DM Wayanad Institute of Medical Sciences, India, Asia
EAL4+ Certified Cyberoam Safeguards DM WIMS’ Network with its Identity-based Security Features
About DM Wayanad Institute of Medical Sciences, Education / Healthcare

DM Wayanad Institute of Medical Sciences (WIMS) is envisioned to become one among the top 10 institutions in India by the year 2025 in the field of medical education. With state-of-the-art infrastructure and excellent faculty, learning and healing blends with nature in their serene campus. DM Education and Research Foundation, after studying the needs of the people and lacuna in the health care facilities in Wayanad area, decided to set up DM WIMS with the following objectives:
• Training & Development of High Caliber Healthcare Professionals
• Quality Medical Care at Affordable Cost
• Medical Education merging with nature
• Improving Health Infrastructure
• Overall development of the region

For us, Cyberoam has proved to be more effective than the giants like FortiGate, CISCO and CheckPoint. Its Identity-based approach, in particular, is a blessing for me as it has made my management task 75% easier.

Mr. Manaikandan V
Manager - IT
DM Wayanad Institute of
Medical Sciences

Mr. Manaikandan V, the Manager-IT at DM WIMS said, “Being one among pioneers in Health care segment from Kerala, with excellent Information Technology infrastructure, we should provide secured online data accessing facility to doctors, students, parents, faculties, employees and patients”.

According to Mr. Manaikandan, the issues that they faced were:

Network Continuity Concerns

“Internet is the lifeline for all our business activities,” said Mr. Manaikanda n. He said that even a minute of downtime is not acceptable as all work would come to a standstill if connectivity is lost. To avoid a single point of failure, DM WIMS uses 2 ISP links – one of which is a 3G connection. Hence, they required a solution that supports management of multiple ISP links including the 3G connection.

Need for Web and Application Filtering

Being an educational institute, DM WIMS was concerned about how Internet would be used by the students, faculties and users alike. Mr. Manaikandan wanted to prevent users from accessing unproductive, harmful and malware-laden websites which exposes the network to various cyber threats. Uploading/downloading of streaming media, which occupied precious bandwidth, also needed to be restricted. Mr. Manaikandan said, “Having full visibility, security and control over the websites and applications accessed over the college network was a key requirement”.

User Accountability Issues

Mr. Manaikandan desired deployment of a proper user accountability solution which could monitor the entire browsing pattern of a user, irrespective of the way they connect to the network i.e. via Ethernet or using Wi-FI. With a rise in the Bring Your Own Device (BYOD) trend, especially in the modern day educational institutes, gone are the days where all the users used a single entry point to connect to the network. Mr. Manaikandan quoted, “We wanted a solution that could help us track a user’s Internet activities using Usernames rather than IP Addresses, ir respective of the device they use to connect to the institute network”.

The Cyberoam Solution

After having dissatisfactory experience with major security products including FortiGate, Cisco and CheckPoint, DM WIMS was looking for a product that stands apart from traditional Firewall/UTM. After a thorough evaluation, they were impressed with Cyberoam’s award-winning Layer 8 technology. They purchased One (1) CR 500iNG-XP and One (1) CR 200i appliances. They deployed the CR 500iNG-XP appliance at their Hospital Datacenter and CR 200i at the Medical College in Wayanad, Kerala, India. They deployed both the appliances in Gateway Mode.

After deploying Cyberoam in the network, the benefits that they notice are:

  • Continuous Internet Availability

    Cyberoam supports more than two WAN links (n-1, n being number of interfaces on the appliance). As the college has two ISP links, Mr. Manaikandan uses Cyberoam’s Multi-Link Management to handle both links effectively. The BSNL link is configured to be the Active connection while Idea 3G connection stays in Passive mode. In case the BSNL link fails, the Automatic Link Failover feature automatically switches the traffic to the backup 3G link. So, the institute gets a transparent multilink management with no human interference and 100% Internet uptime. Mr. Manaikandan said, “Before Cyberoam deployment, if BSNL link had some downtime, entire network got affected. Now, thanks to Cyberoam, we have 100% Internet uptime even if the primary link goes down”.

  • Layer 8 Technology: Identity-based Security

    Cyberoam’s Layer 8 technology provides a robust network security system which includes a user’s human identity as part of the Firewall Rule matching criteria. It treats user identity as the 8th Layer or the human layer in the network protocol stack, overcoming the limitations of conventional Firewalls which bind security to IP Addresses alone. By implementing Layer 8 security, Mr. Manaikandan can gain real-time visibility into the online activity of students based on their Usernames which gives him an insight into “Who is doing What?” “The fact that we can create Networking and Security policies based on usernames was Cyberoam’s selling point for us”, said Mr. Manaikandan.

  • Disciplined Web and Application usage

    Cyberoam allows Mr. Manaikandan to block undesirable web sites and application, and enforce acceptable usage policies on students, and faculty. Cyberoam has a Content Filtering database of more than 100 million websites, categorized into 89+ categories.

    All unauthorized uploads/downloads, P2P applications, pirated audio and video streaming and other harmful content is now safely blocked.

    Cyberoam delivers comprehensive control and visibility over more than 2,000 applications. It controls unauthorized application usage while supporting business-critical applications. Cyberoam Firewall blocks games and tunneling software that result in Malware entry. Mr. Manaikandan says, “Cyberoam gives us firm control over all Internet activities within the institute’s premises. It helps us in ensuri ng protection and discipline among our users”.

  • User Accountability Concerns Addressed

    Cyberoam’s Layer 8 Technology allows Mr. Manaikandan to design identity-based policies, which extends throughout the network, irrespective of the device used by the students to connect to the network. Cyberoam Security appliances offer identity-based AAA (Authentication, Authorization, and Audit) allowing control and visibility of who is connected to your network, using what device and what they are accessing.

    “Thanks to Cyberoam, we now have complete accountability of all our network user’s online activities, even on Wi-Fi networks”, said Mr. Manaikandan.

  • On-Appliance Reporting

    “Comprehensive Reporting is one of Cyberoam’s most noteworthy features,” said Mr. Manaikandan. The On-Appliance Monitoring and Reporting mechanism helps him to perform timely and accurate assessment of Web and Application usage. Availability of detailed reports enables him to update access policies based on changing network environment. Moreover, the “traffic discovery” report helps him to identify the amount of bandwidth used by various applications.

  • To Conclude

    Mr. Manaikandan said, “For us, Cyberoam has proved to be more effective than the giants like FortiGate, CISCO and CheckPoint. Its Identity-based approach, in particular, is a blessing for me as it has made my management task 75% easier”.