cyberoam Total Value Subscription Plus includes Anti Malware, Anti Spam, Web and Application Filter, Intrusion Prevention System, 24x7 Support, hardware warranty and RMA fulfillment
  • Total Value Subscription: Cyberoam Total Value Subscription includes Anti Malware, Anti Spam, Web and Application Filter and Intrusion Prevention System, 8x5 Support, hardware warranty and RMA fulfillment
  • Web and Application Filter: Dependable web and application filtering to control and report non-work and malicious web and network traffic activity.
  • Web Application Firewall: Prevents exploitation of web applications vulnerabilities.

Supports

Basic 8x5 Support: 8x5 Phone, Email and Web Chat support with firmware upgrades , hardware warranty and RMA fulfillment

Premium Support 24x7: 24x7 Phone, Email and Web Chat support with firmware upgrades, hardware warranty and RMA fulfillment

  8x5 Basic Support 24x7 Premium Support
Technical Support
Timings 10AM - 6PM (Local Time Zone) Anytime during the day
Web Based Support Yes Yes
Phone Based Support Yes Yes
Chat Based Support Yes Yes
Number of support incidents per annual subscription Unlimited Unlimited
First Response Time 4 Hours 1 Hour
Onsite Support Services* - Fee Based Service
Software Support
Software & OS Upgrades and Patches Yes Yes
Hot Fixes and Enhancement upgrades Yes Yes
Signature & database update Yes Yes
Hardware Warranty
Limited Hardware warranty & Replacement Yes Yes
Return and Replacement policy 10 Days 4 Days
Advanced Hardware Replacement - Yes
Customer Portal
Product Documentation and Guides Yes Yes
Technical Trainings - CCNSP & CCNSE Certifications Fee Based Fee Based
Online Demo Yes Yes
Version Release Notes Yes Yes
Support Renewals
One, two and three (1, 2 and 3) Year Renewals Yes Yes

Download the Cyberoam Basic Support Plan Datasheet (PDF).

Download the Cyberoam Premium Support Plan Datasheet (PDF).

Documentation:

Download the Cyberoam CR25wiNG Datasheet (PDF).

Download the Cyberoam CR25wiNG-6P Datasheet (PDF).

Download the Cyberoam UTM Techsheet (PDF).