Cyberoam System Maintenance Guide

Cyberoam System Maintenance Guide

Contents
Preface .......................................................................................................................................... 3 Introduction .................................................................................................................................. 4 Securing Backup ............................................................................................................................ 4 Updating Appliance Firmware........................................................................................................ 4 Configuring Email Alerts ................................................................................................................ 4 Validating Subscriptions................................................................................................................. 5 Checking Status of Services............................................................................................................ 5 Updating User Accounts and User Groups ..................................................................................... 6 Updating Policies ........................................................................................................................... 6 Securing Access to Appliance ......................................................................................................... 6 Updating Firewall Rules ................................................................................................................. 7 Reviewing Denial of Service (DoS) Settings..................................................................................... 7 Monitoring Appliance Health ......................................................................................................... 7 Configuring iView Logs & Reports .................................................................................................. 8

Cyberoam System Maintenance Guide

Preface
Welcome to Cyberoam System Maintenance guide. This Guide provides information about the maintenance of Cyberoam Appliance. It, however, does not describe how to use the Appliance. That is covered in Cyberoam User Guide. Scope of the Guide This Guide covers the overall maintenance guidelines of all Cyberoam Appliance CR Models. In case of any queries, contact Cyberoam Technical Support.

Technical Support
You may direct all questions, comments, or requests concerning the software you purchased, your registration status, or similar issues to Customer care/service department at the following address: Corporate Office Elitecore Technologies Pvt. Ltd. 904, Silicon Tower Off C.G. Road Ahmedabad 380015 Gujarat, India. Phone: +91-79-66065606 Fax: +91-79-26407640 Web site: www.elitecore.com Cyberoam contact: Technical support (Corporate Office): +91-79-66065777 Email: support@cyberoam.com Web site: www.cyberoam.com Visit www.cyberoam.com for the regional and latest contact information.

Cyberoam System Maintenance Guide

Introduction
Cyberoam Appliance should undergo regular maintenance for smooth and efficient functioning of the Appliance. The various tasks involved in Maintenance are as follows. Securing Backup Updating Appliance Firmware Configuring Email Alerts Validating Subscriptions Checking Status of Services Updating User Accounts and User Groups Updating Policies Securing Access to Appliance Updating Firewall Rules Reviewing Denial of Service (DoS) Settings Monitoring Appliance Health Configuring iView Logs & Reports

Securing Backup
Taking backup of Cyberoam Appliance Configuration enables us to preserve a copy of all current configurations. It is advisable to take a backup of Cyberoam Appliance Configuration on a regular basis. In case of equipment failure or other anomaly, the backup can be restored on an existing appliance after repairs or can be applied to a new appliance to facilitate recovery. For details on how to take a backup of Cyberoam Appliance configuration, click here.

Updating Appliance Firmware

Newer firmware versions of Cyberoam Appliance are released periodically. Each released firmware has enhanced features, better functionality and Bug Fixes. Hence, to enhance the Cyberoam User Experience upgrade the Appliance to the latest firmware. Information about the latest firmware releases is notified in the Alert Messages section on the dashboard. This information can also be obtained in http://csc.cyberoam.com. For details on how to upgrade Cyberoam Appliance to the latest firmware, click here.

Configuring Email Alerts

E-mail notifications inform the administrator about changes in the network such as the following. Change in gateway status Change in HA (high availability) link status (if HA cluster is configured) Various reports Hence, ensure that valid e-mail addresses and mail server settings are configured to continue receiving alerts. In case of change of e-mail addresses or mail server settings, update the appliance configuration accordingly. For details on how to configure email notifications on Cyberoam Appliance, click here.

Cyberoam System Maintenance Guide

Validating Subscriptions
Cyberoam Appliance contains 2 types of modules: Basic modules Firewall, VPN, Multi Link Management, Bandwidth Management, Real-time Blackhole List (RBL), Traffic Discovery and On-Appliance Reports Subscription modules - Gateway Anti Virus, Gateway Anti-spam, Intrusion Detection and Prevention, Web and Application Filtering, 8x5 support, 24x7 support

Basic modules are pre-registered with the Appliance for an indefinite time period. Subscription modules are to be subscribed at regular intervals. In case one or more of the Subscription Modules has expired or is on the verge of expiry, renew the same to continue enjoying the benefits. For details on how to renew the subscription of a module, click here.

Checking Status of Services

Cyberoam provides various services like: Anti Spam Anti Virus Authentication DHCP Server DNS IPS Web Proxy

It is a good practice to regularly check if these services are up and running. To check and manage services, go to System Maintenance Services. The following screen appears.

The status of the services in the Services field can be seen in the Status field. To manage one or more service, use Toggle Buttons provided in the Manage field.

Cyberoam System Maintenance Guide

Toggle Button Action table Button Start Stop Restart Usage Starts the Server whose status is Stopped Stops the server whose status is Started Restarts server: Only for Authentication Server and Web Proxy Server

Updating User Accounts and User Groups

Regularly check the validity and volume of activity of every user account. Accounts that are not used very frequently can be kept in Inactive State and switched back to Active State when required. Accounts that are not in use anymore can be deleted altogether. For details on how to change the status of an account or delete an account, click here. Users are assigned to User Groups which makes assignment and modification of policies easier for the Administrator. Like User Accounts, validity and volume of activity of User Groups should also be checked. Groups that are unused should be deleted. For details on how to delete a User Group, click here.

Updating Policies
Cyberoam Appliance enforces many rules and policies upon users to ensure that they have a safe and productive Internet experience. These policies are: Web Filter Policy Application Filter Policy IM Filter Policy QoS Policy Identity Policies o Access Time Policy o Surfing Quota Policy o Data Transfer Policy

. These policies should be regularly updated to reflect changing Network Environment and User Surfing Patterns in the organization to ensure optimal usage of the Appliance .For details on how to manage various Cyberoam Policies, refer to the User Guide.

Securing Access to Appliance

Cyberoam Appliance tends to the security needs of the network in which it is deployed. Hence,ensure that the Appliance itself is secure to curb circumstances where network security is compromised. As such, access to the Appliance should be restricted to Authorized Users only. For details on various ways to secure Appliance Access, click here.

Cyberoam System Maintenance Guide

Updating Firewall Rules

Firewall Rules provide centralized management of security policies. From a single firewall rule, an entire set of Cyberoam security policies can be defined and managed. Create and update Firewall Rules according to the changing network security needs of the organization. For details on managing Firewall Rules, click here. Also, there may be certain defined Rules that do not apply to current network security needs, hence remain unused. Detect and eliminate such Rules so that they do not add to system overhead.

Reviewing Denial of Service (DoS) Settings

Cyberoam provides several security options that cannot be defined by the firewall rules. This includes protection from several kinds of Denial of Service attacks. These attacks disable computers and circumvent security. Regularly review DoS Settings which mainly involves checking Threshold Values for the following parameters. Packet rate per Source Burst rate per Source Packet rate per Destination Burst rate per Destination

Configuring too high Threshold Values degrades system performance while too low values blocks regular requests. Again, Cyberoam allows you to bypass DoS rules in case you are sure that the specified source will not be used for flooding or ignore if flooding occurs from the specified source These Rules should be updated from time to time so that they are in accordance with changing Network Environment. Unused Rules should be deleted to reduce system overhead. For details on how to create a Bypass Rule, click here.

Monitoring Appliance Health

System Graphs can be used to view graphs pertaining to System related activities for different time intervals. Graphs can be viewed Utilities Wise or Period Wise. Period wise graph displays the following graphs for a selected period: Live Graph CPU usage Information Memory usage Information Load Average Interface usage Information

Utility wise graphs show the same graphs regrouped based on the time interval. Use these statistics to verify System Utilization. In case of any discrepancy, contact Cyberoam Technical Support at support@cyberoam.com.

Cyberoam System Maintenance Guide

Configuring iView Logs & Reports

Cyberoam can log many different network activities and traffic including: Firewall log Anti-virus infection and blocking Web filtering, URL and HTTP content blocking Signature and anomaly attack and prevention Spam filtering IM logs Administrator logs User Authentication logs

Cyberoam-iView emails these reports in PDF format to specified email addresses according to the configured frequency. Hence, ensure that correct email-ids are configured in iView report notifications. Also, ensure that appropriate log retention period is configured to retain the logs. For details on how to manage Log Retention Period in iView, click here.