DM Wayanad Institute of Medical Sciences, India, Asia
EAL4+ Certified Cyberoam Safeguards DM WIMS’ Network with its Identity-based Security Features
About DM Wayanad Institute of Medical Sciences, Education / Healthcare
DM Wayanad Institute of Medical Sciences
(WIMS) is envisioned to become one among
the top 10 institutions in India by the year 2025
in the field of medical education. With state-of-the-art infrastructure and excellent faculty,
learning and healing blends with nature in their
serene campus. DM Education and Research
Foundation, after studying the needs of the
people and lacuna in the health care facilities in
Wayanad area, decided to set up DM WIMS
with the following objectives:
• Training & Development of High Caliber Healthcare Professionals
• Quality Medical Care at Affordable Cost
• Medical Education merging with nature
• Improving Health Infrastructure
• Overall development of the region
For us, Cyberoam has proved to be more effective than the giants like FortiGate, CISCO and CheckPoint. Its Identity-based approach, in particular, is a blessing for me as it has made my management task 75% easier.
Mr. Manaikandan V
Manager - IT
DM Wayanad Institute of
Mr. Manaikandan V, the Manager-IT at DM WIMS said, “Being one among pioneers in
Health care segment from Kerala, with excellent Information Technology
infrastructure, we should provide secured online data accessing facility to doctors,
students, parents, faculties, employees and patients”.
According to Mr. Manaikandan, the issues that they faced were:
Network Continuity Concerns
“Internet is the lifeline for all our business activities,” said Mr. Manaikanda n. He said
that even a minute of downtime is not acceptable as all work would come to a
standstill if connectivity is lost. To avoid a single point of failure, DM WIMS uses 2 ISP
links – one of which is a 3G connection. Hence, they required a solution that supports
management of multiple ISP links including the 3G connection.
Need for Web and Application Filtering
Being an educational institute, DM WIMS was concerned about how Internet would be
used by the students, faculties and users alike. Mr. Manaikandan wanted to prevent
users from accessing unproductive, harmful and malware-laden websites which
exposes the network to various cyber threats. Uploading/downloading of streaming
media, which occupied precious bandwidth, also needed to be restricted. Mr.
Manaikandan said, “Having full visibility, security and control over the websites and
applications accessed over the college network was a key requirement”.
User Accountability Issues
Mr. Manaikandan desired deployment of a proper user accountability solution which
could monitor the entire browsing pattern of a user, irrespective of the way they
connect to the network i.e. via Ethernet or using Wi-FI. With a rise in the Bring Your
Own Device (BYOD) trend, especially in the modern day educational institutes, gone
are the days where all the users used a single entry point to connect to the network.
Mr. Manaikandan quoted, “We wanted a solution that could help us track a user’s
Internet activities using Usernames rather than IP Addresses, ir respective of the
device they use to connect to the institute network”.
The Cyberoam Solution
After having dissatisfactory experience with major security products including
FortiGate, Cisco and CheckPoint, DM WIMS was looking for a product that stands
apart from traditional Firewall/UTM. After a thorough evaluation, they were impressed
with Cyberoam’s award-winning Layer 8 technology. They purchased One (1) CR
500iNG-XP and One (1) CR 200i appliances. They deployed the CR 500iNG-XP
appliance at their Hospital Datacenter and CR 200i at the Medical College in
Wayanad, Kerala, India. They deployed both the appliances in Gateway Mode.
After deploying Cyberoam in the network, the benefits that they notice are:
- Continuous Internet Availability
Cyberoam supports more than two WAN links
(n-1, n being number of interfaces on the
appliance). As the college has two ISP links,
Mr. Manaikandan uses Cyberoam’s Multi-Link
Management to handle both links effectively.
The BSNL link is configured to be the Active
connection while Idea 3G connection stays in
Passive mode. In case the BSNL link fails, the
Automatic Link Failover feature automatically
switches the traffic to the backup 3G link. So,
the institute gets a transparent multilink
management with no human interference and
100% Internet uptime. Mr. Manaikandan said,
“Before Cyberoam deployment, if BSNL link
had some downtime, entire network got
affected. Now, thanks to Cyberoam, we have
100% Internet uptime even if the primary link
- Layer 8 Technology: Identity-based Security
Cyberoam’s Layer 8 technology provides a
robust network security system which includes
a user’s human identity as part of the Firewall
Rule matching criteria. It treats user identity as
the 8th Layer or the human layer in the network
protocol stack, overcoming the limitations of
conventional Firewalls which bind security to IP
Addresses alone. By implementing Layer 8
security, Mr. Manaikandan can gain real-time
visibility into the online activity of students
based on their Usernames which gives him an
insight into “Who is doing What?” “The fact that
we can create Networking and Security policies
based on usernames was Cyberoam’s selling
point for us”, said Mr. Manaikandan.
- Disciplined Web and Application usage
Cyberoam allows Mr. Manaikandan to block
undesirable web sites and application, and
enforce acceptable usage policies on students,
and faculty. Cyberoam has a Content Filtering
database of more than 100 million websites,
categorized into 89+ categories.
All unauthorized uploads/downloads, P2P
applications, pirated audio and video streaming
and other harmful content is now safely
Cyberoam delivers comprehensive control and
visibility over more than 2,000 applications. It
controls unauthorized application usage while
supporting business-critical applications.
Cyberoam Firewall blocks games and tunneling
software that result in Malware entry. Mr.
Manaikandan says, “Cyberoam gives us firm
control over all Internet activities within the
institute’s premises. It helps us in ensuri ng
protection and discipline among our users”.
- User Accountability Concerns Addressed
Cyberoam’s Layer 8 Technology allows Mr.
Manaikandan to design identity-based policies,
which extends throughout the network,
irrespective of the device used by the students
to connect to the network. Cyberoam Security
appliances offer identity-based AAA
(Authentication, Authorization, and Audit)
allowing control and visibility of who is
connected to your network, using what device
and what they are accessing.
“Thanks to Cyberoam, we now have complete
accountability of all our network user’s online
activities, even on Wi-Fi networks”, said Mr.
- On-Appliance Reporting
“Comprehensive Reporting is one of
Cyberoam’s most noteworthy features,” said
Mr. Manaikandan. The On-Appliance
Monitoring and Reporting mechanism helps him
to perform timely and accurate assessment of
Web and Application usage. Availability of
detailed reports enables him to update access
policies based on changing network
environment. Moreover, the “traffic discovery”
report helps him to identify the amount of
bandwidth used by various applications.
- To Conclude
Mr. Manaikandan said, “For us, Cyberoam has proved to be more effective than
the giants like FortiGate, CISCO and CheckPoint. Its Identity-based approach, in
particular, is a blessing for me as it has made my management task 75% easier”.