Strengths: Superb value, a remarkable feature set, extensive policy-based security, easy deployment, good reporting
Weaknesses: The sheer number of features could be overwhelming for small offices
Verdict: It may be small, but the CR15i delivers an incredible range of features for the price, making it one of the best value small business security appliances on the market
Small businesses and remote offices that thought appliance-based security was beyond their budget can think again, as Cyberoam's CR15i delivers a huge range of features at a remarkably low price.
This little (4x15x23cm) desktop box targets offices with up to 15 users and has the full gamut of firewall, anti-virus, anti-spam, anti-spyware, intrusion prevention, web-content filtering, IPsec VPNs and traffic management. The price of £353 is amazing, as it includes a one-year subscription to all services, plus 8/5 phone and email support. A three-year package costs £501.
The appliance has a basic 500MHz Via Eden processor, teamed up with 512MB of memory and the Linux OS is run from a 4GB ATA CompactFlash card. You have a triplet of Fast Ethernet ports that provide LAN, WAN and DMZ duties and the appliance can operate in routed or transparent bridge modes.
Installation won't take long as you point a browser at the appliance and follow a quick-start wizard that helps with choosing from routed or bridged modes.
A glance at the well-designed web interface shows that nearly every feature in Cyberoam's enterprise-level products is present in the CR15i. You get identity-based security, where you can use the appliance's own local database, import users and groups from AD, NT domain and LDAP servers, or authenticate with a Radius server.
Although you only have three ports, you can group them into zones and use these when setting up custom firewall rules. You add your sources and destinations, assign selected services, decide whether to block or allow traffic and use time schedules to determine when they are active.
Rules are used to force users to authenticate with the appliance when they want internet access and you can pick which protocols should be scanned.
If you deploy the corporate client utility, you can control activity by applying quota policies that determine how long users can surf for each day, week, month and year. Data transfer policies place limits in megabytes on how much they can download and you can view a group or user in the web interface and see how much time has been used up. Also, during user policy creation you can view each policy in a pop-up window, so you don't need to keep swapping across different screens.
The traffic discovery feature will prove useful, as you can view live connections for applications, specific users or IP addresses - or see the day's activity. General reporting tools are extensive, with options such as viewing the top ten most active users, bandwidth usage, most popular websites etc.
Reports are provided for the spam and virus scanners and you can view them as tables or graphs. You get basic reports for PCI, SOX, HIPPA, GLBA and FISMA.
For web content filtering, the CR15i offers no less than 82 categories, and multiple entries can be placed in different policies so you can easily create workplace AUPs (acceptable use policies). During testing, we found Cyberoam had made some big improvements on accuracy, as this was a problem we had when we looked at its CR100i last year.
We googled for online bingo sites and were blocked from 43 of the 50 selected - previously we managed to access more than half.
For anti-spam, you can apply a global policy to all users and then fine-tune it with custom policies. Quarantining is not supported.
After leaving the appliance to its own devices for nearly a week, we saw a spam success rate of 96 per cent, with only two false positives.
The CR15i offers more features than any competing product at this price point. Anti-spam measures are very good, there are big improvements in web filtering and the policy-based security covers virtually every angle.