Siyaram Silk Mills Ltd Mumbai, India
Cyberoam UTM Forms an Integral Part of Siyaram's Futuristic Security Landscape
About Siyaram Silk Mills Ltd, Textile Industry

Siat is an agro-industrial group of companies specialized in the establishment and management of industrial as well as smallholders' plantations and allied processing and downstream industries. The main focus rests on oil palm and rubber, while cattle ranching is gaining importance in the group.

Siat seeks majority equity participation in the capital of private agro-industrial companies and provides management and engineering services. The head office is located in Brussels.

We have deployed eighteen (18) Cyberoam UTM appliances across six main locations and other remote sites. The primary reasons for choosing Cyberoam are its intuitive interface and identity based reporting, which the other solutions lack,”

Mr. Ananthakrishnan

Like every fast progressing company, Siyaram's decided to take up a major modernization drive. Under the drive they decided to revamp the existing network to cater to the present and futuristic needs. An enterprise-wide secure IT environment was an integral part of the new network landscape.

The new futuristic network landscape had a few important inherent considerations. Siyaram's production and corporate infrastructure is spread over six different locations. Remotely located nation-wide branch offices also form an important auxiliary network, which has to be secured to the mainstream. Mr. Ananthakrishnan (Head-IT, Siyaram's) wanted a fully redundant network which can provide round-theclock connectivity to the six main locations and other remote offices. The remote locations are connected to the main network through leased lines with VSAT (Satellite) providing backup to the leased line.. Moreover, for the remote locations, the failover deployment would be such that in case of the leased line failure, the total traffic would be redirected through the, hitherto passive, VSAT link. Security over the distributed network is highly demanding.

“With organizational growth, the number of locations and Internet users multiplied. However, not everyone required aWorld WideWeb connection. Our aim is selective Internet access to achieve effective and productive information dissemination,” said Mr.Ananthakrishnan.

Siyaram's adopted Active Directory Service (ADS) as a backbone for the entire organization. Apart from the other needs stated above, they needed a UTM that would cater to three primary requirements, viz,

1. Neutralize virus and malware threats
2. Manage various levels of access using identity
3. Link bandwidth management using identity-based services

The Cyberoam Solution

“We went through a very detailed evaluation process where in we actually put UTMs from three vendors to detailed and rigorous testing in a live user environment for a period of one month each. Based on these detailed tests, we zeroed in on Cyberoam UTM. We have deployed eighteen (18) Cyberoam UTM appliances across the six The deployment details are:

locations and other remote sites on a High-Availability mode. We chose Cyberoam CR500i for the central location, Cyberoam CR250i for the DR site and Cyberoam
CR50i appliances to provide perimeter security to branch offices and remote locations. The primary reasons for choosing Cyberoam are its intuitive interface and identity based reporting, which the other solutions lack,”Mr.Ananthakrishnan said

Cyberoam's Firewall page provided centralized access and management to all the security services. This facility simplifies the process of policy creation, irrespective to the security service. Coupled with extremely user-friendly interface, Mr. Ananthakrishnan found the complex task of UTM management, simplified resulting into less training investment.

Cyberoam allows remote management of itsWeb Admin Console (GUI) over Secure HTTP. This ensures that the distributed appliances can be managed remotely without on-site deployment of a skilled person.

“Cyberoam UTM uses Kaspersky Antivirus, which is one of the leading anti-virus vendors. The results are quite encouraging,” Mr. Ananthakrishnan said. As Cyberoam scanned theWeb and the mail traffic for malware and virus, the possibility of infection creeping in through the gateway is effectively mitigated.

The image based spam capture is also providing encouraging results.

The in-house URL based filtering database of Cyberoam is very impressive. It helps protect against spyware and other malware by preventing the users from accessing such sites. Apart from porn and P2P sites, it also has categories to block Phishing and frauds.

“We have divided our users into different groups based on their professional responsibilities,”Mr. Ananthakrishnan said. The groups have profile-based access to the Internet, eg. HR is the only group with access to jobs' sites. Moreover, as a part of the corporate policy, no user is allowed to access Porn, Instant Messaging, streaming and downloading. Because of lack of filtering and access management earlier, the highest bandwidth hoggers were the stock market sites, which now has been restricted to be accessed by only the Securities Dept.
While describing Cyberoam's superior identity-based policy management, Mr. Anantkrishanan said, “One of the major advantages of Cyberoam is that it allows group based rule creation, which can be further fine-tuned to an individual user's level. So you can have a different group policy and a different granular user-based policy.” Cyberoam's Identity based policies and reporting also helps him to keep a direct track and control over the end user's online activities.

Siyaram's is also in the process of implementing SAP. To facilitate this implementation, Cyberoam helped them split and prioritize the total available bandwidth among service, group and users, respectively. Cyberoam's multilink manager made sure that the organization always had a live Internet link, providing round the clock connectivity.