Upload
doandang
View
229
Download
0
Embed Size (px)
Citation preview
CCCYYYBBBEEERRROOOAAAMMM UUUSSSEEERRR GGGUUUIIIDDDEEE
VVVEEERRRSSSIIIOOONNN::: 666...000...000...000
IMPORTANT NOTICE Elitecore has supplied this Information believing it to be accurate and reliable at the time of printing, but is presented without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any products. Elitecore assumes no responsibility for any errors that may appear in this document. Elitecore reserves the right, without notice to make changes in product design or specifications. Information is subject to change without notice.
SOFTWARE LICENSE
The software described in this document is furnished under the terms of Elitecore’s software license agreement. Please read these terms and conditions carefully before using the software. By using this software, you agree to be bound by the terms and conditions of this license. If you do not agree with the terms of this license, promptly return the unused software and manual (with proof of payment) to the place of purchase for a full refund.
LIMITED WARRANTY
Software: Elitecore warrants for a period of ninety (90) days from the date of shipment from Elitecore: (1) the media on which the Software is furnished will be free of defects in materials and workmanship under normal use; and (2) the Software substantially conforms to its published specifications except for the foregoing, the software is provided AS IS. This limited warranty extends only to the customer as the original licenses. Customers exclusive remedy and the entire liability of Elitecore and its suppliers under this warranty will be, at Elitecore or its service center’s option, repair, replacement, or refund of the software if reported (or, upon, request, returned) to the party supplying the software to the customer. In no event does Elitecore warrant that the Software is error free, or that the customer will be able to operate the software without problems or interruptions.
DISCLAIMER OF WARRANTY
Except as specified in this warranty, all expressed or implied conditions, representations, and warranties including, without limitation, any implied warranty or merchantability, fitness for a particular purpose, non-infringement or arising from a course of dealing, usage, or trade practice, and hereby excluded to the extent allowed by applicable law. In no event will Elitecore or its supplier be liable for any lost revenue, profit, or data, or for special, indirect, consequential, incidental, or punitive damages however caused and regardless of the theory of liability arising out of the use of or inability to use the product even if Elitecore or its suppliers have been advised of the possibility of such damages. In the event shall Elitecore’s or its suppliers liability to the customer, whether in contract, tort (including negligence) or otherwise, exceed the price paid by the customer. The foregoing limitations shall apply even if the above stated warranty fails of its essential purpose. In no event shall Elitecore or its supplier be liable for any indirect, special, consequential, or incidental damages, including, without limitation, lost profits or loss or damage to data arising out of the use or inability to use this manual, even if Elitecore or its suppliers have been advised of the possibility of such damages.
RESTRICTED RIGHTS
Copyright 2000 Elitecore Technologies Ltd. All rights reserved. Cyberoam, Cyberoam logo are trademark of Elitecore Technologies Ltd. Information supplies by Elitecore Technologies Ltd. Is believed to be accurate and reliable at the time of printing, but Elitecore Technologies assumes no responsibility for any errors that may appear in this documents. Elitecore Technologies reserves the right, without notice, to make changes in product design or specifications. Information is subject to change without notice
Corporate Headquarters
Elitecore Technologies Ltd. 904 Silicon Tower, Off. C.G. Road, Ahmedabad – 380015, INDIA www.cyberoam.com
Cyberoam Installation Guide
Welcome to Cyberoam User Guide
Welcome to the user guide of Cyberoam, eLitecore Technologies Ltd.’s IT resource management software. Congratulations on the purchase of the IT resource management software - ‘Cyberoam’ and welcome to the Cyberoam family. This Guide helps you manage and customize Cyberoam to meet your organization’s various requirements including creating groups and users and assigning policies to control internet and printer access. Note that by default, Cyberoam Web Interface Username is ‘cyberoam’ and password is ‘cyber’. It is recommended that you change the default password immediately after installation to avoid unauthorized access.
Guide Organization
This Guide provides information regarding the administration, maintenance, and customization of Cyberoam.
How do I search for relevant content? For help on how to perform certain task use Contents For help on a specific menu or screen function use Menu wise – Screen and Table Index
This Guide is organized into 2 parts:
Part I - Basic Configuration
It describes how to define groups and users to meet the specific requirements of your Organization. It also describes how to define Authentication and migration process of the exisiting groups and users from Windows. Define User Groups and Users. Describes how to add new Users and User Group Define Authentication process. Describes Authentication process and user migration process from Windows. Define Host groups. Describes how to add new host groups.
Part II Management
It describes how to manage and customize Cyberoam Manage Groups and Users. Describes how to edit and delete Users and User Groups Manage & Customize Policies. Describes how to define and manage Surfing quota policy, Access time policy, Security policy, Bandwidth policy, and Printing policy Manage Host groups. Describes how to edit and delete host groups Manage Cyberoam server
eLitecore Technologies Ltd. 1
Cyberoam Installation Guide
Manage Cache server Manage Mail server Customize Services, Schedules and Web categories. Describes how to create and manage Web categories, Schedules and Services Upgrade Cyberaom
Guide Sets
Guide Describes
Installation & Registration Guide Installation & registration of Cyberoam User Guide Part I – Basic Configuration Basic configuration of Cyberoam Part II – Management Management and Customization of
Cyberoam Detailed statistics – Reports Detailed reports Console Guide Console Management Client Guide Installation & configuration of Cyberoam
Clients Analytical tool Guide Using the Analytical tool for diagnosing
and troubleshooting common problems
Technical Support
You may direct all questions, comments, or requests concerning the software you purchased, your registration status, or similar issues to Customer care/service department at the following address: Corporate Office eLitecore Technologies Ltd. 904, Silicon Tower Off C.G. Road Ahmedabad 380015 Gujarat, India. Phone: +91-79- 6405600 Fax: +91-79-6462200 Web site: www.elitecore.com Cyberoam contact: Technical support (Corporate Office): +91-79- 6400707 Email: [email protected] site: www.cyberoam.com Visit www.cyberoam.com for the regional and latest contact information.
eLitecore Technologies Ltd. 2
Cyberoam Installation Guide
Typographic Conventions
Material in this manual is presented in text, screen displays, or command-line notation.
Item Convention Example
Server Machine where Cyberoam Software - Server component is installed
Client Machine where Cyberoam Software - Client component is installed
User The end user Username Username uniquely identifies the user of the system Part titles Bold and
shaded font typefaces Report
Topic titles Shaded font typefaces Introduction
Subtitles Bold & Black typefaces Notation conventions
Navigation link Bold typeface Group Management → Groups → Create it means, to open the required page click on Group management then on Groups and finally click Create tab
Name of a particular parameter / field / command button text
Lowercase italic type
Enter policy name, replace policy name with the specific name of a policy Or Click Name to select where Name denotes command button text which is to be clicked
Cross references
Hyperlink in different color
refer to Customizing User database Clicking on the link will open the particular topic
Notes & points to remember
Bold typeface between the black borders
Note
Prerequisites Bold typefaces between the black borders
Prerequisite • Prerequisite details
eLitecore Technologies Ltd. 3
Cyberoam User Guide Introduction
Contents
Welcome to Cyberoam User Guide 1 Guide Organization 1 Guide Sets 2 Technical Support 2 Typographic Conventions 3 Contents 4 Introduction 7
What is Cyberoam? 7 Benefits of Cyberoam 7
Accessing Cyberoam 8 Accessing the Web Interface 8 Accessing Console via remote login utility - TELNET 8 Log on & log off from the Cyberoam Web Interface 9
BASIC CONFIGURATION 15
Define Group 18 Group 18
Define User 24 User 24
User Migration 33
Define Authentication process 35 Local (Cyberoam) Authentication 36 NTLM Authentication 36
Define Host Group 42 Host Group 42
MANAGEMENT 44
Group Management 44 Manage Group 44 Delete Group 49
User Management 50 Search User 50 Live User 51 Manage User 53
Policy Management 68 Surfing Quota policy 68 Access time policy 73 Security policy 77 Bandwidth policy 84 Printing Policy 102
Host Group Management 107 Search Node 107 Update Host Group 108
eLitecore Technologies Ltd. 4
Cyberoam User Guide Introduction
Delete Host Group 111
System Management 112 Network Management 112 Multiple Gateway configuration 112 Interface Configuration 116 DNS Configuration 117 Security – Firewall 119 DHCP 126 Reset Console Password 127 Data Store 128 Client Services 134
Cache Management 137 Enable Cache Server 138 Configure Cache 139 Define WCCP Routers 141 Define Cache 143 Routing Policy 146 Malicious HTTP traffic 148
Mail Management 151 Intra POP Service 151 Delete Intra POP service 158 Alias 159 Delete Alias 162 SMTP Configuration 163 Configure Mail Access 165
Services 167
Monitoring Bandwidth Usage 169
CUSTOMIZATION 174
Services 174 Create new Service 174 Update Service 175 Delete Service 176
Schedule 177 Create Schedule 177 Update Schedule 178 Delete Schedule 180
Web Categories 181 Create a new Web category 181 Update Web Categories 183 Delete Web Category 190 Manage File types 191
Upgrade Cyberoam 193
Module licensing 194
View and Update Company information 195
View Registration details 196
eLitecore Technologies Ltd. 5
Cyberoam User Guide Introduction
Download Clients 197 Menu wise Screen and Table Index 198
eLitecore Technologies Ltd. 6
Cyberoam User Guide Introduction
Introduction
Organizations around the world are leveraging the Internet and Information technology to gain a competitive advantage. Organizations invest vast amount of money in building networking infrastructures, which can support their business goals and objectives. Staying ahead of the technology curve and achieving competitive advantage comes at a heavy price. Despite the high levels of investment in infrastructure and other IT resources, many organizations fail to deploy even the most basic tools to manage their IT resources effectively. Networking environments have become increasingly complex, with a variety of security and access management issues. Organizations face challenges in configuring and giving access to various IT resources and making sure the result supports organization policies.
What is Cyberoam? Cyberoam is complete IT resource Management software that enables Business houses, Educational institutes and other organizations to monitor and manage IT resources. It also provides better Bandwidth management, increases Employee productivity and reduces legal liability associated with undesirable Internet content.
Benefits of Cyberoam
1. Boost Employee productivity by a. Blocking access to the sites like Gaming, Shopping, news, Pornography
2. Conserve bandwidth by a. Controlling access to non-productive site access during working hours b. Controlling rate of uploading & downloading of data
3. Load balancing over multiple links a. Improved User response time b. Failover solution c. Continuous availability of Internet d. Reduced bandwidth bottlenecks
4. Conserve Printer usage 5. Enforce acceptable Internet use, printer use and mailing policies 6. Comprehensive, easy-to-use reporting tool enabling the IT managers to compile reports on
Internet and other resources usage and consumption patterns
eLitecore Technologies Ltd. 7
Cyberoam User Guide Accessing Cyberoam
eLitecore Technologies Ltd. 8
Accessing Cyberoam Three ways to access/manage Cyberoam: 1. Web based Administration console
• Used for policy configuration • Managing users, groups and policies • Managing System resources like printer, mail server • Managing Firewall rules • Managing Bandwidth • Viewing bandwidth graphs as well as reports
2. Text based Administration/telnet console
• Used for Network and System configuration (setting up IP Addresses, setting up gateway)
• Managing Cyberoam application a) Using Console Interface via remote login utility – TELNET b) Direct Console connection - attaching a keyboard and monitor directly to Cyberoam server
Accessing the Web Interface
Cyberoam Web Interface (GUI) access requires Microsoft Internet Explorer 5.5 or above
Note Cyberoam Web Interface access requires Internet Explorer 5.5 or above If you have logged on for the first time & not yet registered Cyberoam, refer to Installation guide for registration. Change the default password, the first time you log on. Refer to Manage Users, Change Personal details
Accessing Console via remote login utility - TELNET
Access Cyberoam Console with the help of TELNET utility. To use TELNET, IP Address of the Cyberoam server is required. To start the TELNET utility: Click Start, and then click Run In Open, type TELNET xxx.xxx.x.xxx Click OK, opens a console login window and prompts to enter Password Default password for Cyberoam TELNET console is “admin”.
Screen - Console access
Cyberoam User Guide Accessing Cyberoam
eLitecore Technologies Ltd. 9
Screen - Console login screen
Lo
off.
indow, open the browser and type the IP Address in browser’s URL box. A rompting you to enter username and password to log in. Use the default user
am’ and password ‘cyber’ to log in if you are logging in for the first time.
Aste ssword field.
ethods of Login
HTTP log in To open unencrypted login page, in the browser’s Address box, type
http://<IP
g on & log off from the Cyberoam Web Interface
The Log on procedure verifies validity of user and creates a session until the user logs
Log on procedure
To get the log in wdialog box appears pname ‘cybero
risks are the placeholders in the pa
M
address of Cyberoam>
Screen - HTTP login screen
Cyberoam User Guide Accessing Cyberoam
eLitecore Technologies Ltd. 10
HTTPS log in Cyberoam provides the secured communication method by which the User log in information is encrypted and prevents the unauthorized users from viewing the user information. For this, Cyberoam uses https protocol.
transfer ncrypted information between computers over the World Wide Web. HTTPS is http using a
socket layer is an encryption protocol invoked on a Web serv
HTTPS protocol opens a secure hypertext transfer session with the specified site address. To open login over secure HTTP, type
http://<IP
The secure hypertext transfer protocol (HTTPS) is a communications protocol designed to eSecure Socket Layer (SSL). A secure
er that uses HTTPS.
address of Cyberoam>
Screen - HTTPS login
Cyberoam User Guide Accessing Cyberoam
eLitecore Technologies Ltd. 11
Screen - HTTPS login
Screen Elements Description
Browser Address box
Browser owser Address box Opens the Cyberoam login n
opens the page specified in the Br
screeWebmail link Open a ne ail
To login, enter mail account login name and password
w login page for Web based Em
Reports link Open a new login page for Cyberoam Reports To login, enter Cyberoam reports login name and password
Analytical tool link Open a new login page of Network To login, enter Network login name and password
My Account Open a new login page for My Account To login, enter My Account login name and password
Login User name Uniquely identifies the User of Cyberoam
If logging on for the first time, type administrator as username
Password Password for the User name If logging on for the first time, type admin as the password
Login button Logs on to the Cyberoam server
Cyberoam User Guide Accessing Cyberoam
eLitecore Technologies Ltd. 12
Click Login If login is successful and the copy of Cyberoam is already registered, Live Users screen is displayed otherwise Online registration page is displayed. Register your copy of Cyberoam if Online registration page is displayed. To register please refer to Registration in Installation Guide.
Table - Login screen elements
Screen - Live Users screen
Cyberoam User Guide Accessing Cyberoam
eLitecore Technologies Ltd. 13
Screen - Registration screen
If Registration page opens, use Online or Manual registration process for registering the copy of Cyberoam. Refer to Installation guide - Registration for detail on registration process.
Web console Authorization and Access control
By default, Cyberoam has four types of user groups:
Administrator group
Log in as Administrator group User to maintain, control and administer Cyberoam. Administrator group User can create, update and delete system configuration & user information. Administrator can create multiple administrator level users.
Manager group
Manager group User can only view the reports.
User group
User group User is the user who accesses the resources through cyberoam.
Clientless group
User group User who can bypass Cyberoam Client login to access resources. Cyberoam itself takes care of login of this level user.
Cyberoam User Guide Accessing Cyberoam
eLitecore Technologies Ltd. 14
Log out procedure
off after you have finis ng. To avoid un-authorized users from accessing Cyberoam, logThis will end the session and exit from Cyberoam.
hed worki
Cyberoam User Guide Basic Configuration
eLitecore Technologies Ltd. 15
Basic Config ru ation Onc d the ered the copy of Cyberoam, you can start using Cyberoam. After you login successfully screen will be displayed which is the main navigation point for Cyberoam. Each me ost part of the screen provides access to a different Cyberoam functionality:
Screen - een
e you have configure network and regist, following nu on the right m
Navigation scr
Main Menu Allo tows System Management
rom unauthorized
e DHCP server, Mail , Cyberoam and IntraPOP server, DNS
urge • Set customized messages on various actions
• Configure Network • Protect Internal network f
access • Start and Stop utilities lik
server• Reset Console password • Set schedule for Backup, Restore and P
performed
Cache Management • Configure Cache server
1PRT
A
Main menu
Cyberoam User Guide Basic Configuration
eLitecore Technologies Ltd. 16
• Start and Stop Cache server • Enable & Disable Caching • Add External Cache and Routing policy • Set Web category for blocking Malicious traffic
External Authentication • Set client authentication scheme
• Migrate Users
Policy configuration Create & manage • Schedules • Web Category • Services
Policy management Create & manage
• Surfing Quota policy • Access time policy • Security policy • Bandwidth policy • Printing policy
Group Management • Create Group (Normal & Clientless)
• Manage Group
User Management • Register, Activate, Deactivate, Delete User (Normal & Clientless)
• Add, Manage Host Group • Search User and Node • View Graphical Bandwidth Usage report
Mail Management • Add, Configure and Manage IntraPOP & SMTP
server • Create and Manage Aliases
Reports • Web surfing Trends
• Web surfing reports • Internet usage reports • Audit log report • Mail report • Printer Usage report • Cache report
Help Allows to
• Register Cyberoam • Upgrade Cyberoam • Download Cyberoam Client software • Access documentations
Logout Exit Cyberoam
Table - Navigation screen elements
For your convenience, Cyberoam has certain predefined setting like - groups, policies and services. These predefined settings are immediately available for use until configured otherwise.
Cyberoam User Guide Basic Configuration
eLitecore Technologies Ltd. 17
If the predefined setting does not satisfy your organizations requirement, Cyberoam lets you define ized policies to define different levels of access for different users. Groups, Users and custom
Basic Configuration Cyberoam User Guide Define Group
eLitecore Technologies Ltd. 18
Define Group
Group
Group is m olicies and a m nism of assigning access of resources f users in one operation/step. In the for et the app te bandwidth us limit, security for preventing users fro s, Internet and printer acce ime and combine to form a Group. Various p ed to the are:
ecifying the ion of surfing time and the period of subscription during whic user will be allowed access
Security policy sp sites Bandwidth policy ser Printing policy specifying the printing quota of the user
For the details on the various policies, refer to Policy Management. Using groups simplifies the management of users’ access to IT resources. For example, ‘Research’ Group for employees of Research Department who have similar requirement like ‘Need Internet access through the working hours’ ‘DTP’ Group for employees of Printing department who have similar requirement like ‘Printer access round the clock’
Group types
Two types of groups: 1. Normal 2. Clientless
Normal A user of this group need to logon to Cyberoam using the Cyberoam Client to access IT resources controlled through Cyberoam. Clientless A user of this group need not logon to Cyberoam using the Cyberoam Client to access IT resources controlled through Cyberoam. The access is controlled using the IP Address of a client. Symbolically represented as Group name (C) The following decision matrix will help you in deciding which type of group is well suited for your network configuration and purpose of use.
a collection of users having com on p echa to a number o
m of various policies, sm accessing malicious
ropria age ss tsite
olicies that can be attach groupSurfing Quota policy sp duratAccess time policy specifying the time period h the
ecifying the access strategy for the user and specifying the bandwidth usage limit of the u
Basic Configuration Cyberoam User Guide Define Group
eLitecore Technologies Ltd. 19
Decision matrix for creation of Group
Feature Normal Group Clientless Group
Logon into Cyberoam required Yes No Type of User Normal Clientless
Yes No
No Yes
Apply Login restriction Yes No Apply Surfng Quota policy Yes No Apply Access time policy Yes No Apply Bandwidth policy Yes Yes Apply Security policy Yes Yes Apply Printer policy Yes Yes
Table - Group creation - Decision matrix
Basic Configuration Cyberoam User Guide Define Group
eLitecore Technologies Ltd. 20
Create Group
Normal Group Clientless Group
Assign Surf ingtime policy
Is Ureq
ser and Networkuirement satisf ied def ault policiesby
Createrequired policy
Assign Accesstime policy
AssignSecurity policy
Apply Loginrestriction
AssignPrinting policy
Assign Bandwidthpolicy
No
Yes
AssignSecurity policy
Assign Printingpolicy
AssignBandwidth
policy
Basic Configuration Cyberoam User Guide Create a New Group
eLitecore Technologies Ltd. 21
Create a New Group
To create a new group, first define the group and assign policies to that group. After the creation of the group, add as many of users required in the group.
Prerequisite • Surfing Quota policy created • Access time policy created • Security policy created • Bandwidth policy created • Printing policy created • Host group created if login is to be restricted to a particular Node/IP Address
Select Group Management Groups Create to open the create group pane
Screen - Create Normal group
Basic Configuration Cyberoam User Guide Create a New Group
eLitecore Technologies Ltd. 22
Screen - Create Clientless group
Screen Elements Description
Create Group Group name p. Choose a name that best
roup
ers ‘_’, 0 - 9
Assigns name to the Groudescribes the G Allows maximum of 30 charactCan be any combination of A – Z, a – z,
Group type Click Group type to select
ers have to login to Cyberoam Client Select Clientless if Group members do not have to login to Cyberoam Client
Specifies type of Group
Select Normal if Group memb
Surfing Quota Policy Only for ‘Normal’ Group type
Assigns Surfing Quota Policy to the Group Click Surfing Quota Policy list to select By default, ‘Unlimited policy’ is assigned to Clientless Group type Refer to Surfing Quota Policy for details
Access time Policy Only for ‘Normal’
Assigns Access time Policy to the Group Click Access time Policy list to select
Basic Configuration Cyberoam User Guide Create a New Group
eLitecore Technologies Ltd. 23
Group type By default, ‘Unlimited policy’ is assigned to ‘Clientless’ Group type Refer to Access time Policy for details
Security Policy Assigns Security Policy to the Group Click Security Policy list to select Refer Security Policy for details
Bandwidth Policy Assigns Bandwidth Policy to the Group Click Bandwidth Policy list to select Refer Bandwidth Policy for details
Printing Policy Assigns Printing Policy to the Group Click Printing Policy list to select Refer Printing Policy for details
Login Restriction (Only for ‘Normal’ Group type) Select any one option
Allow to apply login restriction Available options 1) Allowed login from all nodes
ll the
2) Allowed login from the selected nodes Allo d u to d node dd No the login nodes restri s to the Group Clic lect
Allows Users defined under the Group to login from anodes
w Users defines only. Refer to Mana
nder the Group ge Group - A
login from the selectede for assigning
ction
k to seC Crea Group reate button tes the C Can he current o ion ancel button cels t perat
Table ate Group n elements
- Cre scree
Note You and add t r to the grou r can create the group he use p late
Define User Cyberoam User Guide Create a User
eLitecore Technologies Ltd. 24
Define User
User
by an IP address or a user name and assigned to a group. All the users in a olicy defined for that group. Refer to Policy Management to define new policies.
U
wo types of Users:
Single Sign on Normal User has to logon to Cyberoam. Cyberoam client (client.exe) installed on the User machine or user can use HTTP Client component and all the policy-based restriction are applied. Clientless Cyberoam client component (client.exe) not installed on the User machines. Symbolically represented as User name (C) Single Sign on If the User is configured for Single sign on, whenever User logs on to Windows, he/she is automatically logged to the Cyberoam. Symbolically represented as User name (S) Use following decision matrix to decide which type of the user should be created.
Decision matrix for creation of User
Users are identified group inherit the p
ser types
T1. Normal 2. Clientless 3.
Feature Normal User Clientless User Single Sign on User
User Login required Yes No No Type of Group Normal Clientless
Yes No
No Yes
Yes No
Apply Login restriction Yes Yes Yes Apply Surfng Quota policy Yes No No Apply Access time policy Yes No No Apply Bandwidth policy Yes Yes Yes Apply Security policy Yes Yes Yes Apply Printer policy Yes Yes Yes
Table - Create User - Decision matrix
Define User Cyberoam User Guide Create a User
eLitecore Technologies Ltd. 25
Define User Cyberoam User Guide Create a User
eLitecore Technologies Ltd. 26
Create a User
Prerequisite • Group created – for Normal Users only
Select User Management Manage Users Create to open the create user pane
Screen - Create User
Screen Elements Description
User Information Name Name of the User
Allows maximum of 30 characters Can be any combination of A – Z, a – z, ‘_’, 0 – 9
Username A name that uniquely identifies user & used for logging Allows maximum of 30 characters Can be any combination of A – Z, a – z, ‘_’, 0 – 9
Password Assigns Password Allows maximum of 15 characters
Define User Cyberoam User Guide Create a User
eLitecore Technologies Ltd. 27
Can be any combination of A – Z, a – z, ‘_’, 0 - 9 Confirm Password Confirms password
Should be same as typed in Password field
User Type Specifies the type of User Click User type list to select
Add Clientless User to create clientless user Refer toUser Group Information Group Assigns User to the User Group
Click Group list to select
Show details link Open a new Window and displays the details of the selected Group Refer to Show details table
Login Restriction Select any one option
Allows to apply login restriction
ed login from all nodes s U nodes in the network
2) AllowAllows U oup
wU
es fr be assigned after creating the u Click to sel
Available options 1) AllowAllow sers to login from all the
ed login from the Group nodes sers to login only from the nodes assigned to the gr
3) Allo ed login from the selected nodes
sers to login from the selectedAllows Nod
nodes only m which the User is allowed login cano
ser.
ect Personal details link Allows to
Refer to able
enter the personal details of the user
Personal details t
Tab
Show details table
le - Create User screen elements
Screen Elements Description
Group name Group name Surfing Quota polic uota policy assigned to the group y Surfing QAccess time policy Access time policy assigned to the group Security policy Security policy assigned to the group Bandwidth policy Bandwidth policy assigned to the group Printing policy ned to the group Printing policy assigAllotted time (HH:m roup m) Allotted time to the gExpiry date Expiry date Used minutes Used minutes Close button Closes window
Table - Show Group details screen elements
Define User Cyberoam User Guide Create a User
eLitecore Technologies Ltd. 28
Personal details table
Screen Elements Description
Personal Information Birth date Birth date of the User
dar to enter date Use Popup Calen
Email Email ID
Table - Personal details screen elements
Define User Cyberoam User Guide Create a User
eLitecore Technologies Ltd. 29
Create Clientless us
dd multiple clie
Creates Clientless user as their username. Change the Username of the if requi
ers
To a ntless users
s with given IP addresses red. clientless users
Prerequisite • Clientless Group created
Select User Manage ent Clientless Users Bulk Registration to open the create user pane
m
Screen - C
reate multiple Clientless users
Screen Elements Description
Host Group Details Host Group name
aximum of 50 characters
any combination of A – Z, a – z, ‘_’, 0 - 9
Name of the Host group
Allows mCan be
Is Host group public Click to Select, if the IP Addresses assiUsers are live IP Addresses
gned to the
Bandwidth policy Assigns Bandwidth Policy to the User Click Bandwidth Policy list to select Click Show details link to view the details of the
Define User Cyberoam User Guide Create a User
eLitecore Technologies Ltd. 30
policy Description Full description
Allows maximum of 250 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
Machine details From – To Range of IP Address will be used by the Users to
login
Machine name Machine name Select Group Group Assigns User to the selected group
Click Group list to select
Create Creates a Clientless User
Table - Create multiple Clientless user screen elements
Define User Cyberoam User Guide Create a User
eLitecore Technologies Ltd. 31
Add a single clientless user
Prerequisite • Group created • Host group created
Select User Management Clientless Users De Activated Clientless Users Add Clientless User to open the create user pane
Screen - Create single Clientless user
Screen Elements Description
User Information Name r IP Address
aracters n be any combination of A – Z, a – z, ‘_’, 0 - 9
Name of the User o Allows maximum of 30 chCa
Us A name that uniquely identifies user & used for logging
ername
Allows maximum of 30 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
A he user should be logged in automatically after registering Yes – Automatically logs in as soon as registered successfully i.e.
live user
registere in De-active mode and has to be activated n log e Clientless User for details
uto login Specifies whether t
becomes a No – User is d but isbefore he/she ca in. Refer to Activat
Define User Cyberoam User Guide Create a User
eLitecore Technologies Ltd. 32
User type r type Displays UseUser Group Information Group Defines User in the selected Group
Click Group list to select
Show details link Open a new window and displays the details of the selected group Click to view details
Login Restriction Allowed Login from IP Address
Specifies the IP address from which the User is allowed to Login Click Select Node, opens a new window and allows select the IP Address Refer to Select Node table for details
Personal details link Allows to enter the personal details of the user Refer to Personal details table
Register Registers a clientless user Cancel button Cancels the current operation
Table - Create single Clientless user screen elements
Personal details table
Screen Elements Description
Personal Information Birth date Birth date of the User
Use Popup Calendar to enter date
Email Email ID
Table - Personal details screen elements
Select Node table
Screen Elements Description
Host Group name Host group from which the Node/IP address is to be added Click Host Group name list to select
Select Selects the Node Apply Restriction button Applies login restriction Close button Closes the window
Table - Select Node screen elements
NOTE Duplicate Usernames cannot be created Make sure that subnets or individually defined IP addresses do not overlap If you are assigning a new user to a group, the group must be created first. Refer to Create Groups to create new groups
Basic Configuration Cyberoam User Guide Define Authentication process
eLitecore Technologies Ltd. 33
User Migration Cyberoam provides a facility to migrate the existing users from (Primary Domain Controller) PDC server. This reduces the Administrator’s burden of creating the same users again in Cyberoam.
ll the migrated users will be created under the Group type – ‘Normal’ and default policies will be applied. Administrator can change the assigned group or status at this stage or later.
elect External Authentication User Data Migration User Data Migration to
tep 1: Click Download User Migration Utility link
A
After migration, Username will be set as password in Cyberoam. Sopen the migration pane S
Screen - Download User Migration Utility
w and prompts to run or save the utility. Select the appropriate option and click OK button
Step 2: Opens the File Download windo
Screen - Save User Migration Utility
Basic Configuration Cyberoam User Guide Define Authentication process
eLitecore Technologies Ltd. 34
Step 3: Opens a new browser window and prompts for the login. Provide the administrator username and password. E.g. Username: “cyberoam” and password: “cyber”
Ste wn. Upload the specified file.
p 4: On successful authentication, following screen will be sho
Screen – Upload downloaded User Migration Utility
Step 5: Change the group or status of the user at this stage, if required. To migrate all the users, click Select All or select the individual users and click Migrate Users.
Screen - Register migrated users
Note After migration, for Cyberoam login password will be same as the username
Once the users are migrated, configure for single sign on login util
done on the Cyberoam server. ity.The configuration is required
be
gn on also supports multiple log on facility.
to If the user is configured for Single sign on, whenever User logs on to Windows, he/she is utomatically logged to the Cyberoam also. Single sia
Basic Configuration Cyberoam User Guide Define Authentication process
eLitecore Technologies Ltd. 35
D by Cyberoam before accessing any resources controlled by
need not logon into Cyberoam but automatically logs on at system tartup. Single sign on Client users automatically logs on into Cyberoam when they log on in
Windows.
Single sign on is enabled then NTLM should be enabled so that Users can check their yaccount using their windows password
su.
2. NTLM Use the following decision matrix for defining the Authentication type for the various users.
Decision matrix for Authentication
efine Authentication process User has to be authenticatedCyberoam. Clientless users s
IfM Cyberoam pports two types of Authentication: 1 Local (Cyberoam)
Type of User Authentication
Migrated User NTLM Normal User Local (Cyberoam) Clientless User No authentication required
Table - Authentication - Decision matrix
Authentication
Clientless UsersNormal UsersMigrated Users
NTLM Cy beroamNo
Authenticationrequired
Single Signon
Recommended
Basic Configuration Cyberoam User Guide Define Authentication process
eLitecore Technologies Ltd. 36
Local (Cyberoam) Authentication
he Cyberoam server performs authentication i.e. User is authenticated directly by the Cyberoam server. T
NTLM Authentication
This echanism their Windows authentication tokens. (login/user name and pa Cyberoam sends the user authentication request to the PDC and the Windows server
ticates the user as per supplied tokens.
authentication m allows Users to access usingssword).
authen
Note If the PDC server is down then the authentication request will always return as a message as ‘Wrong username/password’ It is necessary to have shared NETLOGON directory on PDC with the following permissions: Read, Read & Execute, List Folder Contents
Basic Configuration Cyberoam User Guide Define Authentication process
eLitecore Technologies Ltd. 37
Single Sign on Client Configuration
synchronization for Users of Windows and Cyberoam. i.e. if the user is configured for Single sign on, whenever User logs on to Windows, he/she is automatically
yberoam also.
Single sign on provides password
logged to the C
Once the Users are migrated successfully, follow the procedure to configure for Single Sign on login utility. If Single sign on is configured then NTLM authentication should be enabled so that Users can check their Myaccount using their windows password Step 1 Download the Cyberoam in the below screen shot and save
SCyberoam.exe to the NETLOGON scripts directory on the domain controller or as per your onfiguration. The logon scripts contain the configuration parameters for the initial user
envi
T w:
Single Sign on client as shownSc
ronment.
he default location of NETLOGON directory is given belo
Server OS NETLOGON default location Windows NT %SYSTEMROOT%/system32/Repl/Import/Scripts Windows S 2000 % YSTEMROOT%/SYSVOL/sysvol/%USERDNSDOMAIN%/Scripts
Table - Default NETLOGON directory location
Basic Configuration Cyberoam User Guide Define Authentication process
eLitecore Technologies Ltd. 38
S gle sign on Client
Go to step 2 if logon scripts ated Go to step 3 if logon scri
creen - Download Sin
for the Users are already crepts for the Users are not created
Note If logon scripts for all the Users already exist, please do not download “Logon Script Updation Utility” and execute the script “defaultlogonscript.bat”,
Step 2 If the logon scripts are already created, then Update them. Edit the logon script using any of the available Editors like Notepad and add the following line in the script and save the script:
start \\PDCServerName\netlogon\SSCyberoam.exe IP address of the Cyberoam Server
E.g., start \\mypdc\netlogon\SSCyberoam.exe 192.168.1.100 Whenever the User tries to logon in Windows, the logon script will be executed. The above statement in logon script executes the Cyberoam logon program with the Windows Username and automatically logs in User to the Cyberoam. Step 3 If the logon scripts are not createdCreate a new script - “defaultlogonscript.bat” using any of the available Editor like Notepad Add line start \\PDCServerName\netlogon\SSCyberoam.exe IP address of the Cyberoam Server E.g., start \\mypdc\netlogon\SSCyberoam.exe 192.168.1.100 Copy the script - “defaultlogonscript.bat” to NETLOGON scripts directory. Refer to step 1 to find location of the NETLOGON scripts directory Download Logon Script Updation Utility as shown in the below screen shot and save the script as “updatelogonscript.bat” in the root directory of the server Open the command prompt
Basic Configuration Cyberoam User Guide Define Authentication process
eLitecore Technologies Ltd. 39
Screen - Download User Logon Script Updation utility
Execute “updatelogonscript.bat” at the command prompt as follows: updatelogonscript.bat defaultlogonscript.bat This will update/add the logon script of the Users in the domain to defaultlogonscript.bat
Screen - LOGON script change utility
Whenever the User tries to logon in Windows, the script “defaultlogonscript.bat” will be executed which in turn executes the Cyberoam logon program with the Windows Username and automatically logs in User to the Cyberoam. If the User has logged in successfully using Single Sign on utility, then (S) will shown besides the Username e.g. Joe (S) in the Live User list
Some Exception Conditions 1. If the User does not exist in Cyberoam, message ‘Wrong Username/Password’ will be displayed
Basic Configuration Cyberoam User Guide Define Authentication process
eLitecore Technologies Ltd. 40
2. L execute if troller is down and User will not be able to log on to ogon script will not Domain ConCyberoam and Internet access will not be available Onc sers will have toe PDC is up, U re-logon 3. If reac y to logon, Cyberoam is down or not hable, the Cyberoam Single Sign client will continuously trand rnet accas soon as it is up Inte ess will be available
Sel t entication
ect External Authentica ion Client Authentication Client Auth
Scre
en - Add Authentication server
Screen Elements Description
Current Authentication Scheme Current Authentication
Disto Cli uthentication list to select
plays the current authentication mechanism and allows update
ck Current AAuthentication Servers Add button Allows to add IP Address of NTLM server
CliOp Type
ck Add to add ens a new window
Basic Configuration Cyberoam User Guide Define Authentication process
eLitecore Technologies Ltd. 41
Server IP Address Se Cli Repeat above steps to add more than one server
rver Details
ck OK
Remove button Removes the selected server from the list Update button Updates the list Cancel button Cancels the current operation
Table - Add Authentication screen elements
Note It is nticate Users possible to authe of multiple PDC servers
Basic Configuration Cyberoam User Guide Define Host Group
eLitecore Technologies Ltd. 42
Define Host Group
Host Grou
Host group is a collection of a single I Add IP addre t the time of creat
Create a new
p
P addresses or range of IP addresses.
sses/Nodes a ion of Host group or after the creation.
Host Group
Prerequisite • Bandwidth policy created
Select User Management Host Group Management Create
Screen - Create Host group
Screen Elements Description
Host Group Details Host Group name Na
Allows maximum of 50 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
me of the Host group
Is Host group public Public IP e IP addresses which are routable over the Internet a ed Network Address Translation (NAT)
addresses arnd do not ne
Basic Configuration Cyberoam User Guide Define Host Group
eLitecore Technologies Ltd. 43
Click to Select, if the IP Addresses assigned to the Users are Public IP addresses
Bandwidth policy Assigns B up
n
ow s of the policy
andwidth Policy to the host gro
Click Ba Click Sh
dwidth Policy list to select
details link to view the detailDescription Full descr
Allows ma haracters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
iption
ximum of 250 c
Machine details From – To Range of IP Address Machine name Machine name Create Creates a Host group
Table - Create Host group screen elements
Management Cyberoam User Guide Group Management
eLitecore Technologies Ltd. 44
Management Group Management
Manage Group
Select Group Management click the Group to modify
2PART
Group Manage and
Screen - Manage Group
Management Cyberoam User Guide Group Management
eLitecore Technologies Ltd. 45
Screen Elements Description
Group Information Group name Group name Show Group members Opens a new window and displays the details of all the
embers button group mSurfing Quota policy Displays the currently attached Surfing Quota policy to
the Group Change policy button Click to change the attached Surfing QOnly for ‘Normal’ Group type
uota policy Opens a new window and allows to select a new Surfing Quota policy Click Change policy Click Select to select from available policy Click Done to confirm the selection Click Cancel to cancel the operation Surfing quota policy, Time allotted & Expiry date changes accordingly
Time allotted Displays the total surfing time allotted by the Surfing Quota policy to the Group Cannot be modified
Expiry date Displays the Expiry date of the Surfing Quota policy Cannot be modified
Used Surfing time Dis by the Group members Cannot be modified
plays the total time used
AcOn oup ty
Displays hed Access time policy to the Group
nge c list to select
To viewClick Sh
cess time policy ly for ‘Normal’ Gr
pe
the currently attac
To chaClick A cess time policy
the details of the access time policy ow details
Security policy Displays ecurity policy to the Group
Click Security policy list to select To view the details of the Security policy
Show details
the currently attached S
To change
Click Ba th policy tly attached Bandwidth policy to the
width policy Click Show details
ndwid Displays the currenGroup To change Click Bandwidth policy list to select To view the details of the band
Printing policy Displays the currently attached Printing policy to the Group
Management Cyberoam User Guide Group Management
eLitecore Technologies Ltd. 46
To change Click Printing policy list to select
Click Show details
To view the details of the printing policy
Login Restriction Only for ‘Normal’ Group type Display the login restriction applied to the Group Change Login Restriction button
Clic estriction Refer to Change Login restriction for details
k to change the login r
Save button Saves the modified details Reapply Current policy button
Reapplies all the current policies at the time renewal
Cancel button n Cancels the current operatio
Table - Manage Group screen elements
Note Any changes made are applicable to all the group members
Update Group
Need may arise to change the G g after the creation of Group. roup settin
To Click
View Group members
Refer to View Group members for details
ShowGroupMembers button
Select Node/IP address for Login re Only for ‘Normal’ Group ty
striction
pe
Change Login Restriction button Refer to Select Node for details
Change Surfing Quota Policy
for ‘Normal’ Group type
utton Only
Change Policy b
Change Access time Policy Access time Policy list Change Security Quota Policy Security Quota Policy list Change Bandwidth Policy andwidth Policy list BChange Login Restriction Only for ‘Normal’ Group type
Change Login Restriction button
T
View Group members
able - Need to Update group
Screen - View Group members
Management Cyberoam User Guide Group Management
eLitecore Technologies Ltd. 47
Screen Elements Description
Group name Group name Total members Total members/users of the Group Username User name
Name with which the Employee logs in
Employee Name Employee name Allotted Time Total Allotted time to the user
Refer to Access time policy for details
Expiry Date Expiry date of the policy attached to the User Refer to Surfing time policy for details
Used time Total time used by the User Close button Closes the window
Table - View Group members screen elements
Select Node/IP address for Login restriction
Screen - Apply Login restriction
Management Cyberoam User Guide Group Management
eLitecore Technologies Ltd. 48
Screen Elements Description
Login Restriction Displays the current login restriction Click to change the current restriction Save button Saves if the restriction is changed Cancel button Cancels the current operation Select Node(s) button Only if the option ‘Allowed login from selected nodes’ is selected
Click to select the Node for restriction
IP address Displays IP address Machine name Displays Machine name if given Allowed from Click to select
Multiple nodes can be selected
Apply Restriction button Applies the login restriction for the group members i.e. Group members will be able to login from the above selected nodes only
Cancel button Cancels the current operation
Table - Apply Login restriction screen elements
Management Cyberoam User Guide Group Management
eLitecore Technologies Ltd. 49
Delete Group
Prerequisite • No Group members defined
Select Group Management Group Manage and view the list of Groups
Screen -
Delete Group
Screen Elements Description
Del Select Group(s) for deletion Click Mor
Del to select
e than one Group can also be selected Select All Selects all the Groups
Click o select all the Groups for deletion
Select All t
Delete Group button Delete the selected Group(s)
Table - Delete Group sc ts
reen elemen
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 50
User Management
Search User
Use Search User Tab to search the User Select User Management Mana ers Search User
ge Us
Screen - Se ser
arch U
Screen Elements Description
Search User Enter Username or name of the employee
Search criteria
Search User button Searchentere
k S
es all types of us criteria
ers based on the d
Clic earch to search
Table - Search Use creen elements
r s
Search criteria Result
Mark Details of the user ‘Mark’ A Details of all the users Name contains ‘a’ whose User name or 192.9.203.102 Details of the user ‘192.9.203.102’ 8 Details of all the users 8’ whose User name or Name contains ‘
Table - Search User - Result
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 51
Live User
Live users report gives the details of all the users ly logged in Users.
t Live Users Live User
current
Select User Managemen
Screen - Live Users
Report Columns Description
Total Us d DisSin lient Users)
ers connecte plays currently connected total users (Normal Clientless & gle sign on c
Current S Dis in the format - Day, Month a
ystem time plays current system timeD te,HH:MM
User name Click to c display order
Name with which user has logged in Clic View/Update user details hange the k User name link to
Name Employee Clic Group and policies details attached to the User
name
k Name link to view
Connected from Click to c ay order
IP e from which user has logged in
hange the displ
address of the machin
Live IP e IP Live IP address if User has logged in using livStart time Click to change the display order
Login time
Time (HH:mm) Time used in hours and minutes Upload Data transfer Data uploaded Click to change the display order
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 52
Download Data transfer
Data downloaded
Click to change the display order Bandwidth (bits/sec) Bandwidth used Select ge or disconnecting
e selected
Select User for sending messa
More than one User can bSend message button Send message to the selected User(s) Disconnect button Disconnects the selected User(s)
Table - Live User screen elements
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 53
Manage User
pdate User
Manage ign on Select U Manage Users Manage Active to view the list of Users and click OR Select U gement Manage Users Manage Deactive to view the list of Users an ame to mo Manage ss Users Select U nagement C ctivated Clientless Users to view list of Users and click the User nOR
elect User Management Live Users Live User to view list of Users and click the ify
U
Normal & Single S Client Usersser Management the User name to modify
ser Manad click the User n ify d
Clientleser Ma lientless Users Dea
ame to modify
SUser name to mod
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 54
Screen - Manage User
Screen Elements Description
Personal Information Username Displays the username with which the user has
logged on
odified Cannot be mEdit Personal details/Change Allows to change the Users personal details and
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 55
Password button login password Click Edit Personal details to change Refer to Personal details table for details
Name Displays User/Employee name Cannot be modified
Birth date Displays Birth date of User Email Displays Email ID of User User My Account button Click to view/update the my account details
Refer to User My Accounts
User type Displays User type Cannot be modified
Policy Information Group Displays Group name in which User is defined Change Group button Allows to change the Group of the User
Opens a new window and allows to select a new Group
Time Allotted to User (HH:mm) Displays total time allotted to User in the format Hours:Minutes Cannot be modified
User Expiry date Displays User Expiry date Cannot be modified
Time used (HH:mm) total time used by the User in the format inutes
Displayshours:M
Cannot be modified Acc
he details of the access time policy
tails
ess time policy Displays the currently attached Access time policy to the User To view tClick Show details Refer to Change Individual Policy for de
Security policy urity policy to the User To view the details of the Security policy Click Show details Refer to Change Individual Policy for details
Displays the currently attached Sec
Bandwidth Management Bandwidth policy Displays the currently attached Bandwidth policy
to the User To view the details of the bandwidth policy Click Show details Refer to Change Individual Policy for details
Printing Management
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 56
Printing policy Displays the currently attached Printing policy to the User To view the details of the Printing policy Click Show details Refer to Change Individual Policy for details
Total pages printed number of pages printed by the Displays totalUser Cannot be modified
Login Restriction Display the currently applied login restriction to
the User Change login restric
nge Login restriction for details
tion button Click to change the login restriction Refer to Cha
Save button Saves the modified details Re-apply Current policy button Reapplies all the current policies at the time
renewal Cancel button Cancels the current operation
Table - Manage User screen elements
Need may arise to chang er.
e the User setting after the creation of Us
To Click
Change the personal details or password of the User
Edit personal details/Change Password Refer to Change Personal details for details
View User Accounts details User My Account Refer to User My Account for details
Change the User Group Change Group Refer to Change Group for details
Change the Access time Policy assigned to the User
Access time policy list Refer to Change Individual Policy for details
Change the Security Quota Policy assigned to the User
Security policy list Refer to Change Individual Policy for details
Change the Bandwidth Policy assigned to the User
Bandwidth policy list Refer to Change Individual Policy for details
Change the Printing Policy assigned to the User
Printing policy list Refer to Change Individual Policy for details
Change the Login Restriction of the User Change Login restriction button
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 57
Refer to Change Login restriction for details
Table - Need to Update User
Change Personal details
Scre
en - C sonal details hange User Per
Screen Elements Description
Personal Information Username ser has logged in Displays the name with which uName User name New password Type the new password Re-enter New password Re-enter new password
Should be same as new password
Birth date Displays birth date Use Popup Calendar to change
Email Displays Email ID of the user User type Displays User type
Cannot be modified
Update button Updates the changes made Cancel button Cancels the current operation
Table - Change User personal details screen elements
User My Account
User My Account gives details like Personal details, Internet and Printer usage of a particular user. User can change his/her password using this tab. Administrator and User both can view these details.
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 58
1. AdministratoUsers → Man
r can view details of various users from User management → Manage age Active and click User My Account button, it opens a new browser window.
Screen - User My Account
2. User can view his/her MyAccount details from task bar.
In the task bar, double click the Cyberoam client icon and click My Account. It opens a new window and prompts for MyAccount login Username and Password.
Allows viewing and updating password and personal details of the user
Screen - User My Account
Opens a new window with following sub modules: Personal, Client, Account status, Logout
ersonal P
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 59
Change Password
Select Per Psonal → Change assword
Screen - Change Password
Screen Elements Description
Change Password Username Displays the name with which user has logged in Current Password Type the current password New password Type the new password Re-enter New password Re-enter new password
Should be same as new password
Update Update the changes made
Table - Change password screen elements
Change Personal details
Select Personal → Personal Detail
Screen - Change Personal details
Screen Elements Description
Personal Information
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 60
Username Displays the name with which user has logged in Name User name Birth date Displays birth date
Use Popup Calendar to change
Email Displays Email ID of the user Update Update the changes made
Table - Change Personal details screen elements
Account status Allows viewing Internet & Printer usage of the user
Internet Usage
Screen - Internet Usage
Screen Elements Description
Policy Information Username Displays the name with which user has logged in Group Displays the name of the User Group Time allotted to User (HH:mm) Displays total surfing time allotted to the user in the
Surfing time policy User Expire date Displays User expiry date Time used by the User (HH:mm) Displays the total time used by the User Get Internet Usage information for month
Select Month Select Year
Submit button Click to view the Internet usage report for the selected period
Table - Internet Usage screen elements
Report details
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 61
Report columns Description
IP address IP address from where User has logged in Start time Session logon time Stop time Session stop time Used time Total time used Download data Data downloaded during the session Upload data Data uploaded during the session Total Data transfer Total data transferrred during the session
Table - Internet Usage - Report elements
Printer usage
Screen - Printer Usage
Screen Elements Description
Policy Information Username Displays the name with which user has logged in Group Displays the name of the User Group Pages allotted to the User Displays total printer usage allowed to the User in Printing
policy Total pages printed by the User Displays the total pages printed by the User Get Printer Usage information for month
Select Month Select Year
Submit button Click to view the Internet usage report for the selected period
Table - Printer Usage screen elements
Report details
Report columns Description
IP address IP address using which User has logged in Print time Time when printer was used No of pages Total pages printed Document name Name of the document printed
Table - Printer Usage - Report elements
Note
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 62
User My Account can be acc & log off from Cyberoam Web ess from login screen also. Refer to LogonInterface for details. Single Sign on Client can access from login screen only.
C
Screen - Change Group
hange Group
Screen Elements Description
Policy Information Change Gro tton Opens a new window and displays list of Groups
Click to change the User group
up bu
Select Select GroupDone button Adds User to the Group Cancel Cancels the current operation
Table - Change Group screen elements
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 63
Change Individual Policy
Screen Elements Description
Policy Information Access time policy Assigns Access time policy
To override the access time policy for the User and assign another policy – Click Access policy list to select
Security policy Assigns Security policy To override the Security policy for the User and assign another policy – Click Security policy list to select
Bandwidth Management Bandwidth policy Assigns Bandwidth policy
To override the bandwidth policy for the User and assign another policy -Click Bandwidth policy list to select
Printing Management Printing policy (only if Printing module is enabled)
Assigns Printing policy To override the Printing policy for the User and assign another policy -Click Printing policy list to select
Save Saves the changes
Table - Change Individual policy
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 64
Chan ge Login Restriction
Screen - Change Login restriction
Screen Elements Description
Login restriction Change login restriction button
Click to change the login restriction
Allowed login from all the nodes
Allows user to login from all the nodes of the Network
Allowed login from Group node(s)
Allows Users to login only from the nodes assigned to the group
Allowed login from selected node(s)
Allows user to login from the selected nodes only To select node Click Select node Select a Host Group from the host Group name list Click Select to select the IP addresses to be added to the policy Click Select All to select all IP addresses Click Apply Restriction to add the IP addresses to the policy Click Close to cancel the operation
Save button Saves the above selection Cancel button Cancel the current operation
Table - Change Login restriction
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 65
Delete User
To delete active user, click User management → Manage Users → Manage Active
S
To delete k age Users → Manage Deactive
creen - Delete Active User
User management → Man de-active user, clic
Screen - Delete Deactive User
To delete Clientless user, click User management → Clientless Users → Deactivated Clientless Users
Screen - Delete Clientless User
Screen Elements Description
Select Select User Click Select to select More than one user can be selected
Select All Selects all the users Click Select All to select
Delete User button Deletes the selected User(s)
Table - Delete User
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 66
Deactivate User
User is de-activated automatically in case he has overused one of the resources defined by olicies assigned. In case, need arises to de-activate user manually, select User management p
→ Manage Users → Manage Active
Screen - Deactivate User
Screen Elements Description
Select Select User Click Select to select More than one user can be selected
Select All Select all the users Deactivate button Deactivates the selected User(s)
Table - Deactivate User screen element
View the list of deactivated users by User management → Manage Users → Manage Deactive
Management Cyberoam User Guide User Management
eLitecore Technologies Ltd. 67
Ac
To sign on Client user, click User management → Manage Us ge Dea To activate Clientless us Clientless Users → Manage Deactive
tivate User
activate normal and Single ers → Mana ctive
er, click User management →
Screen - Activate Normal User
Screen - Activate Clientless User
Screen Elements Description
Select Select User Click Activate to select More than one user can be selected
Select All Selects all the users Click Select All to select
Activate button Activates the selected User(s)
Table - Activate User screen element
Policy Management Cyberoam User Guide Surfing Quota policy
eLitecore Technologies Ltd. 68
P t ws controlling access to various resources with the help of Policy.
Cyberoam comes with several predefined policies or you can create additional policies to meet your organization’s requirements. Cyberoam allows defining following types of policies: 1. Surfing Quota policy 2. Access time policy 3. Bandwidth policy 4. Security policy 5. Printing policy
Surfing Quota policy
Surfing quota policy defines the duration of Internet surfing time. The surfing time duration is the allowed time in hours for a Group or an Individual User to access Internet. The Surfing quota policy allows allocating Internet access time on a cyclic or non-cyclic basis. A single policy can be applied to number of Groups or Users.
Create Surfing Quota policy
Select Policy Management Surfing Quota Policy Create to open the create policy pane
olicy ManagemenCyberoam allo
Policy Management Cyberoam User Guide Surfing Quota policy
eLitecore Technologies Ltd. 69
Screen - Create Surfing Quota policy
Screen Elements Description
Create Surfing time policy Policy name Assign name to the policy. Choose a name that best describes the policy
Allows maximum of 40 chaCan be any c
racters
mbination of A – Z, a – z, ‘_’, 0 - 9 oCycle type Assigns cycle
Available optiDaily – restric ily basis Weekly – rest weekly basis Monthly – res hly
d on yearly basis
type
ons ts surfing hours up to cycle hours defined on daricts surfing hours up to cycle hours defined on
tricts surfing hours up to cycle hours defined on montbasis Yearly – restricts surfing hours up to cycle hours defineNon-cyclic – no restriction
Cycle hours Not available for ‘Non cyclic’ cycle type
Specifies upper limit of surfing hours for cyclic type policies At the end of each Cycle, cycle hours are reset to zero i.e. for ‘Weekly’ Cycle type, cycle hours will to reset to zero every week even if cycle hours are unused/ not exhausted
Allotted time or Unlimited time
Allots surfing time in Hours & minutes or Creates Unlimited time policy
Allotted Days or Unlimited Days
Allots allowed surfing days or Creates Unlimited days policy
Shared allotted time with group members
Specifies whether the allotted time will be shared among all the group members Click to share Only if policy is defined for Unlimited time or for Non-cyclic cycle type
Description Full description of the policy Allows maximum of 255 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
Create button Creates the policy After successful creation, policy is automatically added to the lists of available policies for assigning to users and groups
Table - Create Surfing Quota policy screen elements
Policy Management Cyberoam User Guide Surfing Quota policy
eLitecore Technologies Ltd. 70
Update Surfing Quota policy
Screen - Update Surfing quota policy
Select Policy management → Surfing quota policy → Manage and Click Policy name link to update
Screen Elements Description
Edit Surfing time policy Policy name Displays policy name, modify if required
Allows maximum of 40 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
Cycle Displays Cycle, modify if required Allotted Periodic hours
Allotted Cycle hours
Allotted time Or Unlimited time
Displays allotted time in hours, minutes, modify if required
Allotted Days Or
Displays allotted days, modify if required
Policy Management Cyberoam User Guide Surfing Quota policy
eLitecore Technologies Ltd. 71
Unlimited Days Shared allotted time Displays with group members the group members or not, modify if required
whether the total allotted time is shared among
Description Displays description of the policy, modify if required Allows maximum of 255 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
Update button Updates and saves the policy Cancel button Cancels the current operation
Table - Update Surfing quota policy screen elements
Policy Management Cyberoam User Guide Surfing Quota policy
eLitecore Technologies Ltd. 72
Delete Surfing Quota policy
Select Policy management → Surfing time policy → Manage to view list of policies
Scree
n - Delete Surfing quota policy
Screen Elements Description
Del r deletion
More than one policy can also be selected
Select the Surfing quota policy fo Click Del to select
Select All Select all the surfing quota policies for deletion Click Select All to select all the policies
Delete policy button Delete the selected policy/policies
Table - Delete Surfing quota policy screen elements
Policy Management Cyberoam User Guide Access time policy
eLitecore Technologies Ltd. 73
Access time policy
Access time is the time period during which the user will be allowed access. An example would be “only office hours access” for a certain set of users. The Access time policy enables to set time periods for access with the help of schedules. Refer to Schedules for details. Define access time policy on two basic strategies:
1. Allow strategy 2. Disallow strategy
Allow strategy
By default, access is allowed for the schedule applied
Disallow strategy
By default, access is disallowed for the schedule applied
Create Access time policy
Prerequisite • Schedule created
Select Policy Management Access time Policy Create to open the create policy pane
Screen
- Create Access time policy
Policy Management Cyberoam User Guide Access time policy
eLitecore Technologies Ltd. 74
Screen Elements Description
Access time policy details Policy name Assig name that best describes
the policy to be created Allows maximum of 50 characters Can be any of A – Z, a – z, ‘_’, 0 - 9
n name to the policy. Choose a
combination Schedule
Assigns a schedule to the policy
lick Sched
k Show s of the policy
C ule list to select
Clic details link to view the detailStrategy for selected Schedule
S
elect basic strategy
Description Full descrip Allows maxCan be any
tion of the policy
imum of 255 characters combination of A – Z, a – z, ‘_’, 0 - 9
Create button Creates the policy
Table - Create Ac elementscess time policy screen
Access time policy Cyberoam User Guide Update Access time policy
eLitecore Technologies Ltd. 75
Update Access time policy
ment → Access time policy → Manage and Click Policy name link to update
Access time policy
Select Policy manage
en - Update Scre
Screen Elements De cription s
Acces cy details s time poliName Displays policy name, modify if required Schedule Di
To modify,
Click Show Details link to view details of the selected schedule
splays selected schedule
Click Schedule list to select new schedule
Strategy for selected Schedule
Displays the Schedule strategy Cannot be modified
Description Displays the description of the policy, modify if required Save button Saves the modified details Cancel button Cancels the current operation
Table - Update Access time policy screen elements
Access time policy Cyberoam User Guide Update Access time policy
eLitecore Technologies Ltd. 76
Delete Access time policy
iew list of policies Select Policy management → Access time policy → Manage to v
Screen - Delete Access time policy
Screen Elements Description
Del Select the Access time policy for deletion Click Del to select More than one policy can also be selected
Select All Select all the Access time policies for deletion Click Select All to select all the policies
Delete policy button Delete the selected policy/policies
Table - Delete Access time policy screen elements
Policy Management Cyberoam User Guide Security policy
eLitecore Technologies Ltd. 77
Security policy
Security policy controls User’s web access. It helps to manage web access specific to the organization’s need. It specifies which user has access to which sites or applications and allows
efining powerful security policies based on almost limitless policy parameters like:
ocation/Port/Protocol type
hen defining a policy, you can deny or allow access to an entire application category, or to
By default, Allows the user to view everything except the sites and files specified in the web cateE.g. To allow access to all sites except Mail sites
viewing everything except the sites and files specified in the
dIndividual users Groups of users
ime of day TLContent type Bandwidth usage (for audio, video and streaming content) Windividual file extensions within a category. For example, you can define a policy that blocks access to all audio files with .mp3 extensions. Two basic types of security policy:
1. Default Allow 2. Default Disallow
Default Allow
gories
Default Disallow
By default, Prevents the user fromweb categories E.g. To disallow access to all sites except certain sites
Policy Management Cyberoam User Guide Security policy
eLitecore Technologies Ltd. 78
Create a new Security policy
Se gem Policy Create Policy to open the create po
lect Policy Mana ent Security licy pane
Screen - Create Security policy
Screen Elements Description
Security policy details Name Assign name to the polic
describes the policy to b
ination
y. Choose a name that best e created
Allows maximum of 60 chaCan be any comb
racters of A – Z, a – z, ‘_’, 0 - 9
Security policy type Select default policy Description Full description of the po
5 n
licy Allows maximum of 25Can be any combinatio
characters of A – Z, a – z, ‘_’, 0 - 9
Create button Creates policy and allowrestriction Refer to Add Web Categ add web category restriction
s to add web category
ories to
Table - Create Security policy
screen elements
Policy Management Cyberoam User Guide Security policy
eLitecore Technologies Ltd. 79
Update Security policy
rity Policy Manage Policy and click the policy name to be updated Select Policy Management Secu
Screen - Update Security policy
Screen Elements Description
Security policy details Name Displays the name of the policy, modify if required Security policy type Displays the type of the policy
Cannot be modified
Description Displays the description of the policy, modify if required Save button Saves the modified details Manage Web Category button Allows to add/remove web category details
Refer to Manage Web Category for details
Show details button s the web category restriction details
Close to close the window
Open a new window and display
Click
Show Policy Members button Open a new window and displays details of all the policy members
Close to close the window Click
Cancel button Cancels the current operation
Table lements - Update Security policy screen e
Policy Management Cyberoam User Guide Security policy
eLitecore Technologies Ltd. 80
Manage Web Category
Screen - Manage Web category
Screen Elements Description
Add Web category button Allows to add a web category Delete Web category button Allows to delete the web category Manage Security Policy button Returns back to the previous screen Update button Updates and saves the modified details Moveup button Moves the selected web category one step up
Click on the web category which is to be moved up followed by Move Up button The selected web category will be highlighted Click MoveUp to move the selected web category by one step upwards
Move down button Moves the selected web category one step down Click on the web category which is to be moved up followed by Move Down button The selected web category will be highlighted Click MoveDown to move the selected web category by one step downwards
Table - Manage Web category screen elements
Policy Management Cyberoam User Guide Security policy
eLitecore Technologies Ltd. 81
Add Web Category
Screen - Add Web category
Screen Elements Description
Web Category details Name of Secur the detail will
be attached ity policy Displays security policy name to which
Security policy description Displays policy description Web category name li Allows to select web category
Click to select
st
Strategy Allows/Disallows the access to the web categories n the schedule during the period defined i
Schedule categories the period
edule
epend on the strategy selected
Allows/Disallows the access to the Webaccording to the strategy defined duringdefined in the sch Allow/Disallow will d
Show details link the
k to view
Opens a new window and displays the details of schedule ClicClick Close to close the window
Add to Security policy button Assigns the web category to the security policy Click to assign
Cancel button Cancels the current operation
Table - Add Web category screen elements
Policy Management Cyberoam User Guide Security policy
eLitecore Technologies Ltd. 82
Remove Web Category
Screen - Delete Web category
Screen Elements Description
Del Select the Web category for deletion Click Del to select More than one category can also be selected
Select All Select all the categories for deletion Click Select All to select all the categories for deletion
Delete Web Category button
Delete the selected categories
Table - Delete Web category screen elements
Policy Management Cyberoam User Guide Security policy
eLitecore Technologies Ltd. 83
Delete Security Policy
Select Policy Management Security Policy Manage Policy
Screen - Delete Security policy
Screen Elements Description
Del Select the policy for deletion Click Del to select More than one policy can be selected
Select All Select all the policies for deletion Click Select All to select all the policies for deletion
Delete policy button Delete the selected policies
Table - Delete Security policy screen elements
Policy Management Cyberoam User Guide Bandwidth policy
eLitecore Technologies Ltd. 84
Bandwidth policy
ssing through a media over a period of time and is measured in r kilobits per second (kbits) (1 Byte = 8 bits).
B r and controls web and n
policy is to manage and distribute total bandwidth on certain parameters and user ttributes.
The Internet influences your organization’s network in such a way that if left unchecked, streaming media and recreational Web surfing can clog network with unneeded and insignificant traffic and starve mission-critical applications of the bandwidth necessary to run effectively. Bandwidth policy allows to define limits for the maximum bandwidth individual users can request.
Bandwidth policy allows speeding up time-critical applications and users and pace less-urgent traffic based on organization’s priorities. It can be defined for:
1. Host Group 2. User 3. IP address
Host Group based bandwidth policy
It restricts the bandwidth of a under the host group will share
ser based bandwidth policy
It restricts pa There are two types of bandwidth restriction 1. 2.
Strict
In this typ th restrict . Two ways to implemen
1. + Dow2. am an
Bandwidth is the amount of data paterms of kilobytes per second (kbps) o
andwidth policy allocates & restricts the bandwidth usage of the useetwork traffic.
As bandwidth is a limited resource, it needs to be managed efficiently. The primary objective of bandwidtha
host group i.e. all the users defined the allocated bandwidth.
U
the bandwidth of a rticular user.Strict Committed
e of bandwid ion, user cannot exceed the defined bandwidth limitt strict policy:
Total (Upstream nstream) Individual Upstre d Individual Downstream
Implementation on Bandwidth specified Example
Total (Upstream + Downstream)
Total bandwidth Total bandwidth is 20 kbps upstream and downstream combined cannot cross 20 kbps
Individual Upstream and Individual Downstream
Individual bandwidth i.e. separate for both
Upstream and Downstream bandwidth is 20 kbps then either cannot cross 20 kbps
Table - Implementation types for Strict - Bandwidth policy
Policy Management Cyberoam User Guide Bandwidth policy
eLitecore Technologies Ltd. 85
Strict policy – Bandwidth usage
Bandwidth usage Bandwidth specified
Individual for a particular user Shared Shared among all the users who have been assigned this policy
Table - Bandwidth usage for Strict - Bandwidth policy
Com
In t ser is allocated the guaranteed amount of bandwidth and can dra It enables to assign fixed minimum and maximum amounts of bandwidth to users. By borrowing excess bandwidth when it is av guaranteed minimum limits, up rate. Guar minimum bandwidth to critical users to rec k and non-peak traffic periods. Gua nts the m ents the ma that a user Two ways
1. Total (Upstream + Downstream) 2. Individual Upstream and Individual Downstream
mitted
his type of bandwidth restriction, u definew bandwidth up to the d burst-able limit, if available.
ailable, users are able to burst aboveto the burst-able anteed rates also assure eive constant levels of bandwidth during pea
ranteed represeximum bandwidth
inimum guaranteed bandwidth and burst-able represan use, if available. c
to implement committed policy:
Implementation on Bandwidth specified Example
Total (Upstream + Downstream)
Guaranteed bandwidth Burstable bandwidth
Guaranteed bandwidth is 20 kbps upstream and downstream combined will get 20 kbps guaranteed (minimum) bandwidth Burstable bandwidth is 50 kbps upstream and downstream combined can get up to 50 kbps of bandwidth (maximum), if available
Individual Upstream and Individual Downstream
Individual Guaranteed and Brustable bandwidth i.e. separate for both
Individual guaranteed bandwidth is 20 kbps Individually get 20 kbps guaranteed (minimum) bandwidth Individual brustable bandwidth is 50 kbps Individually get maximum bandwidth up to 50 kbps, if available
Table - Implementation types for Committed - Bandwidth policy
Committed policy – Bandwidth usage
Bandwidth usage Bandwidth specified
Individual for a particular user Shared Shared among all the users who have been assigned this policy
Table - Bandwidth usage for Committed - Bandwidth policy
Policy Management Cyberoam User Guide Bandwidth policy
eLitecore Technologies Ltd. 86
IP address based bandwidth policy
It restricts the bandwidth for a particular IP address. It is similar to the User based policy with the same type of restrictions on Implementation type & Bandwidth usage.
Create Bandwidth policy
Select Policy Management Bandwidth Policy Create to open the create policy pane
Screen - Create Bandwidth policy
C
ommon Screen Elements
Screen Elements Description
Bandwidth restriction details Policy name Assign name to the policy. Choose a name that best
y to be created describes the polic Allows maximum of 50 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
Description Full description of the policy Allows maximum of 250 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
Create button Creates the policy Cancel button Cancels the current operation
Table - Create Bandwidth policy - Common screen elements
Bandwidth policy Cyberoam User Guide Creat e Host Group based bandwidth policy
eLitecore Technologies Ltd. 87
C roup ba
Select Policy Manage ent Bandwidth Policy Create to open the create policy pane
reate Host G sed bandwidth policy
m
Scr
een - Create Host group based Bandwidth policy
Screen Elements Description
Bandwidth Restriction Details Policy based on host group based policy Click Host Group to create Total Bandwidth
Maximum bandwidth limit is 4096 kbps
Allocates maximum amount of bandwidth, expressed in terms of kbps
Table - Cre width policy screen elements ate Host group based Band
Bandwidth policy Cyberoam User Guide Create User/IP address based Strict bandwidth policy
eLitecore Technologies Ltd. 88
Create User/IP address based Strict bandwidth policy
Screen - Create User/IP based Strict Bandwidth policy
Screen Elements Description
Bandwidth Restriction Details Policy based on
eate IP address based policy
Creates policy
Click User to create User based policy Click IP Address to cr
Policy type Type of bandwidth restriction Click Strict to apply strict policy
Implementation on n the selection
l
Implements Bandwidth restriction depending o Click Total to implement bandwidth restriction on the Total (Upstream + Downstream) Click Individual to implement bandwidth restriction on the IndividuaUpstream and Individual Downstream bandwidth
Total bandwidth (Only for ‘TOTAL’
tation typ
ms of
allowed is 2 kbps and Maximum is 4096 kbps implemen e)
Minimum bandwidth
Allocates maximum amount of Total bandwidth, expressed in terkbps
Upload Bandwidth
typ
ount of Upstream Bandwidth, expressed in
imum bandwidth allowed is 2 kbps and Maximum is 4096 kbps
(Only for ‘INDIVIDUimplementation
AL’ Specifies maximum amterms of kbps
e) Min
Download Bandwidth(Only for ‘INDIVIDUim
ownstream Bandwidth, expressed in
Minimum bandwidth allowed is 2 kbps and Maximum is 4096 kbps
AL’
Specifies maximum amount of Dterms of kbps
plementation type)
Bandwidth policy Cyberoam User Guide Create User/IP address based Strict bandwidth policy
eLitecore Technologies Ltd. 89
B ndwidth specified can be for a particular User or Shared among all the users who have been assigned this policy
Click Shared to be shared among the users
andwidth usage Ba
Click Individual for a particular User
Table - Create User/IP based Strict Bandwidth policy screen elements
Bandwidth policy Cyberoam User Guide Create User/IP address based committed bandwidth policy
eLitecore Technologies Ltd. 90
Create User/IP address based committed bandwidth policy
Screen - Create User/IP based Committed Bandwidth policy
Screen Elements Description
Bandwidth Restriction Details Policy based on Creates policy based on the selection
Click User to create User based policy Click IP Address to create IP address based policy
Policy type Click Committed to apply committed policy
Type of bandwidth restriction
Imp Impleme h restriction depending on the selection
Total to implement bandwidth restriction on the Total (Upstrea Click Individu restriction on the Individual Upstream stream bandwidth
lementation on nts Bandwidt Click
m + Downstream)
al to implement bandwidth and Individual Down
Gu n)/ Bu(Onim
Allocates th,
Minimum nd Maximum is 4096 kbps
aranteed (Mirstable(Max) ly for ‘TOTAL’
expressed in term
plementation type)
Guaranteed and Burstable amount of Total bandwids of kbps
bandwidth allowed is 2 kbps aGuaranteed (Min)/ Bursta d Ba(Onim
Specifies stable amount of Upstream Bandwid
m andwidth allowed is 2 kbps and Maximum is 4096 kbps
ble(Max) Uploandwidth ly for ‘INDIVIDUAL’
Minimu
plementation type)
Guaranteed and Burth, expressed in terms of kbps
b
GuBu ownload Ba(Onimplementation type)
Specifies Guaranteed and Burstable amount of Downstream Bandwid , expressed in terms of kbps Minimum bandwidth allowed is 2 kbps and Maximum is 4096 kbps
aranteed (Min)/ rstable(Max) Dndwidth ly for ‘INDIVIDUAL’
th
Bandwidth policy Cyberoam User Guide Create User/IP address based committed bandwidth policy
eLitecore Technologies Ltd. 91
Ba e Bandwid a particular User or Shared among all the us Click IndClick Sha
ndwidth usag th specified can be for ers who have been assigned this policy
ividual for a particular User red to be shared among the users
Table - Create User/IP based Committed Bandwidth policy screen elements
Bandwidth policy Cyberoam User Guide Update Bandwidth policy
eLitecore Technologies Ltd. 92
Update Bandwidth policy
Need to update Bandwidth Policy 1. Add/remove schedule based details to User/IP address based policy 2. Add/remove IP addresses attached to the IP address based policy 3. Update bandwidth values
Select Policy management → Bandwidth policy → Manage and Click Policy name link to update
Screen - Update Bandwidth policy
Common Screen Elements
Screen Elements Description
Bandwidth restriction details Policy name Displ y name, modify if
requi d ays the Bandwidth policre
Description Displrequi
ays the Bandwidth policy description, modify if red
Update button Updates and saves the policy Cancel button Cancels the current operation
Table - Update Bandwidth policy Common screen elements
Bandwidth policy Cyberoam User Guide Update Host group based bandwidth policy
eLitecore Technologies Ltd. 93
Update Host group based bandwidth policy
Screen - Upda
te Host group based Bandwidth policy
Screen Elements Description
Bandwidth Restriction Details Show members link Opens a new browser window and displays bandwidth
restriction details and the member groups of the policy Click Close to close the new window
Policy based on Cannot be modified Default values to be applied all the time Implementation on Cannot be modified Total Bandwidth Displays total bandwidth for the group, modify if required
Maximum bandwidth limit is 4096 kbps
Table - Update Host group based Bandwidth policy screen elements
Bandwidth policy Cyberoam User Guide Update User based Bandwidth policy
eLitecore Technologies Ltd. 94
Update User based Bandwidth policy
Screen - Update User based Bandwidth policy
Screen Elements Description
Bandwidth Restriction details Show members link Opens a new browser window and displays bandwidth restriction
details, schedule details and the members/users of the policy Click Close to close the new window
Policy based on Cannot be modified Default values to be applied all the time Implementation on Cannot be modified Total Bandwidth Displays the total bandwidth value, modify if required
This option is available only when the bandwidth policy implementation is based on Total (Upstream + Downstream)
Upload Bandwidth Modifies the Upstream bandwidth value This option is available only when the bandwidth policy implementation is based on Individual(Upstream / Downstream)
Download Bandwidth Modifies the Downstream bandwidth value This option is available only when the bandwidth policy implementation is based on Individual(Upstream / Downstream)
Policy type Cannot be modified
Bandwidth policy Cyberoam User Guide Update User based Bandwidth policy
eLitecore Technologies Ltd. 95
Update button Updates the changes made in ‘Ba‘Default values to be applied all the time’
ndwidth restriction details’ and
Add details button Attaches schedule to override default bandwidth restriction Click Add details To edule details add schedule details refer to Attach Sch
Table - Update User based Bandwidth policy screen elements
Attach Schedule details
Strict
Screen – Assign Schedule to User based Strict Bandwidth policy
Screen Elements Description
Bandwidth restriction details Policy name Displays the policy name Policy type Type of bandwidth restriction
Click Strict to apply strict policy
Implementation on Implements bandwidth restriction on Total or Upstream & downstream individually For Total
andwidth,
For Individual Upload Bandwidth - Allocates maximum amount of Upstream bandwidth, expressed in terms of kbps Download Bandwidth - Allocates maximum amount of Downstream bandwidth, expressed in terms of kbps
Total Bandwidth - Allocates maximum amount of Total bexpressed in terms of kbps
Schedule Schedule to be attached
Sc Click hedule list to select
Show detail s the ne edule selected Click Cl
s link Open w browser window and displays the details of the sch
ose to close the new window
Table – Assign Schedule Bandwidth policy screen elements to User based Strict
Bandwidth policy Cyberoam User Guide Update User based Bandwidth policy
eLitecore Technologies Ltd. 96
Committed
Screen - Assign Schedule to User based Committed Bandwidth policy
Screen Elements Description
Bandwidth restriction details Policy name Displays the policy name Policy type Type of bandwidth restriction
Click Committed to apply committed policy
Implementation on Implements bandwidth restriction on Total or Upstream & downstream individually For Total Guaranteed(Min) Bandwidth - Allocates minimum guaranteed amount of Total bandwidth, expressed in terms of kbps Brustable(Max) Bandwidth - Allocates maximum amount of Total bandwidth, expressed in terms of kbps For Individual Guaranteed(Min) Upload Bandwidth - Allocates minimum guaranteed amount of Upstream bandwidth, expressed in terms of kbps Brustable(Max) Upload Bandwidth - Allocates maximum amount of Upstream bandwidth, expressed in terms of kbps Guaranteed(Min) Download Bandwidth - Allocates minimum guaranteed amount of Downstream bandwidth, expressed in terms of kbps Brustable(Max) Download Bandwidth - Allocates maximum amount of Downstream bandwidth, expressed in terms of kbps
Schedule Schedule to be attached Click Schedule list to select
Show details link Opens the new browser window and displays the details of the schedule selected Click Close to close the new window
Table – Assign Schedule to User based Committed Bandwidth policy screen elements
Bandwidth policy Cyberoam User Guide Update User based Bandwidth policy
eLitecore Technologies Ltd. 97
Remove Schedule details
move Schedule from User basedScreen - Re Bandwidth policy
Screen Elements Description
Select Selects the Schedule detail(s) for deletion
More than one schedule details can also be selected
Click Select to select
Select All Selects all the details for deletion Click Select All to select all the details
Remove Detail button Removes the selected schedule detail(s)
Table - Remove Schedule from User based Bandwidth policy screen elements
Bandwidth policy Cyberoam User Guide Update IP address based bandwidth policy
eLitecore Technologies Ltd. 98
Update IP address based bandwidth policy
Sc cy
reen - Update IP address based Bandwidth poli
Screen Elements Description
Bandwidth restriction details Policy name Displays policy name, modify if required Policy based on Displays policy based on
Cannot be modified
Description Displays description of the policy, modify if required Default values to be applied all the time Implementation on Displays implementation type
Cannot be modified
Total Bandwidth Only if Implemented on ‘Total’
Displays total bandwidth allocated, modify if required
Upload bandwidth Only if Implemented on ‘Individual’
Displays Upload bandwidth allocated, modify if required
Download bandwidth Only if Implemented on ‘Individual’
Displays Upload bandwidth allocated, modify if required
Bandwidth policy Cyberoam User Guide Update IP address based bandwidth policy
eLitecore Technologies Ltd. 99
Policy type Cannot be modified Update button Updates the changes made in ‘Bandwidth restriction
details’ and ‘Default values to be applied all the time’ Cancel button Cancels the current operation Add Detail button Attaches schedule to override default bandwidth
To add details refer to Attach Schedule details
restriction
Click Add details
Add IP Address button Attach policy to IP address Click Add IP AddressTo add IP address refer to Add IP Addresses to IP Address based bandwidth policy
Add IP Addresses to IP Address based bandwidth policy
dress to IP address based Bandwidth policy
Screen – Add IP ad
Screen Elements Description
Host group name Host group Click Host G
from which IP address is to be added
roup name list to select Select Selects the I
Click Select to select More than one IP address can also be selected
P address(s) to be added
Select All Selects all the IP addresses Apply Restriction Add the IP addresses to the policy
Bandwidth policy Cyberoam User Guide Update IP address based bandwidth policy
eLitecore Technologies Ltd. 100
button Click Apply restriction
Cancel button Cancels the current operation
Table - Add IP address to IP address based Bandwidth policy screen elements
Remove IP Addresses from IP Address based bandwidth policy
Screen - Remove IP address idth policy screen elements from IP address based Bandw
Screen Elements Description
Select Selects IP address to be removed Click Select to select More than one IP address can also be selected
Select All lects all IP addresses
ses
Se Click Select All to select all the IP addres
Remove IP Address button Removes the selected IP addresses
Table P address f elements
- Remove I rom IP address based Bandwidth policy screen
Policy Management Cyberoam User Guide Printing Policy
eLitecore Technologies Ltd. 101
Delete Bandwidth policy
Prerequisite • Bandwidth policy not attach , user or IP address ed to any host group
Select ement nage to view the list of policies
Policy manag → Bandwidth policy → Ma
Screen - Delete Bandwidth policy
Screen Elements Description
Del Selects the Bandwidth policy for deletion Click Del to select More than one policy can also be selected
Select All Selects all the polices for deletion Click Select All to select all the policies
Delete button Delete the selected policy/policies
Table - Delete Bandwidth policy screen elements
Policy Management Cyberoam User Guide Printing Policy
eLitecore Technologies Ltd. 102
Printing Policy
T sage of printers, define printer policy. It allows to restrict printing of total number of page r or IP address.
reate Printing policy
Select Policy Management Printing Policy Create to open the create policy pane
o restrict the us for groups, individual use
C
Screen - Create Printing policy
Screen Elements Description
Create Printing policy Policy name am y. Choose a name that best describes the
policy Allows maximum of 60 chaCan be any a – z, ‘_’, 0 - 9
Assign n e to the polic
racters ombination of A – Z, c
Cycle type Assigns cyc
vailable opDaily – rest n daily basis Weekly – re ed on weekly basis
re ed on monthly basiYea s defined on yearly basis All the time – no restriction
le type
A tricts printing u
ions p to pages number defined o
stricts printing up to page numbers definMonthly – stricts printing up to page numbers defin
s rly – restricts printing up to page number
Pages per cycle Not available for ‘All the time’ cycle type
Specifies upper limit for printing pages for cyclic type policies
Total Allotted pages or Unlimited pages
Allots total number of pages that can be printed or Creates Unlimited pages printing policy
Description Full description of the policy Allows maximum of 255 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
Create button Creates the policy
Table - Create Printing policy screen elements
Printing Policy Cyberoam User Guide Define IP address for Unrestricted printer access
eLitecore Technologies Ltd. 103
Define IP address for Unrestricted printer access
elect Policy Management Printing Policy Allow Printing and click Add IP SAddress
Screen - Unrestricted Printer access
Screen – Add IP address for Unrestricted Printer access
Printing Policy Cyberoam User Guide Define IP address for Unrestricted printer access
eLitecore Technologies Ltd. 104
Screen Elements Description
Host group name Host group from which IP address is to be added Click Host Group name list to select
Select Selects the IP address(s) to be added Click Select to select More than one IP address can also be selected
Select All Selects all the IP addresses Allow printing button
Places no restriction for printer usage on IP addresses specified Click Allow printing
Cancel button Cancels the current operation
Table – Add IP address for Unrestricted Printer access screen elements
Printing Policy Cyberoam User Guide Update Printing policy
eLitecore Technologies Ltd. 105
Update Printing policy
Select Policy management → printing policy → Manage to view the list of policies
S
creen - Update Printing policy
Screen Elements Description
Edit Printing policy P plaolicy name Dis ys policy name, modify if required Cycle type Displays Cycle type, modify if required Pages per cycle be printed in the
selected cycle, modify if required Displays upper limit of number of pages that can
Total Allotted pages Or Unlimited pages
Displays total allotted pages, modify if required
Description Displays modify if required description of the policy, Update button Updates and saves the policy C C rrent operation ancel button ancels the cu
Table - Update Printing policy screen elements
Printing Policy Cyberoam User Guide Delete Printing policy
eLitecore Technologies Ltd. 106
Delete Printing policy
Screen - D olicy
elete Printing p
Screen Elements Description
Del Selects the p cy for deletion
More than one policy can also be selected
rinting poli
Click Del to select
Select All Selects all the polices for deletion
select all the policies Click Select All to
Delete policy button Delete the selected policy/policies
Table - Delete Printing policy screen elements
Management Cyberoam User Guide Host Group Management
eLitecore Technologies Ltd. 107
Host Group Management
Se
arch Node Tab to search the Node/IP address based on: IP address OR MAC ad
anagement Search Node
Screen - Search Node
arch Node
Use Se dress Select User Management Host Group M
Example Search criteria Result
‘1’ list of nodes whose address contains ‘1’ ‘192’ list of nodes whose a
‘192’ ddress contains
‘192.9.203.203 ‘ node whose address is ‘192.9.203.203’ ‘b’ des whose address contains ‘B’ list of no‘4C’ ose address contains ‘4C’ list of nodes wh‘B7’ list of nodes whose address contains ‘B7’
Table - Search Node results
Management Cyberoam User Guide Host Group Management
eLitecore Technologies Ltd. 108
Update Host Group
Select User Manageme Host and click the host group name link to whi
nt Host Group Management Manage ch Node is to modify
Screen - Update Host group
Screen Elements Description
Host group details Host group name Displays Host group name, modify if required Is host group Public Displays whether host group is of public IP addresses
or not Bandwidth policy Displays bandwidth policy attached, modify if required Show details link Opens the new browser window and displays
bandwidth restriction details and policy members Description Displays description of the Host group, modify if
required Show Nodes link Displays IP addresses defined under the Host group.
Allows to Add or Delete node
Management Cyberoam User Guide Host Group Management
eLitecore Technologies Ltd. 109
Click Show nodes Click Add Node To add node refer to Add node Click Delete Node To delete node refer to Delete node
Update button Updates and saves the details Cancel button Cancels the current
Table - Update Host group screen elements
Add Node
Screen - Add Node
Screen Elements Description
Machine details IP ess of the Node to be added to the host group address IP addrRa
d in the host group
nge link Click to add range of IP Address From – To - IP addresses to be include
Machine name ine name Specify machCreate button odes to the host group Adds the nCancel button nt operation Cancels the curre
Table - Add Node screen elements
Management Cyberoam User Guide Host Group Management
eLitecore Technologies Ltd. 110
Delete Node
Prerequsite • Not assigned to any User
Screen - Delete Node
Screen Elements Description
Select Select the IP address of the node for deletion Click Select to select More than one node can also be selected
Select All Selects all the nodes for deletion Click Select All to select all the nodes
Delete Node button Delete the selected Node(s)
Table - Delete Node screen elements
Management Cyberoam User Guide Host Group Management
eLitecore Technologies Ltd. 111
Delete Host Group
Prerequisite • IP address from Group not assigned to any User
Select User Management Host Group Management Manage Host
Screen - Delete Host group
Screen Elements Description
Del Select the Host group(s) for deletion
More than one host group can also be selected
Click Del to select
Select All
deletion
Select all the host groups for deletion Click Select All to select all the host groups for
Delete Host Group button
t group(s) Delete the selected hos
Tabl mentse - Delete Host group screen ele
System Management Cyberoam User Guide Network Management
eLitecore Technologies Ltd. 112
Sy Managem
Network Management
Network ting consists of Interfa way Configuration and DNS Configuration. Configure Netw ired, from GUI. For details, refer to the Installation Guide for N The first step is to add ration, update Interface Configuration if required
o configure, follow the steps:
stem ent
set ce Configuration, Gateork from Console and update if requ
etwork.
the Gateway details using Gateway configu and specify the DNS (Domain Name Server).
T
Note Before you configure network, make sure that you have the correct information and any needed IP addresses. If you configure incorrectly, the server will not be able to connect to the network (Internal or external)
Multiple Gateway configuration
Gateway routes the traffic between the networks and if the gateway fails the communication with the outside Network is not possible. In this case, organization and its customers are left with significant downtime and financial loss. To cope with this situation, organizations opt for multiple gateways. However, simply adding one more gateway is not an end to the problem. Optimal utilization of all the gateways is also necessary. Cyberoam supports multiple gateways and provides a way to utilize total bandwidth of all the gateways. Cyberoam provides the load balancing & failover feature to utilize total bandwidth of all the gateways optimally. Load balancing & failover Load balancing distributes traffic across various gateways, optimizing the utilization of links to accelerate performance and cut operating costs. Employing a weighted round robin algorithm for load balancing, Cyberoam enables maximum utilization of capacities across the various links. Load balancing serves two distinct purposes:
1. Prevent links from becoming overloaded, because of too much traffic. Spreading the load of one link over several links can lead to huge performance improvements.
2. Provide redundancy and failover protection. If one link goes down then one of the other links
can step in and take over. Users will not experience any downtime. Select System Management Network Gateway Configuration
System Management Cyberoam User Guide Network Management
eLitecore Technologies Ltd. 113
Screen - Gateway Configuration
Screen Elements Description
Gateway Name Displays Gateway name Gateway IP address Displays IP address of the Gateway configured
uses to reach The IP address of the device Cyberoam
devices on a different Network, typically a router Weight Displays weight assigned to the Gateway Add Gateway button Adds a new Gateway
Re teway for details fer to Add Ga
Delet(Onlygatew
lected gateway
e
e Gateway button Deletes the se if more than one
ay is defined) R fer to Delete Gateway for details
Table - Gatew
Add Gateway
ay Configuration screen elements
Screen - Add Gateway
Screen Elements Description
Gateway Details Gateway name Assign name to the Gateway IP address IP address of the Gateway Weight Assig eight to the gateway
Depending on the weight assigned, Cybegateway for load balancing
n w
roam will select
Create button Defines a new Gateway
System Management Cyberoam User Guide Network Management
eLitecore Technologies Ltd. 114
Cancel button Cancels the current operation
Table - Add Gateway screen elements
D elete Gateway
Screen - Delete Gateway
Screen Elements Description
Select Select the gateway to be deleted Click to select
Select All Select all the Gateways for deletion Click Select All to select all the Gateways for deletion
Delete Gateway button Deletes the selected gateway
e
Click to delet
Table - Delete Gateway screen elements
Note If only one gateway is defined then it cannot be deleted
System Management Cyberoam User Guide Network Management
eLitecore Technologies Ltd. 115
Gateway specific routing
It is possible to route a particular Ne ork through a particular gateway. Select System Management Configuration and click the gateway name link to
Screen - Add Network
tw
Network Gateway which Network is to added
Screen Elements Description
Gateway details Gateway name Displays Gateway name IP address Displays Gateway IP address Weight Displays the weight assigned to the gateway Save button Saves the modified details Cancel button Cancels the current operation Add Network button Allows to add a network which will be routed through the
selected gateway Click Add Network to add
Delete Network button Allows to delete a network Click Delete Network to delete
Network ID Specify the Network ID for the Network to be added to the above specified Gateway
Net mask Specify the Net mask for the Network Show Nodes link Displays the list of Nodes
System Management Cyberoam User Guide Network Management
eLitecore Technologies Ltd. 116
Ok button Adds Network to the Gateway Cancel button Cancels the current operation
Table - Add Network screen elements
Interface Configuration
Use to view the Gateway and Interface configuration Select System Management Network Interface Configuration
Screen - Inte figuration
rface Con
Screen Elements Description
Gateway information Gateway Displays Gateway IP address Interface name (Internal) IP address Displays IP address of the Internal Interface
Internal Interface connects the server with the clients. By default, eth0 is termed as the Internal Interface
Net mask Displays the Net mask Interface name (External) IP address Displays IP address of the External Interface
External Interface connects the server to the external network By default, eth1 is termed as the External Interface
Net mask Displays the Net mask
Table - Interface Configuration screen elements
System Management Cyberoam User Guide Network Management
eLitecore Technologies Ltd. 117
DNS Configuration
elect System Management Network DNS Configuration
A Domain Name Server translates domain names to IP addresses. You can configure the domain name server for your network as follows. S
Screen - DNS Configuration
Screen Elements Description
DNS Service Search order Add button Opens a new windows to add IP address of the Domain
Name Server Multiple DNS server can be defined Click Add Type IP address Click OK
Remove button Removes IP address of the Domain Name Server Click IP address to select Click Remove
Up button Changes the order of IP address when more than one DNS server is defined
Down button Changes the order of IP address when more than one DNS server is defined
Update button Updates the DNS details and order if modified Click Update
System Management Cyberoam User Guide Network Management
eLitecore Technologies Ltd. 118
DNS Redirection Enable button Redirects all the DNS traffic to Cyberaom
Click to redirect
Table - DNS Configuration
o add multiple DNS repeat the above-described procedure. Use the up & down buttons to change the order of DNS. If more than one Domain name server exists, query will be resolved according to the order specified.
T
System Management Cyberoam User Guide Security – Firewall
eLitecore Technologies Ltd. 119
Security – Firewall
ts the network from unauthorized access and typically guards the Internal network
es certain rules that determine what traffic should be allowed in or out of the Internal
the above-described basic features of a firewall. For defining firewall rules refer to
efine Firewall rule
A firewall protecagainst malicious access; however, firewalls may also be configured to limit the access of Internal users.
irewall definFnetwork. One can restrict access to certain IP addresses or domain names, or block certain traffic by blocking the TCP/IP ports used.
yberoam hasCDefining Firewall.
D
Select System Management Firewall Create Access
System Management Cyberoam User Guide Security – Firewall
eLitecore Technologies Ltd. 120
Screen - Create Firewall rule
Screen Elements Description
S ource InformationSource domain name/IP Address
or Network for which the rule ed
twork address
Source Domain name, IP address is to be defin Generally Source address is the Internal Ne
Source Port g ‘:’ e.g. 20:25
Specify source port address. Range of ports can be specified usin
Port type Specify source port type Select Include or Exclude
Destination Information Destination domain Destination Domain name or IP address for which the rule is to
System Management Cyberoam User Guide Security – Firewall
eLitecore Technologies Ltd. 121
name/IP Address be defined Generally Destination address is the External address
Destination Port Specify destination port address Range of ports can be specified using ‘:’ e.g. 20:25
Port type Specify destination port type Action to be taken Select Action Click Select Action list to select
Accept – Allow access Drop – Denies access Proxy – Allow access Port forwarding – Allows access through forwarded port.To define port refer to ‘Only for Port forwarding’
Protocol TCP TCP protocol UDP UDP protocol ICMP ICMP protocol All Protocols All protocols Description Description ull de e rule
cters an be -Z, a-z,’_’, 0-9
F scription of th Allows maximum of 255 chara
any combination of ACSave button Saves the rule
Table - Crea lements
te Firewall rule screen e
System Management Cyberoam User Guide Security – Firewall
eLitecore Technologies Ltd. 122
Only for Port forwarding
Screen - Crea
te Port Forward Firewall rule
Screen Elements Description
Forwarding Address Information Forwarded IP Address IP address to which request is to be forwarded Forwarded Port Port number to which request is to be forwarded
Table - Create Port Forward Firewall rule screen elements
Various Options
Source IP address/Domain name
Source Port
Destination IP address/Domain name
Destination Port
Result
Action - Accept/Proxy * * * * Access from all the IP
s to all the IP dresses
addressead
* * www.yahoo.com * All IP addresses are allowed to access yahoo.com
192.168.1.242 * * * 192.168.1.242 is allowed access all the IP addresses
192.168.1.242 * 242.128.34.54 * 192.168.1.242 is allowed to access 242.128.34.54
Action – Deny * * * * Access to all is denied
(want to stop access temporarily due to some technical reasons)
* * www.hotmail.com * All the IP addresses
System Management Cyberoam User Guide Security – Firewall
eLitecore Technologies Ltd. 123
are denied access to hotmail.com
192.168.1 * 192.168.1.242 is denied the access to all
.242 * *
192.168.1 * 2 is he access to
242.128.34.54
.242 242.128.34.54 * 192.168.1.24denied t
Action - Port forwarding Forwarded IP – 192.168.1.58 Port – 80 * nections to
ould be redirected to port 80 on 192.168.1.58
* 242.128.34.54 9090 All the conport 9090 sh
Table - Firewall rules - Result
anage Firewall access
are ordered by their priority. When the rules are applied they are processed from the top ownwards and the first suitable rule found is applied.
Hence, while adding multiple rules, it is necessary to put specific rules before general rules. Otherwise, a general rule might allow a packet that you specifically have a rule written to deny later in the list. When a packet matches the rule, the packet is immediately dropped or forwarded without being tested by the rest of the rules in the list. Example of Firewall rule order for DROP action Rule 1 – Source IP address: 192.168.1.76 Destination: www.yahoo.com
M
Rules d
Action: Drop Rule 2 – Source: * Destination: www.yahoo.com Action: Allow Here if the order is changed i.e. Rule 2 precedes Rule 1 then Host 192.168.1.76 will be able to access www.yahoo.com even though the DROP rule is specified. Select System Management Firewall Manage Access
Screen - Manage Firewall access
System Management Cyberoam User Guide Security – Firewall
eLitecore Technologies Ltd. 124
Screen Elements Description
Select Select Access to change the order Select All Select all the Accesses MoveUp button Moves the selected rule one step up
Click on the Rule which is to be moved up followed by Move Up button
Click MoveUp to move the selected firewall
rule by one step upwards MoveDown button Moves the selected rule one step down
followed by Move Down button Click MoveDown to move the selected firewall r s
Click on the Rule which is to be moved down
ule by one step downward
Table - Manage Fire ccess screen elementswall a
System Management Cyberoam User Guide Security – Firewall
eLitecore Technologies Ltd. 125
Delete firewall access
Select System Management Firewall Manage Access
Screen - Delete Firewall access
Screen Elements Description
Select
lected
Select Access to be deleted
Click Select to select More than one access can also be se
Select All Select all the Accesses Click Select All to select all the accesses
Delete button Deletes all the selected Access Click to delete
Table ents - Delete Firewall access screen elem
System Management Cyberoam User Guide DHCP
eLitecore Technologies Ltd. 126
DH
renews the address as device leaves and re-joins the network. The device an have different IP address every time it connects to the network.
other words, it provides a mechanism for allocating IP address dynamically so that addresses can be re-used. Select System Management → DHCP → DHCP
CP
Dynamic Host Configuration Protocol (DHCP) is a protocol that assigns a unique IP address to a device, releases and c In
Screen - DHCP configuration
Screen Elements Description
DH n CP configuratioSelect Network Interface
Displays Network Interface
Interface IP Displays Interface IP address Netmask Displays Netmask IP address From – To
IP address range for clients The DHCP server assigns an available IP address in the range to the client upon request
Domain name Domain name for the specified subnet Subnet Mask Specifies the subnet mask for the client/network Gateway Gateway IP address Domain name server Domain name server IP address Update DHCP button Updates the configuration
Table - DHCP configuration screen elements
System Management Cyberoam User Guide Reset Console Password
Reset Console Password
Change Console password from GUI or Console itself. To change the password
Select System Management → Console → Reset Console Password
from Console, refer to the Console guide.
Screen - Reset Console Password
Screen Elements Description
Reset Console Password New password Assigns new console password Confirm New password Type again the password as entered in the New
password field Submit button Saves the new password
Click Submit
Table - Reset Console Password screen elements
eLitecore Technologies Ltd. 127
System Management Cyberoam User Guide Data Store
Data Store
Backup data
ction. No matter how well you treat your system, no that your data will be safe if it exists in only
Backups are necessary in order to recover data fr m the loss due to the disk failure, accidental deletion or file corruption. There are up and just as many types of media to use as well. Cyberoam provides facility of taking regular and reliable data backup. Backup consists of all the policie r user related informatio CyberWeb s rmation of all the websites visited by all the users User e user lo This log stores the session entrie og Audit stores the details o the User administrating Cyber Virus log This log stores the details of ma . Mail log This log stores the information of and received by all the users. Selec Data
Backup is the essential part of the data protematter how much care you take, you cannot guarantee one place.
o many ways of taking back
s, logs and all othe n.
oam maintains five logs: urfing log This log stores the info
session log Every time th gs in, session is created. in and logout time. s of all the users and specifies the l
log This log f all the actions performedoam
licious traffic requests received
all the mails sent
anagement → store → Backup t System M
eLitecore Technologies Ltd. 128
System Management Cyberoam User Guide Data Store
Screen - Backup
Screen Elements Description
System Data Backups (Does not include Logs) Frequency of Backup Backup report schedule
Select any one DWMonthly – backup will be send monthly Never – backup will never be send In .
dd or change will
aily – backup will be send daily eekly – backup will be send weekly
general, it is best to schedule backup on regular basisDepending on how much information you ahelp you determine the schedule
Incremental Backup of Logs (in CSV format) Frequency of Backup Select any one
Daily – backup will be send daily
eLitecore Technologies Ltd. 129
System Management Cyberoam User Guide Data Store
Weekly – backup will be send weekly Never – backup will never be send
Log Types Select the logs for backup Available logs for backup: 1. Web surfing 2. Virus
3. Mail 4. Audit
Configure mode of backup Backup mode Specifies how backup will be send
Selec
bl b
t FTPMai
ackup ckup a
Only for FTP backup FTP IP ad server dress of FTP server User name User rver name for FTP sePassword Pass rd for FTP server woOnly for Mail backup To M Emaiail Id l address to which the backup will be mailed Save details button Saves the co n nfiguratioSystem Data Backup to Date (Does not include logs) Bac tton Take llows to download
Click
kup data bu s the recent backup and a
Backup data to take backup Download button lays date and
time when backup was taken Click Download to download To download follow the screen instructions
Download the backup already taken. Also disp
Log Backup to Date(in CSV format) Log Types Selected logs backup will be taken
Select the logs for backup 1. Web surfing 2. Virus 3. Mail 4. Audit
Backup data button Takes the recent backup of logs and allows to download Click Backup data to take the recent backup
Download button Download the backup of logs already taken. Also displays date and time when backup was taken Click Download to download To download follow the screen instructions
Table - Backup screen elements
eLitecore Technologies Ltd. 130
System Management Cyberoam User Guide Data Store
Restore Data
With the help of restore facility, restore data from the backup taken. Restoring datcurrent data will lead to the loss of current data.
ent → Data store → Restore
a older than the
Select System Managem
Screen – Restore
Screen Elements Description
Upload data file to restore data Backup file name Name of backup file Browse button Select the backup file Upload file button Uploads the backup file
Table - Restore screen elements
Note Restore facility ill store versions are same e.g. is version dependant i.e. it w work only if the backup and reif backup is tak ersion 5. ork only for version 5.0.0 and not for en from Cyberoam v 0.0 then restore will wany other version.
eLitecore Technologies Ltd. 131
System Management Cyberoam User Guide Client Services
Purge
Purging of data means periodic deletion of the data.
rovides Auto purge and Manual purge facility for deleting log records.
Auto purge
Select System Management → D purge
Cyberoam p
ata store → Auto
Screen - Auto purge
Screen Elements Description
Purge Data Input Keep s for
eb surfing log will be purged
Web surfing log Specifies number of days after which w
Save Configuration dule configuration Saves purging schePopup Alert Configuration Alert m ta is purged by the
message before e when da system
Click to send popup alert purging the logs
Save Configuration Saves popup alert configuration
Table - A
uto purge screen elements
Note System will preserve logs only for the specified number of days and automatically purges the logs generated there after.
eLitecore Technologies Ltd. 132
System Management Cyberoam User Guide Client Services
Manual purge
Use manual purge to delete log records manually
Management → Data store → Manual purge
Select System
Screen - Manual purge
Screen Elements Description
Date till Date Select the date from Calendar till which the
selected log is to be purged Select log for purging rfing logs er session logs
Web su UsP P l the specified date
C
urge button urges the selected log til
lick Purge to purge
Table - Manual purge screen elements
Note Auto purge option is always on
eLitecore Technologies Ltd. 133
System Management Cyberoam User Guide Client Services
Client Services
r to send messages to the various users. rs about problems as well as Administrative alerts in
areas such as access, user sessions, successful log in and log off, incorrect password etc. Message is send to the User whenever the event occurs. Message can be up to 256 characters and send to the number of users at a time. Select System Management → Client Services → Message management
The Message Management tab allows AdministratoMessages help Administrator in notifying use
Screen - Messages
Screen Elements Description
Message Key e key
odify the message
ion
Messag Click Message link to m Click Save to save the changes
operatClick Cancel to cancel the current Message Message description
Table - Message screen elements
eLitecore Technologies Ltd. 134
System Management Cyberoam User Guide Client Services
List of Predefined messages
Messages Description/Reason
DeactiveUser Administrator has deactivated the User and the User will not be able to log on
DisconnectbyAdmin When the administrator disconnects the user from the live users page
InvalidMachine Message is sent if User tries to login from the IP address not assigned to him/her
LoggedoffsuccessfulMsg Message is sent when User logs off successfully LoggedonsuccessfulMsg Message is sent when User logs on successfully Loggedinfromsomewhereelse Message is sent if User has already logged in from other
machine MultipleLoginnotallowed Message is sent if User is not allowed multiple login NotAuthenticate Message is sent if User name or password are incorrect NotCurrentlyAllowed Message is sent if User is not permitted to access at this time
Access time policy applied to the User account defines the allowed access time and not allowed access at any other time.
Someonelogge essage is sent if someone has already logged in on that particular machine
din M
SurfingtimeExh sage ause his/her allotted s sted The surfin User is allowed Internet a licy. If hours are
austed Mes is sent when User is disconnected becurfing time is exhau
g time duration is the time in hours theccess that is defined in Surfing time po
exhausted, User is not allowed to access. SurfingtimeExpired Administrator has temporarily deactivated the User and will not
be able to log in because User surfing time policy has expired LiveIPinuse Message is sent if connection is requesting a live IP address
from the server that is already in use Nmpoolexceedlimit Message is sent if the maximum number of IP addresses in the
live h e has exceeded the limit ost group at any given tim
Table - List of predefined messages
eLitecore Technologies Ltd. 135
System Management Cyberoam User Guide Client Services
Parameters
Cyberoam Windows’s client launches the default browser to open the spec.
Select System Management → Client Services → Parameters
ified URL after successful log on
Screen - Parameter setting
Screen Elements Description
Open nt following site after clie logs on to the server URL
Leave this field blank, if you do not want to open any specific page every time you log in
Specifies URL address
Update button Updates the configuration HTTP client pop up HTTP client pop up Whenever User tries to surf without logging, page with a
message ‘Cyberoam Access Denied‘ displayed
If HTTP client pop up option is selected, User will get a HTTP Client pop up along with the ‘Cyberoam Access Denied‘ page. Once User logs on successfully using the HTTP client, he/she will be able to surf the requested site.
Update button Updates the configuration
Table - Parameter setting screen elements
eLitecore Technologies Ltd. 136
Management Cyberoam User Guide Ca che Management
eLitecore Technologies Ltd. 137
Cache Management HTTP Cache helps in improving the performance of network by reducing access time and traffic.
Cyberoam can also act as a cache server. All visit d static sites are cached on the Cyberoam server hard drive or in the memory. The advantage of a ca e server is that it will cache the static web pages once requested and serve them locally when reques Cyberoam will act as a cache server only if caching is enabled. To enable caching refer to Enable
ache server and to configure the cache server refer to Configure cache.
Cybero s fa fine WCCP router for Caching. WCCP (Web Cache Comm ides mechanism to redirect traffic flow to caches. To define WCCP router refer to Cyberoam provides the facility che server also. To define External cache, refer to Define External cache. How W Cyberoam examines all the clie he server according to the predefined policies. When the page is requested for the first time, Cyberoam intercepts flow and directs data to the local cache or to the remote/external cache se rding to the defined routing policy. When the cached content is r from local or remote/external cache. Non-cached traffic i redirecte
A
echted the next time.
C
am also provide cility to deunication Protocol) prov Define WCCP router.
to define an External ca
CCP works?
nt traffic and redirects traffic to the appropriate cac
rver to cache the data acco
equested, it is serveds automatically d to the Internet.
Management Cyberoam User Guide Ca che Management
eLitecore Technologies Ltd. 138
Enable Cache Server
Select Cache Management → Cache → Manage
Screen - Manage Cache
Screen Elements Description
Cache Server status Start Cache Server button Only if status is ‘Cache Engine Stopped’
Click to start Cache server
Cache Server status Stop Cache Server button Only if status is ‘Cache Engine Ru
Click to stop Cache server
nning’ Restart butto Click to restart Cache server n Dis Server able Caching In Proxy Dis ching button
Click to disable
able Ca Disable Caching if you do not want Proxy server to cache pages Need Cyberoam for URL filtering
Cache Start Configuration Aut Automatically starts the Cache server with the ostart
startup of Cyberoam server Manual lly Start Cache server manuaSave configu ration Save the cache server configuration
Table - Manage Cache screen elements
Management Cyberoam User Guide Ca che Management
eLitecore Technologies Ltd. 139
Configure Cache
Select Cache Management → Cache → Configure
Screen - Configure Cache
Screen Elements Description
Add C B ache size in MRecommended Cache size (MB)
of cache determined
Cannot be modified
Recommended size is the optimum sizebased on the memory and the disk size
Cache size (MB) Specify Cache size (in MB) It is rec hat cache size defined be equal to or more than th
ommended te recommended size
Save button Save the cache configuration Empty Cache Empty Cache button Deletes ached entities. Empty cache if corruption
is found Click to
any previous c
empty cache Configure Cache policies Manage Cache Category button
fined here will be not be cached Click Manage Cache categoryTo set web categories refer Manage Cache category
URLs falling under the web categories de
Table - Configure Cache screen elements
Management Cyberoam User Guide Ca che Management
eLitecore Technologies Ltd. 140
Manage Cache Category
Screen - Manage cache category
Screen Elements Description
Categories Available list Displays list of predefined categories Click to select
To button Moves the selected category to the Selected Categories list Click to move
Remove button oves the selected category from the Selected gories list
ick to remove
RemateC
Cl
Selected Categories li t of web categories which will not be cached st LisOk button Saves the configuration Cancel button Cancels the current operation
Table ments - Manage cache category screen ele
Management Cyberoam User Guide Ca che Management
eLitecore Technologies Ltd. 141
Define WCCP Routers
Select Cache Managemen nfiguration
t → Cache → Advanced Co
Screen - WCCP Configuration
Screen Elements Description
WCCP Router Address Add router button Adds WCCP router
Click Add router To add router refer Add router
Delete router button Deletes defined router Click Delete router To delete router refer Delete router
Table - WCCP Configuration screen elements
Management Cyberoam User Guide Ca che Management
eLitecore Technologies Ltd. 142
Add router
Screen - Add Router
Screen Elements Description
Add router Router address IP address of the Router Add button Adds router Cancel button Cancels the current operation
Table - Add Router screen elements
Delete router
Screen - Delete Router
Screen Elements Description
Select Select Router IP address to be deleted Click Select to select More than one router can be selected
Select All Select all the IP addresses Click Select All to select all the routers
Delete Router button Delete the selected Router(s)
Table - Delete Router screen elements
Management Cyberoam User Guide Ca che Management
eLitecore Technologies Ltd. 143
Define Cache
elect Cache Management → Cache → Advanced Configuration
S
Screen - Define External Cache
Screen Elements Description
External Cache IP address Cache Type Defines Cache type
Local – Uses Cyberoam Server for caching External – Uses machine other than cyberaom server for caching
Only for the External Cache IP address IP address of the machine which is to be used for
caching Click Add domain for defining caching criteria. Refer to Add domain
Port Port number of External cache Save button Saves the configuration Domain’s for the External Cache
Management Cyberoam User Guide Ca che Management
eLitecore Technologies Ltd. 144
Add Domain button Allows to add domain for Exaternal caching Cache Port setting (Only for the Local Cache) Cache Port Port number for local cache
Table - Define Cache screen elements
Management Cyberoam User Guide Ca che Management
eLitecore Technologies Ltd. 145
Add Domain – Only for External Cache
Screen - Add Domain
Screen Elements Description
Add Domain Domain type Specifies whether domain names are to be included or
excluded from caching Click any one Include – includes specified domain names in caching Exclude – excludes specified domain names from caching
Domains Domain names which are to be included/excluded in cache Add button Adds the criteria Cancel button Cancels the current operation
Table - Add Domain screen elements
Delete Domain – Only for External Cache
Screen - Delete Domain
Screen Elements Description
Select Select Domain to be deleted from cache criteria Click Select to select More than one domain can also be selected
Select All Select all the Domains Click Select All to select all the domains
Delete Domain button Delete all the selected Domain(s)
Table - Delete Domain screen elements
Management Cyberoam User Guide Ca che Management
eLitecore Technologies Ltd. 146
Routing Policy
Selec → Cache → Routing Policy t Cache Management
Screen - Add Routing policy
Screen Elements Description
Add Netwo
To add network refer to Add Network
rk button Add the routing policy for the network Click Add network
Table - Add Routing policy screen elements
Add Network
Screen - Add Network
Screen Elements Description
Add Interface Network ID/Netmask Network whose caching is to be routed through the
selected Interface Show Nodes button Shows the list of nodes in the specified Network Select Interface Click Select Interface to select
Management Cyberoam User Guide Ca che Management
eLitecore Technologies Ltd. 147
IP Address IP address of the Interface Add button Adds the interface Cancel button Cancels the current operation
Table - Add Network screen elements
Delete Network
Screen -
Delete Network
Screen Elements Description
Select Select Network to be deleted Click Select to select More than one network can also be selected
Select All Select all the Networks Click Select All to select all the networks
Delete Network button Delete the selected Network(s)
Table - Delete Network screen elements
Management Cyberoam User Guide Mail Management
eLitecore Technologies Ltd. 148
Malicious HTTP traffic
identify and block HTTP malicious traffic by defining the keywords Select Cache Management →Malicious HTTP traffic → Create
Use to
Screen - Create HTTP Malicious traffic - Web category
Screen Elements Description
Web category details Name Ass at best
des
Can be any combination of A – Z, a – z, ‘_’, 0 - 9
igns name to the category. Choose a name thcribes the category
Allows maximum of 60haracters
Description Full description of the category Allows maximum of 80 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
Create button Creates the category for blocking the malicious traffic Click Create to create Click Manage Keywords to set keywords, refer Manage Keywords for details
Cancel button Cancels the current operation
Table - Create HTTP Malicious traffic - Web category screen elements
Management Cyberoam User Guide Mail Management
eLitecore Technologies Ltd. 149
Manage Traffic
Select Cache Management →Malicious HTTP traffic → Manage and click the required ‘web category name’ link
Screen - Manage HTTP Malicious traffic - Web category
Screen Elements Description
Web category details Name e name of the Web category, modify
if required Displays th
Description Displays the description , modify if required OK button Saves the modified details, if any
Click to save
Keyword Management Manage Keyword button
web category Allows to manage (add and delete) keywords defined for the
Table - Manage HTTP Malicious traffic - Web category
Management Cyberoam User Guide Mail Management
eLitecore Technologies Ltd. 150
Manage keywords
Add Key
words
Screen - Add Keywords
Screen Elements Description
Add Keyword Add to Specifies whether keywords are to be included or excluded
from blocking Click any one Include – Blocks the traffic with keywords specified Exclude – Passes the traffic with keywords specified
Domains Actual keywords which are to be included/excluded Add Keywords button
Adds the criteria
C Cance t operation ancel button ls the curren
Table - ents
Delete Keyword
Add Keywords screen elem
Screen Elements Description
Select s to be deleted from web
Click to select
e lists
Selects keywordcategory
More than one keyword from any of thcan be selected
Delete Domain button Delete all the selected keyword(s)
Table - Delete Keywords screen elements
Management Cyberoam User Guide Mail Management
eLitecore Technologies Ltd. 151
Mail Management Used to control which mail servers users can reach and send/receive mails from what domains
Intra POP Service
reate Intra POP Service
Select Mail Management → Int reate Intra POP Service
C
ra POP → C
Screen - Create IntraPOP service
Management Cyberoam User Guide Mail Management
eLitecore Technologies Ltd. 152
Screen Elements Description
Intra POP Configuration Mail server IP address or Domain name of Mail server Username User name for the mail account Password Password for the mail account Confirm Password Retype the same password for confirmation Domain names Domains from which mails will be fetched Protocol Configures Mail server for connecting to the protocol selected
Options: POP3 POP2 APOP RPOP Click Protocol list to select
Mail Redirection Allows to redirect the mails received
Available options 1) Deposit Mail in the respective User mailbox – Directly send the mails to the respective user mailbox 2) Redirect mails to Local user – Redirects mails to the specified user Click Select User to specify the user. Opens a new window and allows to select the user 3) Redirect mails to Alias – Redirects mails to the specified Alias Click Select Alias to specify the Alias. Opens a new window and allows to select the Alias
Options Keep copy of Mail on server
Specifies whether the copy of Mails to be kept on the server also or not Click to keep the copy on server also
Create button Creates mail service
Table - Create IntraPOP service screen elements
Management Cyberoam User Guide Mail Management
eLitecore Technologies Ltd. 153
Configure Intra POP server
Select Mail Management → POP → Intra POP Configuration
Intra
Screen - Configure IntraPOP server
Management Cyberoam User Guide Mail Management
eLitecore Technologies Ltd. 154
Screen Elements Description
Intra POP Server status Status of the IntraPOP server Displays the status of the IntraPOP server
IntraPOP se ning – if server is on Click Stop IntraPOP server to stop the server
d – if server is off Click Start IntraPOP server to start the server
rver Run
IntraPOP server Stoppe
IntraPOP settings Time Interval (in minutes) Specifies schedule for receiving mails i.e. if time
interval specified is 15 minutes, mails will be fetched after every 15 minutes
Upda Updates the server status and/or time interval setting Clic
te button
k to update IntraPOP startup Configuration Specifies startup configu Options: 1) Autostart Automatically starts the IntraPOP server with the startup of Cyberaom
2) Manual Administrator has to start IntraPOP server manually
ration of IntraPOP server
server
Save Configuration button Saves the server configuration
Table - Configure IntraPOP server screen elements
Management Cyberoam User Guide Mail Management
eLitecore Technologies Ltd. 155
Manage Intra POP Service
Select Mail Management ice to view the list of mail servers defined
→ Intra POP → Manage Intra POP Serv
Screen - Manage IntraPOP service
Screen Elements Description
Mail server link Opens a new window and diplays the details of the mail server. Click to view/update the configuration of the mail server. Refer to Update Mail server for details.
Fetch mails button Allows to fecth mails from the selected mail server Click Select to select the mail server More than one Mail server can also be selected
Delete IntraPOP service button
Allows to delete the service Refer to Delete Intra POP service for details
Table - Manage IntraPOP service screen elements
Management Cyberoam User Guide Mail Management
Update Mail server
Selec agement → Intra POP → Manage Intra POP Service to view the list of mail s il server name to be modified
t Mail Manervers defined and click the Ma
Screen - Update IntraPOP service
eLitecore Technologies Ltd. 156
Management Cyberoam User Guide Mail Management
Screen E s lement Description
Intra POP Configuration Mail serv Displays IP address or Domain name of Mail server, modify if
requireer
d Username Dispalys the Username for the mail account, modify if required Password Password for the mail account , modify if required Confirm P pe tion assword Rety the same password for confirmaDomain n lays Domains from which mails will be fetched, , modify if
required ames Disp
Protocol Displays the protocol configured, modify if required Mail Redirection Display , modify if required
Availab 1) De – Directly send the
2) Redirect mails to Local user – Redirects mails to the specified user Click Select User to specify the user. Opens a new window and allows to select the user 3) Redirect mails to Alias – Redirects mails to the specified Alias Click Select Alias to specify the Alias. Opens a new window and allows to select the Alias
s the redirection configuration
le options
posit Mail in the respective User mailboxmails to the respective user mailbox
Options Keep copy of Mail on server
Displays the configured option of whether the copy of Mails to be kept on the server also or not, modify if required Click to keep the copy on server also
Update button Updates the mail service Cancel button Cancels the current operation
Table - Update IntraPOP service screen elements
eLitecore Technologies Ltd. 157
Management Cyberoam User Guide Mail Management
Delete Intra POP service
Select Mail Management → Intra POP → Manage Intra POP Service to view the list of m
ail servers defined
Screen Elements Description
Select Select Mail server to be deleted
More than one Mail server can also be selected
Click Select to select
Select All Select all the Mail server(s) Click Select All to select all the Mail servers
Delete Network button Delete the selected Mail servers(s)
Table - Delete IntraPOP service screen elements
eLitecore Technologies Ltd. 158
Management Cyberoam User Guide Mail Management
Alias
Send a message to a group of users by creating a Alias (mailing group) containing their names. Then, ju u send messages. You can create multiple Aliases, and message can belong to more than one Alias. For e n alias ames of all the employees of ‘Marketing’ department. Mails forwarded to ‘Marketing staff’ Alias will be forwarded to the employees of ‘Marketing’ department only.
Create A
Select Mail Management → Aliases → Create
st type the Alias name in the To box when yo
xample, if certain mails are to be forwarded to ‘Marketing’ department staff only then create a‘Marketing staff’ and add the n
lias
Screen - Create Alias
Screen Elements Description
Aliases Alias name Assign name to Alias Description Full description of the Alias
Allows maximum of 50 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
Save button Saves the alias created Refer to Add Users to add users to the Alias
Table - Create Alias screen elements
eLitecore Technologies Ltd. 159
Management Cyberoam User Guide Mail Management
Add Users
Screen - Create Alias - Add Users
Select Mail Management → Aliases → Manage and click the Alias name link to add the users
Screen Elements Description
Select Users Show Groups Allows to select the Group
Click to select
Show all Users Shows all the users Show button Shows the all the users defined under the selected
group
eLitecore Technologies Ltd. 160
Managemem User Guide
nt Cyberoa Mail Management
eLitecore Technologies Ltd. 161
S Selects the user Click to select
elect
Select All Selects all the users Click to select
Add button Adds selected users from the Group to the Alias Click to add
Cancel button Cancels the current operation
Table - Create Alias - Add Users screen elements
Delete Us rs
Select Ma ses → Manage and click the Alias name link from which the users are to b
e
il Management → Ae deleted
lia
Screen - Create Alias - Delete Users
Screen Elements Description
Del Select the User for deletion More than one User can be selected Click to select
Select All Allows to select all the Users for deletion
k to select ClicDelete Users button Deletes all the selected Users(s)
Click to delete
Table - Create Alias - Delete Users screen elements
Management Cyberoam Us Mail Management er Guide
eLitecore Technologies Ltd. 162
Delete Al
Select Mail Management → Aliases → Manage
ias
Screen - Delete Alias
Screen Elements Description
Del Select the Alias for deletion More than one Alias can be selected Click to select
Select All Allows t Click to
o select all the Aliases for deletion
select Delete Alias button Deletes all the selected Aliases
Click to delete
Table - Delete Alias screen elements
Mail Management Cyberoam User Guide
SMTP Configuration
eLitecore Technologies Ltd. 163
SMTP Configuration
Cyberoam provides facility of SMTP redirection that allows re-directing the SMTP traffic through Cyberoam server for sending mails.
Configure SMTP
Select Mail Management → SMTP Configuration → Configure
Screen - Configure SMTP
Screen Elements Description
SMTP Mail server status Status of the SMTP Mail server
Displays the status of the SMTP mail server
Mail Management Cyberoam User Guide
SMTP Configuration
eLitecore Technologies Ltd. 164
Mail server Running – if server is on Click Stop Mail server to stop the server Mail server Stopped – if server is off Click Start Mail server to start the server
Configure Enable button Enable SMTP redirection and to configure Cyberoam to Relay
messages from Internal IP addresses Click Enable
SMTP Mail server startup Configuration Specifies startup configuration of SMTP mail server Options: 1) Autostart Automatically starts the SMTP server with the startup of Cyberaom server 2) Manual Administrator has to start SMTP server manually SMTP Access Access SMTP server Allows to access SMTP server before/after Cyberoam login
Select Yes or No
Save details button Save the configuration
Table - Configure SMTP screen elements
Mail Management Cyberoam User Guide
SMTP Configuration
eLitecore Technologies Ltd. 165
Configure Mail Access
Use to configure Mail server to relay certain mail domains or IP addresses
Add Domain to RELAY
Select Mail Management → Mail Relay → Configure Mail Access
Screen - Add Domain
Screen Elements Description
Add Domains D me/IP Address l be
am omain Na Domain name or IP address which wil
allowed RELAY mails through CyberoAdd Domain to Relay butt Domain name or IP address on Adds the
Table - Add domain screen elements
Mail Management Cyberoam User Guide
SMTP Configuration
eLitecore Technologies Ltd. 166
Delete Domain from RELAY
omain
Screen - Delete D
Screen Elements Description
Del Select Domain name to be deleted Click Del to select More than one Domain name can also be selected
Select All
ain names
Select all the Domain names Click Select All to select all the Dom
Delete button Delete the selected Domain name(s)
Table - Delete Domain screen elements
Management Cyberoam User Guide Monitoring Bandwidth Usage
eLitecore Technologies Ltd. 167
Services Use Services tab to S servers. According to the requirement, one ca
tart/Stop and Enable/Disable Autostart various configured n Start, Stop, Enable or Disable the services.
Types of the servers available:
1. DHCP 2. DNS 3. Mail server 4. IntraPOP server 5. Cyberoam server
Select System Management → Services → Control Services
Screen - Manage Control services
Screen Elements Description
Service name Name of the server Status Status of the respective server
Stopped – if server is off Running – if server is on
Commands Starts or stops the respective servers Enables or disables Autostart R n table efer to Actio
Table - Manage Control Service screen elements
Management Cyberoam User Guide Monitoring Bandwidth Usage
eLitecore Technologies Ltd. 168
Action t
able
Button Usage
Start Starts the Server For configured servers whose status is ‘Stopped’
Stop Stops the server For configured servers whose status is ‘Started’
Enable Autostart Automatically starts the configured server with the startup of Cyberaom server
Disable Autostart Disables the Autostart process Restart Restarts Cyberoam server
Only for Cyberoam server All the servers with ‘Enable Autostart’ will restart
Shutdown Shutdown Cyberoam server Only for Cyberoam server All the servers will be stopped
Table - Manage Control Service - Action
Customization Cyberoam User Guide Services
eLitecore Technologies Ltd. 169
Monitoring Bandwidth Usage s the amount of data passing through a media over a period. In otdata accessed by the Users. Each time the data is accessed – uploaded or
ownloaded, the amount is added to the total bandwidth. Because of the limited resource, it needs periodic monitoring.
andwidth usage graphical report allows Administrator to monitor the amount of data uploaded or ed by the Users. Administrator can use this information to help determine:
• Whether to increase or decr dwidth limit? • Whether all the gateways ar• W gateway is underutiliz• What type of traffic is consu width? • Which inbound/ outbound traffic ha width in the last week/month?
Select User management → Bandwidth usage → Report
Bandwidth i her words, it is the mount of a
d
Bdownload
ease the bane utilized optimally? ed? hich
ming the majority of the Bands consumed the most Band
Screen - Bandwidth Usage
Screen Elements Description
Bandwidth report Graph type Generates graph
Select any one Gateway wise – Displays list of Gateways defined, click the Gateway whose data transfer report is to be generated Host Group wise – Displays list of Host groups defined, click the host group whose data transfer report is to be generated Total – Generates total (all gateways and host groups) data transfer report. Also generates Live user report Gatewaywise breakup - Generates total (all gateways) data transfer report.
Graph period Generates graph based on time interval selected Click Graph period to select
Customization Cyberoam User Guide Services
eLitecore Technologies Ltd. 170
Daily Yester Weekl
day y
Monthly Yearly
Table - Bandwidth usage screen elements
It generates eight types of graphical reports:
o Internet. In addition, shows minimum, maximum and average no. of users connected during the selected graph period. This will help in
Peak hour – Maximum no. of live users
1. Live users - Graph shows time and live users connected t
knowing the peak hour of the day.
X axis – Hours Y axis – No. of users
Screen - Bandwidth usage - Live Users graph
2. Total data transfer – Graph shows total data transfer (upload + download) during the day. In addition, shows minimum, maximum and average data transfer.
X axis – Hours Y-axis – Total data transfer (upload + download) in KB/Second
er graph
Screen - Bandwidth usage - Total Data transf
Minimum data
Maximum data transfer
Customization Cyberoam User Guide Services
eLitecore Technologies Ltd. 171
3. Composite data transfer – Combined graph of Upload & Download data transfer. Colors differentiate
u ad data traffic. In addition, shows the minimum, maximum and average data tran download individually
X axis – HourY-axis – Upload + Download in Bits/Second Orange Color - Upload traffic Blue Color – Download traffic
pload & downlosfer for upload &
s
Screen - Bandwidth usage - Composite Data transfer graph
4. Download data transfer – Graph shows only download traffic during the day. In addition, shows the
minimum, maximum and average download data transfer.
X axis – Hours Y-axis – Download data transfer in Bits/Second
Screen - Bandwidth usage - Download Data transfer graph
Customization Cyberoam User Guide Services
eLitecore Technologies Ltd. 172
5. Upload data transfer - Graph shows only upload traffic during the day. In addition, shows minimum,
maximum and average upload data transfer. X axis – Hours Y-axis – Upload data transfer in Bits/Second
Screen -
6. Integrated total data tran er for all Gateways – Combined graph of total (Upload + Download) data
transfer for all the gateways. Colors differentiate gateways. In addition, shows the minimum, maximum and average d
pl Orange Color – GaBlue Color – Gateway2
Bandwidth usage - Upload Data transfer graph
sf
ata transfer of individual gatewayX axis – Hours Y-axis – Total (U oad + Download) data transfer in Bits/Second
teway1
Customization Cyberoam User Guide Services
eLitecore Technologies Ltd. 173
7. Integrated Download data transfer of all Gateways – Graph shows only the download traffic of all the gateways during the day. In addition, shows the minimum, maximum and average download data transfer.
Y-axis – Download data transfer in Bits/Second
Orange Color – Gateway1 Blue Color – Gateway2
X axis – Hours
8. Integrated Upload data transfer fo ly the upload traffic of all the
gate ditio data transfer. X axis – Hours Y-axis – Upload data transfer in Bits/Second Orange Color – Gateway1
ateway2
r all the Gateways - Graph shows onways during the day. In ad n, shows minimum, maximum and average upload
Blue Color – G
Customization Cyberoam User Guide Services
eLitecore Technologies Ltd. 174
Customization Services
Service is Protocol based criteria for traffic classification. Protocols may be TCP and UDP type. TCP and UDP protocols are defined based on port type.
Create new Service
Select P s Create service to open the create service pane
olicy Configuration Service
Screen - Add new Service
Screen Elements Description
Service Information Service name Assign name to service
racters A – Z, a – z, ‘_’, 0 - 9
Allows maximum of 60 chaCan be any combination of
Default Port Assign Port number Port type Allows to select the port type for the service
Options : 1) TCP 2) UDP
lick to select CService Description
Can be any combination of A – Z, a – z, ‘_’, 0 - 9
Full description Allows maximum of 255 characters
Create button Creates a new Service
Table - Ad n elementsd new Service scree
Customization Cyberoam User Guide Services
eLitecore Technologies Ltd. 175
Update
elect Policy Configuration Services Manage Service to view the list of Services. lick the Service to be updated
Service
SC
Screen - Update Service
Screen Elements Description
Service Information Service name dify if required Displays Service name, moDefault Port for the service, Displays default port defined
modify if required Port type Displays the port type, modify if required Service description Displays service description, modify if required Update button Updates the modified details Cancel button Cancels the current operation
Table ents - Update Service screen elem
Customization Cyberoam User Guide Services
eLitecore Technologies Ltd. 176
Delete Service
Select Policy Configuration Services Manage Service to view the list of Services
Screen - Delete Service
Screen Elements Description
Del Select the Service for deletion More than one Service can be selected Click to select
Select All Allows to select all the Services for deletion Click to select
Delete Service button Deletes all the selected Service(s) Click to delete
Table - Delete Service screen elements
Customization Cyberoam User Guide Schedule
eLitecore Technologies Ltd. 177
Schedule Schedule defines a time schedule for the policy. It specifies the hours during which the policy can be active on each day of the week. You can define a different schedule for each day of the week, or same schedule for every day of the week.
Create Schedule
Select Policy Configuration Schedule Create
Screen - Create Schedule
Screen Elements Description
Schedule details Name Assign edule. Choose a name that best
describ ule
s maximum of 50 characters be any combination of A – Z, a – z, ‘_’, 0 - 9
name to the sches the sched
AllowCan
D Full de Allows maximum of 250 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9
escription scription of the policy
Create button Create o enter the schedule details Click Add schedule details to add details to the schedule, refer to ate schedule details
s schedule and allows t
Managing Schedule - Cre
Table - Cr screen elementseate Schedule
Customization Cyberoam User Guide Schedule
eLitecore Technologies Ltd. 178
Update Schedule
Select Policy Configuration Schedule Manage Schedule and click the Schedule name link to update
Scre hedule
en - Update Sc
Screen Elements Description
Schedule details Schedule name Displays schedule name, modify if required Schedule description Displays schedule description, modify if required Save button Saves the updated details Cancel button Cancels the current operation Add Schedule details button
Allows to define the schedule details for the selected weekday to the schedule Click Add Schedule details to add details. Refer to Add Schedule details for details.
Table - Update Schedule screen elements
Add Schedule details
Screen - Add schedule details
Customization Cyberoam User Guide Schedule
eLitecore Technologies Ltd. 179
Screen Elements Description
Schedule details Schedule name Displays schedule name to which details will be
added Schedule description Displays schedule description Weekday Select weekday Start time & Stop time Defines the access hours/duration
Start & stop time cannot be same
Add schedule detail button
Attaches the schedule details for the selected he schedule weekday to t
Cancel button Cancels the current operation
Table - Add schedule details screen elements
Delete Schedule details
Screen - Delete schedule details
Screen Elements Description
Del Select schedule details to be deleted Click Del to select schedule details More than one schedule can also be selected
Select All Selects all the schedule details Click Select All to select all the schedule details
Delete selected schedule details button
Deletes the selected schedule detail(s)
Table - Delete schedule details screen details
Customization Cyberoam User Guide Schedule
eLitecore Technologies Ltd. 180
Delete Schedule
Select Policy Configuration Schedule Manage Schedule to view the list of Schedules
Screen - Delete Schedule
Screen Elements Description
Del Click Del to select schedule More than one schedule can also be selected
Select schedule to be deleted
Select All
Click Select All to select all the schedules
Selects all the schedules
D ule buttoelete sched n Deletes the selected schedule(s)
Table - Delete Schedule screen elements
Customization Cyberoam User Guide Web Categories
eLitecore Technologies Ltd. 181
W b Categories Cyberoam allows Internet site filtering based on URLs and URL keywords. Web category is the grouping of URLs and URL keywords used for Internet site filtering. The URLs and any URL containing the keywords defined in the Web category will be blocked. For your convenience, Cyberoam provides a database of predefined Web categories. You can use these or even create new categories to suit your needs. Depending on the organization requirement, allow or deny the access to the categories with the help of policies by groups, individual user, time of day, and many other criteria.
Create a new Web category
e
Prerequisite • Service created
Select Policy Configuration Web Category Create Web Category
Screen - Create Web category
Screen Elements Description
Web Categories details Name Assign name to the Web category.
aracters
Can be any combination of A – Z, a – z, ‘_’, 0 - 9 Allows maximum of 60 ch
Restrict HTTPUpload Specifies whether HTTP Upload is restricted or not Description Full description
Can be any combination of A – Z, a – z, ‘_’, 0 - 9
Allows maximum of 80 characters
Customization Cyberoam User Guide Web Categories
eLitecore Technologies Ltd. 182
Create button Creates a new Web category. Web category configuration is incomplete until file types or keywords are attached
Cancel button Cancels the current operation
Table - Create Web category screen elements
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 183
Update Web Categories
Select Policy Configuration Web Category Manage Web Category to view the list of Web categories listed. Click the web category to be modified
Screen - Update Web category
Screen Elements Description
Web category details Name Displays name of the Web category
Modify if necessary
Restrict HTTP Upload Displays whether HTTP upload is restricted or not Modify if necessary
Description Displays description of the policy Update button Updates the above modified details Show All button Opens a new window and displays the complete details of the Web
category Click to view details
Cancel button Cancels the current operation Keyword Management Manage keyword button Opens a new window and allows to add the word list for restriction
or remove from restriction
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 184
Click to manage Refer to Manage Keyword for details
File type Management Manage File type button Open a new window and allows to add the file type to place
Click to manage Refer to Manage File type for details
restriction or remove from restriction
Web service Management
Manage services button Open a new window and allows to add or remove services Click to manage Refer to Manage Services for details
Table - Update Web category screen elements
Manage Keyword
Use to assign keywords to the Web category for blocking. Enter the keywords you want blocked for a category. Cyberoam blocks any site containing a keyword assigned to the category. Cyberoam provides several predefined keywords for use in filtering. You can modify these, or even create new file types to suit your needs. Displays the lnclude and Exclude word list for the selected Web category
Screen - Manage Keywords
Screen Elements Description
Add keyword button Opens a new window and allows to add a new keyword to the selected category Click to add Refer to Add Keyword for details
Delete keyword button Allows to delete the selected keyword from the category
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 185
Click the keywords to be deleted Click Delete Keyword
Cancel button Cancels the current operation
Table - Manage Keywords screen elements
Add Keyword
Screen - Add keywords
Screen Elements Description
Add Keyword Add to Specifies whether the entered keywords are to be included or
excluded from restriction Keywords Keywords which are to included or excluded from restriction Add Keyword button Adds the keywords to the selected web category Cancel button Cancels the current operation
Table - Add keywords screen elements
elete Keyword D
Screen - Delete keywords
Screen Elements Description
Include Words list Select words to be deleted
Click to select More than one word can be selected
Exclude Words list Select words to be deleted
Click to select
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 186
More than one word can be selected
Delete keyword button Deletes the selected word(s) from both the word lists
Table - Delete keywords screen elements
Use to gory for blocking. Select the file types you want blocked for le types assigned to the category.
Disp nsions)
Manage File types
assign file types to the Web catea category. Cyberoam blocks any site containing fi
lays the list of file types (file exte
Screen - Manage File types
Screen Elements Description
Add File type button Opens a new window and allows to select a file type
d Refer to Add File types for details
Click to ad
Remove File type button Allows to delete the selected file types from the gory
Refer to Remove File types for details
cate Click to delete
Cancel button Cancels the current operation
Table - Manage File types screen elements
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 187
Add Fil
e types
Screen - Add file types
Screen Elements Description
Select File type list Allows to select a file type category to be attached Click to add
Add button Adds the file type category Cancel button Cancels the current operation
Table - Add file types screen elements
Remove File types
Screen - Remove file types
Screen Elements Description
Del Click all the file types required to be removed Select All button Allows to select all the File types for deletion
Click Select All to select all file types
Remove File type button Remove(s) the file type category
Click to remove
Table - Remove file types screen elements
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 188
Manage Services
Display gory s the list of services attached to the Web cate
Screen - Manage Service
Screen Elements Description
Add Service button Opens a new window and allows to attach a new service to web category Click to add Refer to Attach Service for details
De tegory
Delete Service for details
lete Service button Allows to delete the service from web ca
Refer to Cancel button Cancels the current operation
Table - Manage Service screen elements
Attach Service
Screen - Attach service
Screen Elements Description
Web Service details Name of Web Category Displays name of the web category to which the
service will be attached Service name Allows to select the service
Click Service name list to select
Domain name Specify Domain name Port Specify Port number
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 189
Port type Allows to select the port type for the se
rvice
Options : 1) TCP 2) UDP Click to select
Add to Web category Attached the service to the selected web category
button Click to attach
Cancel Cancels the current operation
Table - Attach service screen elements
Remove Service
Screen - Remove service
Screen Elements Description
Del Click all the services required to be removed Delete service button Deletes all the selected Service(s)
Click to delete
Table - Remove service screen elements
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 190
Delete Web Category
Prerequisite • Not attached to any Policy
nage Web Category to view the
ies created. Click the web category to be deleted
Select Policy Coli or
nfiguration Web Category Mast of Web categ
n - Delete Web category
Scree
Screen Elements Description
Del Select the category for deletion
cted More than one category can be sele Click to select
Select All Allows to select all the categories for deletion Click to select
Delete Category button Deletes all the selected categories Click to delete
Table - Delete Web category screen elements
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 191
Ma
File typIn icular types of f ry. Cyberoam provides several predefined file types for use in filtering. You can modify these, or even add new
nage File types
e is a grouping of file extensions used for the similar purpose. Cyberoam allows filtering content based on file extension. For example, you can restrict access to partternet
iles from sites within an otherwise-permitted catego
file types to suit your needs.
Screen - Manage File types
C
S File types and click Add File Type to a
reate File type
elect Pdd a new file type
olicy Configuration Web Category
Screen - Create File type
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 192
Screen Elements Description
File Type details Name Assign name to the file type.
ows maximum of 60 characters
nation of A – Z, a – z, ‘_’, 0 - 9 AllCan be any combi
Extensions Specifies the file extensions to be included in the file gory.
s defined here will be blocked or filtered
type cate
ExtensionDescription Full description
Allows maximum of 80 characters
f A – Z, a – z, ‘_’, 0 - 9 Can be any combination oCreate button Creates a new file type. Cancel button Cancels the current operation
Table - Create File type screen elements
le type
Delete Fi
Screen - Delete File type
Screen Elements Description
Del Click all the file types required to be deleted Select All button Allows to select all the File types for deletion
ick Select All to select all file types Cl
Delete File type button
Delete(s) the file type category
Click to delete
Table - Delete File type screen elements
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 193
UpgraUpload Upgrade version
Once th oad the new version file. Select Hel pgrade Version Click U version. Type the file name with fullClick U
de Cyberoam
e upgraded version update file is obtained (CD or Downloaded), upl
p Upgrade Cyberoam Upload U
pload Upgrade path or select using ‘Browse’
pload
Screen - Upload Upgrade version
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 194
ModuThere a e basic Cyberoam software. These module quest. The customer has to procure
ister Cyberoam Module License to view the list of Add on modules
F ether these modules are registered or not and if registered license expiry date. S ot registered T module name link, it will open the module registration form.
le licensing re certain add on modules which are not included in ths are not part of the default installation and enabled on re a different license for enabling these add on modules.
Select Help Reg
ollowing screen shows wh
tatus for a module will be ‘Unregistered’, if the module is n
o register a module click the
Screen – Module registration
Screen Elements Description
Module Registration form Public key Displays the public key of the software Product ID Specify the Product ID Unique ID Specify the Unique ID Register button Registers the module Cancel button Cancels the current operation
Table - Module registration screen elements
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 195
View and Update Company information Use to update the company information provided at the time of registration Select Help Company Info Company Info to view the company details. Modify the details if required.
Screen - Company Information
Screen Elements Description
Company Information Company name Displays company name under which Cyberoam
is registered Cannot be modified
Contact person Displays name of the contact person in the company, modify if required
Address, City, State, Country, Zip, Phone, Fax
Displays complete address of the company, modify if required
Email ID Display Email ID of the contact person Save button Saves any of the modified details
Table - Company information screen elements
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 196
View Registration details Use to view the Cyberoam registration details Select Help About About to view the registration details. It displays installed version of Cyberoam, Product ID, Maximum Users Allowed (User license) and company name under which Cyberoam is registered.
Screen - View Registration details
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 197
Download Clients Cyberoam Client supports Users using following platforms: TWindowsT Enables Users using Windows Operating System to log-on to Cyberoam Server using the Cyberoam Client for Windows TLinuxT Enables Users using Linux Operating System to log-on to Cyberoam server using the Cyberoam Client for Linux THTTPT Enables Users using any other Operating System than Windows & Linux to log-on to Cyberoam Server through “Cyberoam Client for HTTP” to access resources Single Sign on Client Enables Windows-migrated Users to log on to Cyberoam using Windows Username and password. Depending on the requirement, download the Cyberoam Client. Refer to the Client Installation guide for details. Select Help Cyberoam Client Download Cyberoam Client to download the Cyberoam Client
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 198
Menu wise Screen and Table Index
TUAccessing Cyberoam UT TUAccessing the Web InterfaceUT 8 TUAccessing Console via remote login utility - TELNETUT 8
TUScreen - Console accessUT 8 TUScreen - Console login screenUT 9
TULog on & log off from the Cyberoam Web InterfaceUT TUHTTP log inUT
TUScreen - HTTP login screen UT 9 TUHTTPS log inUT 10
TUScreen - HTTPS login screenUT 10 TUScreen - HTTPS login screenUT 11 TUTable - Login screen elements UT 12 TUScreen - Live Users screen UT 12 TUScreen - Registration screenUT 13
TUBASIC CONFIGURATIONUT TUScreen - Navigation screenUT 15 TUTable - Navigation screen ElementsUT 16
TUSystem ManagementUT TUNetwork ManagementUT
TUGateway configurationUT TUScreen - Gateway ConfigurationUT 113 TUTable - Gateway Configuration screen elementsUT 113
TUAdd GatewayUT TUScreen - Add GatewayUT 113 TUTable - Add Gateway screen elementsUT 114
TUDelete GatewayUT TUScreen - Delete GatewayUT 114 TUTable - Delete Gateway screen elements UT 114
TUInterface ConfigurationUT TUScreen - Interface ConfigurationUT 116 TUTable - Interface Configuration screen elements UT 116
TUDNS ConfigurationUT TUScreen - DNS ConfigurationUT 117 TUTable - DNS ConfigurationUT 118
TUSecurity – FirewallUT TUDefine FirewallUT
TUScreen - Create Firewall ruleUT 120 TUTable - Create Firewall rule screen elements UT 121
TUOnly for Port forwardingUT TUScreen - Create Firewall rule - Port ForwardUT 122 TUTable - Create Firewall rule - Port Forward screen elements UT 122
TUVarious OptionsUT TUTable - Firewall rules - ResultUT 123
TUManage Firewall accessUT TUScreen - Manage Firewall accessUT 123 TUTable - Manage Firewall access screen elements UT 124
TUDelete firewall access UT TUScreen - Delete Firewall accessUT 125 TUTable - Delete Firewall access screen elements UT 125
TUDHCPUT
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 199
TUScreen - DHCP configurationUT 126 TUTable - DHCP configuration screen elements UT 126
TUServices UT TUScreen - Manage Control servicesUT 167 TUTable - Manage Control Service screen elementsUT 167 TUTable - Manage Control Service - ActionUT 168
TUReset Console PasswordUT TUScreen - Reset Console PasswordUT 127 TUTable - Reset Console Password screen elementsUT 127
TUData StoreUT TUBackup dataUT
TUScreen - BackupUT 129 TUTable - Backup screen elementsUT 130
TURestore DataUT TUScreen - RestoreUT 131 TUTable - Restore screen elementsUT 131
TUPurgeUT TUAuto purge UT
TUScreen - Auto purgeUT 132 TUTable - Auto purge screen elementsUT 132
TUManual purgeUT TUScreen - Manual purgeUT 133 TUTable - Manual purge screen elements UT 133
TUClient ServicesUT TUScreen - MessagesUT 134 TUTable - Message screen elementsUT 134
TUList of Predefined messages UT TUTable - List of predefined messages UT 135
TUParameters UT TUScreen - Parameter settingUT 136 TUTable - Parameter setting screen elementsUT 136
TUCache ManagementUT TUEnable Cache ServerUT
TUScreen - Manage CacheUT 138 TUTable - Manage Cache screen elementsUT 138
TUConfigure CacheUT TUScreen - Configure CacheUT 139 TUTable - Configure Cache screen elements UT 139
TUManage Cache CategoryUT TUScreen - Configure Cache - Manage cache categoryUT 140 TUTable - Configure Cache - Manage cache category screen elementsUT 140
TUDefine WCCP RoutersUT TUScreen - WCCP Configuration UT 141 TUTable - WCCP Configuration screen elementsUT 141
TUAdd routerUT TUScreen - WCCP configuration - Add RouterUT 142 TUTable - WCCP configuration - Add Router screen elementsUT 142
TUDelete router UT TUScreen - WCCP configuration - Delete RouterUT 142 TUTable - WCCP configuration - Delete Router screen elementsUT 142
TUDefine External CacheUT TUScreen - Define External CacheUT 143 TUTable - Define External Cache screen elements UT 144
TUAdd DomainUT TUScreen - Add DomainUT 145 TUTable - Add Domain screen elements UT 145
TUDelete Domain UT TUScreen - Delete DomainUT 145
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 200
TUTable - Delete Domain screen elements UT 145 TURouting PolicyUT
TUScreen - Add Routing policyUT 146 TUTable - Add Routing policy screen elementsUT 146
TUAdd NetworkUT TUScreen - Add NetworkUT 146 TUTable - Add Network screen elementsUT 147
TUDelete Network UT TUScreen - Delete NetworkUT 147 TUTable - Delete Network screen elementsUT 147
TUMalicious HTTP traffic UT TUScreen - Create HTTP Malicious traffic - Web category UT 148 TUTable - Create HTTP Malicious traffic - Web category screen elements UT 148
TUManage TrafficUT TUScreen - Manage HTTP Malicious traffic - Web category UT 149 TUTable - Manage HTTP Malicious traffic - Web categoryUT 149
TUManage keywordsUT TUAdd KeywordsUT
TUScreen - Manage Web category - Add KeywordsUT 150 TUTable - Manage Web category - Add Keywords screen elements UT 150
TUDelete KeywordUT TUTable - Manage Web category - Delete Keywords screen elementsUT 150
TUDefine Authentication processUT TUDecision matrix for AuthenticationUT
TUTable - Authentication - Decision matrixUT 35 TULocal (Cyberoam) AuthenticationUT 36 TUNTLM AuthenticationUT 36
TUSingle Sign on Client Configuration UT 37 TUTable - Default NETLOGON directory locationUT 37 TUScreen - Download Single sign on ClientUT 38 TUScreen - Download User Logon Script Updation utilityUT 39 TUScreen - LOGON script change utilityUT 39 TUScreen - Add Authentication serverUT 40 TUTable - Add Authentication screen elementsUT 41
TUUser Migration UT TUScreen - Download User Migration Utility screenUT 33 TUScreen - Download User Migration Utility screenUT 33 TUScreen - Download User Migration Utility screenUT 34 TUScreen - Register Migrated users screenUT 34
TUServices UT TUCreate new ServiceUT
TUScreen - Add new ServiceUT 174 TUTable - Add new Service screen elements UT 174
TUUpdate Service UT TUScreen - Update ServiceUT 175 TUTable - Update Service screen elementsUT 175
TUDelete Service UT TUScreen - Delete ServiceUT 176 TUTable - Delete Service screen elements UT 176
TUScheduleUT TUCreate ScheduleU177
TUScreen - Create ScheduleUT 177 TUTable - Create Schedule screen elements UT 177
TUUpdate ScheduleUT TUScreen - Update ScheduleUT 178 TUTable - Update Schedule screen elements UT 178
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 201
TUAdd Schedule detailsUT TUScreen - Update Schedule - Add schedule detailsUT 178 TUTable - Update Schedule - Add schedule details screen elements UT 179
TUDelete Schedule detailsUT TUScreen - Update Schedule - Delete schedule detailsUT 179 TUTable - Update Schedule - Delete schedule details screen detailsUT 179
TUDelete ScheduleUT TUScreen - Delete ScheduleUT 180 TUTable - Delete Schedule screen elements UT 180
TUWeb Categories UT TUCreate a new Web category UT
TUScreen - Create Web categoryUT 181 TUTable - Create Web category screen elements UT 182
TUUpdate Web CategoriesUT TUScreen - Update Web categoryUT 183 TUTable - Update Web category screen elements UT 184
TUManage KeywordUT TUScreen - Update Web category - Manage KeywordsUT 184 TUTable - Update Web category - Manage Keywords screen elements UT 185
TUAdd KeywordUT TUScreen - Manage Keywords - Add keywordsUT 185 TUTable - Manage Keywords - Add keywords screen elements UT 185
TUDelete KeywordUT TUScreen - Manage Keywords - Delete keywordsUT 185 TUTable - Manage Keywords - Delete keywords screen elementsUT 186
TUManage File typesUT TUScreen - Manage File typesUT 186 TUTable - Manage File types screen elementsUT 186
TUAdd File typesUT TUScreen - Manage File types - Add file typesUT 187 TUTable - Manage File types - Add file types screen elementsUT 187
TURemove File typesUT TUScreen - Manage File types - Remove file typesUT 187 TUTable - Manage File types - Remove file types screen elements UT 187
TUManage ServicesUT TUScreen - Manage ServiceUT 188 TUTable - Manage Service screen elementsUT 188
TUAttach Service UT TUScreen - Manage Service - Attach service UT 188 TUTable - Manage Service - Attach service screen elements UT 189
TURemove ServiceUT TUScreen - Manage Service - Remove serviceUT 189 TUTable - Manage Service - Remove service screen elementsUT 189
TUDelete Web CategoryUT TUScreen - Delete Web categoryUT 190 TUTable - Delete Web category screen elements UT 190
TUManage File typesUT TUScreen - Manage File typesUT 191
TUCreate File typeUT TUScreen - Create File type UT 191 TUTable - Create File type screen elementsUT 192
TUDelete File typeUT 2 TUScreen - Delete File typeUT 192 TUTable - Delete File type screen elements UT 192
TUPolicy ManagementUT TUSurfing Quota policyUT
TUCreate Surfing Quota policy UT TUScreen - Create Surfing Quota policyUT 69
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 202
TUTable - Create Surfing Quota policy screen elementsUT 69 TUUpdate Surfing Quota policy 70
TUScreen - Update Surfing quota policyUT 70 TUTable - Update Surfing quota policy screen elements UT 71
TUDelete Surfing Quota policy 72 TUScreen - Delete Surfing quota policyUT 72 TUTable - Delete Surfing quota policy screen elements UT 72
TUAccess time policyUT TUAllow strategyUT 73 TUDisallow strategyUT 73 TUCreate Access time policy 73
TUScreen - Create Access time policyUT 73 TUTable - Create Access time policy screen elements UT 74
TUUpdate Access time policy 75 TUScreen - Update Access time policyUT 75 TUTable - Update Access time policy screen elements UT 75
TUDelete Access time policy 76 TUScreen - Delete Access time policyUT 76 TUTable - Delete Access time policy screen elements UT 76
TUSecurity policyUT77 TUDefault AllowUT 77 TUDefault DisallowUT 77 TUCreate a new Security policy 78
TUScreen - Create Security policyUT 78 TUTable - Create Security policy screen elements UT 78
TUUpdate Security policy 79 TUScreen - Update Security policyUT 79 TUTable - Update Security policy screen elements UT 79
TUManage Web Category 80 TUScreen - Update Security policy - Manage Web category UT 80 TUTable - Update Security policy - Manage Web category screen elements UT 80
TUAdd Web Category81 TUScreen - Update Security policy - Add Web categoryUT 81 TUTable - Update Security policy - Add Web category screen elementsUT 81
TURemove Web Category 82 TUScreen - Update Security policy - Delete Web category UT 82 TUTable - Update Security policy - Delete Web category screen elements UT 82
TUDelete Security Policy TUScreen - Delete Security policy UT 83 TUTable - Delete Security policy screen elements UT 83
TUBandwidth policy84 TUHost Group based bandwidth policy 84 TUUser based bandwidth policy 84
TUStrict84 TUTable - Implementation types for Strict - Bandwidth policyUT 84
TUStrict policy – Bandwidth usage 85 TUTable - Bandwidth usage for Strict - Bandwidth policyUT 85
TUCommittedUT TUTable - Implementation types for Committed - Bandwidth policyUT 85
TUCommitted policy – Bandwidth usageUT 85 TUTable - Bandwidth usage for Committed - Bandwidth policyUT 85
TUIP address based bandwidth policyUT TUCreate Bandwidth policyUT
TUScreen - Create Bandwidth policyUT 86 TUTable - Create Bandwidth policy - Common screen elements UT 86
TUCreate Host Group based bandwidth policy UT TUScreen - Create Host group based Bandwidth policyUT 87 TUTable - Create Host group based Bandwidth policy screen elements UT 87
TUCreate User/IP address based Strict bandwidth policy UT TUScreen - Create User/IP based Strict Bandwidth policyUT 88
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 203
TUTable - Create User/IP based Strict Bandwidth policy screen elements UT 89 TUCreate User/IP address based committed bandwidth policy UT
TUScreen - Create User/IP based Committed Bandwidth policyUT 90 TUTable - Create User/IP based Committed Bandwidth policy screen elements UT 91
TUUpdate Bandwidth policyUT TUScreen - Update Bandwidth policyUT 92 TUTable - Update Bandwidth policy Common screen elements UT 92
TUUpdate Host group based bandwidth policy UT TUScreen - Update Host group based Bandwidth policyUT 93 TUTable - Update Host group based Bandwidth policy screen elementsUT 93
TUUpdate User based Bandwidth policyUT TUScreen - Update User based Bandwidth policyUT 94 TUTable - Update User based Bandwidth policy screen elements UT 95
TUAttach Schedule details UT TUStrictUT
TUScreen – Assign Schedule to User based Strict Bandwidth policyUT 95 TUTable – Assign Schedule to User based Strict Bandwidth policy screen elements UT 95
TUCommittedUT TUScreen - Assign Schedule to User based Committed Bandwidth policy UT 96 TUTable – Assign Schedule to User based Committed Bandwidth policy screen elements UT 96
TURemove Schedule details UT TUScreen - Remove Schedule from User based Bandwidth policyUT 97 TUTable - Remove Schedule from User based Bandwidth policy screen elements UT 97
TUUpdate IP address based bandwidth policy UT TUScreen - Update IP address based Bandwidth policyUT 98
TUAdd IP Addresses to IP Address based bandwidth policyUT TUScreen – Add IP address to IP address based Bandwidth policyUT 99 TUTable - Add IP address to IP address based Bandwidth policy screen elementsUT 100
TURemove IP Addresses from IP Address based bandwidth policy UT TUScreen - Remove IP address from IP address based Bandwidth policy screen elements UT 100 TUTable - Remove IP address from IP address based Bandwidth policy screen elements UT 100
TUDelete Bandwidth policy 101 TUScreen - Delete Bandwidth policyUT 101 TUTable - Delete Bandwidth policy screen elements UT 101
TUPrinting PolicyUT TUCreate Printing policy 102
TUScreen - Create Printing policyUT 102 TUTable - Create Printing policy screen elements UT 102
TUDefine IP address with Unrestricted printer access 103 TUScreen - Unrestricted Printer accessUT 103 TUScreen - Unrestricted Printer accessUT 103 TUTable - Unrestricted Printer access screen elements UT 104
TUUpdate Printing policy 105 TUScreen - Update Printing policyUT 105 TUTable - Update Printing policy screen elementsUT 105
TUDelete Printing policy 106 TUScreen - Delete Printing policyUT 106 TUTable - Delete Printing policy screen elements UT 106
TUGroup ManagementUT44
TUDefine Group UT
TUGroup18 TUGroup types18 TUDecision matrix for creation of Group
TUTable - Group creation - Decision matrixUT 19 TUCreate a New Group UT21
TUScreen - Create Normal group screenUT 21 TUScreen - Create Clientless group screenUT 22 TUTable - Create GroupUT 23
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 204
TUTable - Group creation - Decision matrixUT 19 TUCreate a New Group21
TUScreen - Create Normal group screenUT 21 TUScreen - Create Clientless group screenUT 22
TUTable - Create GroupUT 23T
UManage Group44 UScreen - Manage GroupU 44 UTable - Manage Group screen elementsU 46
UUpdate Group46 UTable - Need to Update group U 46
UView Group members 46 UScreen - View Group membersU 46 UTable - View Group members screen elementsU 47
USelect Node/IP address for Login restriction 47 UScreen - Apply Login restrictionU 47 UTable - Apply Login restriction screen elementsU 48
UDelete GroupU49 UScreen - Delete GroupU 49 UTable - Delete Group screen elements U 49
UUser ManagementU
UDefine UserU24 UUser24
UUser typesU24 UDecision matrix for creation of User 24
UTable - Create User - Decision matrixU 24 UCreate a User26
UScreen - Create User screenU 26 UTable - Create User screen elements U 27 UTable - Show Group details screen elements U 27 UTable - Personal details screen elements U 28
UCreate Clientless users 29 UTo add multiple clientless users 29
UScreen - Create multiple Clientless users U 29 UTable - Create multiple Clientless user screen elements U 30
UAdd a single clientless user 31 UScreen - Create single Clientless userU 31 UTable - Create single Clientless user screen elements U 32
UPersonal details table 32 UTable - Personal details screen elements U 32
USelect Node tableU32 UTable - Select Node screen elementsU 32
USearch UserU UScreen - Search UserU 50 UTable - Search User screen elements U 50 UTable - Search User - Result U 50
ULive UserU UScreen - Live Users U 51 UTable - Live User screen elementsU 52
UManage UserU53 UUpdate User53
UScreen - Manage UserU 54 UTable - Manage User screen elements U 56 UTable - Need to Update User U 57
UChange Personal details 57 UScreen - Change User Personal details U 57 UTable - Change User personal details screen elements U 57
UUser My AccountU UScreen - User My AccountU 58
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 205
UScreen - User My AccountU 58 UPersonalU
UChange Password U 59 UScreen - User My Account - Change PasswordU 59 UTable - User My Account - Change password screen elements U 59 UChange Personal details U 59 UScreen - User My Account – Change Personal details U 59 UTable - User My Account - Change Personal details screen elements U 60
UAccount statusU UInternet Usage U60 UScreen - User My Account - Internet UsageU 60 UTable - User My Account - Internet Usage screen elements U 60 UTable - User My Account - Internet Usage - Report elements U 61 UPrinter usageU UScreen - User My Account - Printer UsageU 61 UTable - User My Account - Printer Usage screen elementsU 61 UTable - User My Account - Printer Usage - Report elements U 61
UChange Group U UScreen - Manage User - Change GroupU 62 UTable - Manage User - Change Group screen elements U 62
UChange Individual Policy UTable - Manage User - Change Individual policyU 63
UChange Login RestrictionU UScreen - Manage User - Change Login restrictionU 64 UTable - Manage User - Change Login restrictionU 64
UDelete UserU UScreen - Delete Active UserU 65 UScreen - Delete Deactive User U 65 UScreen - Delete Clientless UserU 65 UTable - Delete UserU 65
UDeactivate User U UScreen - Manage User - Deactivate UserU 66 UTable - Manage User - Deactivate User screen element U 66
UActivate UserU UScreen - Manage User - Activate Normal User U 67 UScreen - Manage User - Activate Clientless UserU 67 UTable - Manage User - Activate User screen elementU 67
UHost Group ManagementU USearch NodeU
UScreen - Search NodeU 107 UTable - Search Node results U 107
UUpdate Host GroupU UScreen - Update Host group U 108 UTable - Update Host group screen elements U 109
UAdd NodeU UScreen - Update Host group - Add NodeU 109 UTable - Update Host group - Add Node screen elements U 109
UDelete NodeU UScreen - Update Host group - Delete NodeU 110 UTable - Update Host group - Delete Node screen elements U 110
UDelete Host GroupU UScreen - Delete Host groupU 111 UTable - Delete Host group screen elements U 111
UDefine Host GroupU UHost Grou
UCreate a new Host Group U UScreen - Create Host group U 42 UTable - Create Host group screen elements U 43
Customization Cyberoam User Guide Upgrade Cyberoam
eLitecore Technologies Ltd. 206
UMonitoring Bandwidth UsageU UScreen - Bandwidth UsageU 169 UTable - Bandwidth usage screen elements U 170 UScreen - Bandwidth usage - Live Users graphU 170 UScreen - Bandwidth usage - Total Data transfer graph U 170 UScreen - Bandwidth usage - Composite Data transfer graph U 171 UScreen - Bandwidth usage - Download Data transfer graph U 171 UScreen - Bandwidth usage - Upload Data transfer graphU 172
UMail ManagementU UIntra POP ServiceU
UCreate Intra POP ServiceU UScreen - Create IntraPOP serviceU 151 UTable - Create IntraPOP service screen elementsU 152
UConfigure Intra POP serverU UScreen - Configure IntraPOP serverU 153 UTable - Configure IntraPOP server screen elementsU 154
UManage Intra POP ServiceU UScreen - Manage IntraPOP serviceU 155 UTable - Manage IntraPOP service screen elementsU 155
UUpdate Mail serverU UScreen - Update IntraPOP service U 156 UTable - Update IntraPOP service screen elements U 157
UDelete Intra POP service U UTable - Delete IntraPOP service screen elementsU 158
UAliasU UCreate AliasU
UScreen - Create AliasU 159 UTable - Create Alias screen elements U 159
UAdd UsersU UScreen - Create Alias - Add UsersU 160 UTable - Create Alias - Add Users screen elementsU 161
UDelete UsersU UScreen - Create Alias - Delete UsersU 161 UTable - Create Alias - Delete Users screen elementsU 161
UDelete AliasU UScreen - Delete Alias U 162 UTable - Delete Alias screen elements U 162
USMTP ConfigurationU UConfigure SMTP U
UScreen - Configure SMTPU 163 UTable - Configure SMTP screen elements U 164
UConfigure Mail AccessU UAdd Domain to RELAY U
UScreen - Configure Mail Access – Add DomainU 165 UTable - Configure Mail Access – Add domain screen elements U 165
UDelete Domain from RELAY U UScreen - Configure Mail Access – Delete DomainU 166 UTable - Configure Mail Access – Delete Domain screen elements U 166
UUpgrade CyberoamU UUpload Upgrade versionU 193
UScreen - Upload Upgrade versionU 193
UModule licensingU UScreen – Module registrationU 194 UTable - Module registration screen elements U 194