Cyberoam UTM Firewall

Version: Cyberoam UTM CR500i, 9.5.4 and later.

Cyberoam firewall (NG and UTM) is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules. It typically establishes a barrier between a trusted, secure internal network and another outside network, such as the Internet that is assumed not to be secured or trusted.

Netsurion Open XDR supports Cyberoam UTM Log events. Netsurion Open XDR monitors it and generates alert for user authentication failure, configuration changes, virus and spam detection, and reports for user management, admin operations, antivirus and antispam activity, firewall traffic activity and user activity. Its dashboard gives us the information about the top user usage, top application used, top source IP address usage, top destination IP address usage and top virus detected.

Netsurion Data Source Integration for Cyberoam UTM allows you to monitor following:-

  • Operations – Virus detection, User authentication success and firewall traffic activity.
  • Security – Attack detection, spam detection, web and application filter activity.
  • Compliance – User authentication failed, admin operations and user account management  

After the Cyberoam UTM is configured to deliver events to the Netsurion Open XDR, the dashboards and reports can be configured into Netsurion Open XDR.

To take advantage of this data source integration and to learn more about alerts, reports, and dashboards, contact your Technical Account Manager (TAM). If you are not currently a Netsurion customer or partner, contact us to learn more.