Cyberoam Release Notes V 10

Cyberoam Release Notes
Release Notes
Version: 10.00 build 0227

Release Date: 29th March,
2010
Release Information
Release Type: General Availability
Compatible versions: 9.6.0.78
Upgrade prerequisite: 24 x 7 OR 8 x 5 valid Support license
Applicable to: All the Cyberoam Appliance models except CR15i and CR25i
Upgrade procedure
1. Go to Web Admin Console and take backup of v 9.6.x.x from System > Manage Data >
Backup Data. For real-time conversion of v9 backup to v10 compatible backup, browse
to data migration site (http://v9migration.cyberoam.com) and upload v9 backup file.
Note: If you are upgrading fresh v9.x appliance i.e. without custom configuration
and data, skip step 1.
2. Download Appliance model-specific firmware from http://customer.cyberoam.com.
3. Upload the firmware (downloaded in step 2) from Web Admin console (menu Help >
Upload Upgrade).
4. Once the file is uploaded successfully, log on to CLI console and go to the menu
Option 6 Upgrade Version and follow the on-screen instructions to upgrade.
5. Appliance will be uploaded with factory default firmware i.e. appliance will come up with
the factory default setting.
Note: If you are upgrading fresh v9.x appliance i.e. without custom configuration
and data, skip rest of the steps. After this step, your appliance is ready for use.
6. Restore the v10 compatible backup from Web Admin console (menu System >
Maintenance > Backup & Restore)
7. To view the version 9.x reports, browse to http://<Cyberoam IP>/reports and to view
reports generated after version upgrade go to Logs & Reports > View Reports. This
option will not be available for CR15i models.
8. To view the version 9.x quarantined mails go to Antivirus > Quarantine > V 9 Quarantine
while to view the mails quarantined after version upgrade go to Antivirus > Quarantine >
Quarantine.
For further details on migration, refer Migrate from v9.6.x.x to v10 document.
Compatibility issues
Appliance model-specific firmware and hence firmware of one model will not be applicable
on another model. Upgrade will not be successful and you will receive error if you are trying
to upgrade Appliance model CR100i with firmware for model CR500i.
Document version 1.1-17/04/2010
Contents
Release Information ..................................................................................................1

Introduction................................................................................................................4
Features and Enhancements ....................................................................................4
1.
Firmware-based Upgrades...............................................................................4
2.
GUI Revamp ....................................................................................................4
3.
GUI Themes.....................................................................................................4
Configuration....................................................................................................4
4.
Role Based Access Control .............................................................................4
Configuration....................................................................................................5
5.
Multiple Authentication support ........................................................................5
Configuration....................................................................................................5
6.
Thin Client Support ..........................................................................................5
Configuration....................................................................................................5
7.
IM Logging and Control for Yahoo and WLM...................................................6
Configuration....................................................................................................6
Limitations ........................................................................................................6
8.
IPv6 Traffic Forwarding support .......................................................................6
Configuration....................................................................................................7
9.
SSL VPN Updates............................................................................................8
9.1
Application Access Mode ...................................................................8
9.2
Save User Credential option for Remote Users .................................8
9.3
Auto-start SSL VPN connection.........................................................8
10. 3G device support on WAN..............................................................................8
Configuration....................................................................................................9
11. Integration with Cyberoam-iView for Logging and Reporting...........................9
12. Customer My Account Portal for Registration & Subscription..........................9
13. External Authentication support for Administrator..........................................10
14. Support to mitigate HTTP-based DDos Attack...............................................10
Configuration..................................................................................................10
15. Traffic Inspection on non-standard ports........................................................10
Configuration..................................................................................................11
16. Protection of BGP Sessions via the TCP MD5 Signature ..............................11
Configuration..................................................................................................11
17. Module level Logging capability .....................................................................11
18. Miscellaneous Enhancements .......................................................................11
18.1
100+ Applications filter support........................................................11
18.2
Web filter support.............................................................................12
18.3
Configurable Automatic Updates of Web Categories & IPS Signature
database ..........................................................................................12
18.4
Support for Firewall rule Name ........................................................12
18.5
Appliance Management from Dashboard ........................................12
18.6
Global Administrator support ...........................................................12
18.7
Captive Portal page components customization support .................12
18.8
Packet Capture log ..........................................................................12
18.9
Automatic Certificate regeneration on modification..........................12
General Information.................................................................................................13
Technical Assistance...............................................................................................13
Technical Support Documents ................................................................................13
Introduction
This document contains the release notes for Cyberoam version 10.00 build 0227. The
following sections describe the release in detail.
This will be a key release with architectural changes, new features, and several bug fixes
that improves quality, reliability, and performance.
Features and Enhancements

1.
Firmware-based Upgrades
All the upgrades after this version will now be firmware based i.e. version can be upgraded
directly to the latest version. Firmware will be Appliance-specific and hence firmware of one
model will not be applicable on another model.
For example, if the latest released version is 10.1.0.16 and current version in your Appliance
is 10.0.0.2 then with this upgrade you will be able to directly upgrade to the latest version
10.1.0.16 instead of upgrading each intermediate version individually.
There will be support of multiple firmware residing on the appliance, so the Administrator will
be able to switch between the firmware if needed. Apart from that, upgrade and downgrade
will now also be more stable and robust as entire Operating system is converted into
bootable firmware (Starting from boot up sequence / BIOS).
2.
GUI Revamp
To improvise usability, a good portion of Web UI has been re-organized. This will also
provide a more user-friendly approach to layout, menu and screens. New GUI will be based
on Web 2.0 concept and components.
3.
GUI Themes
Cyberoam now provides Themes page to quickly switch between predefined themes. Each
theme comes with its own custom skin, which provides the color scheme and font style for
entire GUI i.e. navigation frame, tabs and buttons.
You can choose from 2 themes Cyberoam Standard and Cyberoam Classic.
Configuration
The default Cyberoam Standard theme can be changed from Options under System menu
from Web Admin Console.
4.
Role Based Access Control

To offer greater granular access control and flexibility, from this version onwards, Cyberoam
provides role-based administration capabilities.
It allows an organization to separate super administrator's capabilities and assign through
Profiles. Profiles are a function of an organization's security needs and can be set up for
special-purpose administrators in areas such as firewall administration, network
administration, logs administration. Profiles allow to assign permissions to individual
administrators depending on their role or job need in organization.
The profile separates Cyberoam features into access control categories for which you can
enable none, read only, or read-write access.
For ease of use by default, Cyberoam provides 4 profiles:
Administrator super administrator with full privileges
Security Admin read-write privileges for all features except Profiles and Log & Reports
Audit Admin read-write privileges for Logs & Reports only
Crypto Admin read-write privileges for Certificate configuration only
Configuration
1. Custom profiles can be created and managed from the Profile page of Administration
menu
2. Assign profile (created in step 1) to user from the User page of Identity menu
5.
Multiple Authentication support

This feature allows administrator to configure authentication based on the type of user
Firewall, VPN and SSL VPN and with multiple servers.
User level authentication can now be performed using local user database, RADIUS, LDAP,
Active Directory or any combination of these.
Combination of external and local authentication is useful in the large networks where it is
required to provide guest user accounts for temporary access while a different
authentication mechanism like RADIUS for VPN and SSL VPN users provides better
security as password is not exchanged over the wire.
In case of multiple servers, administrator can designate the primary and optionally the
secondary server. If primary server cannot authenticate the user then only secondary server
will try to authenticate. If secondary server cannot authenticate the user then Cyberoam
refuses the access.
By default, primary authentication method is Local while secondary authentication method
is None.
Configuration
1. Configure authentication server i.e. RADIUS, LDAP or Active Directory
2. Integrate external authentication server with Cyberoam and configure primary and
secondary authentication method for Firewall, VPN and SSL VPN traffic from
Authentication page of Identity menu from Web Admin console.
6.
Thin Client Support

Cyberoam can now authenticate hosts connecting remotely through Microsoft Terminal
Server (Microsoft TSE) Windows server 2003 and Citrix Presentation Server and apply all
the identity-based security policies to monitor and control the access.
Solution can be implemented for all the user types HTTP, Single Sign On (SSO) and
Clientless SSO (CTAS).
Configuration
1. Download Client from http://download.cyberoam.com/beta/catc and install on Microsoft
Terminal Server (Microsoft TSE) or Citrix Presentation Server
2. Configure Cyberoam for communication between the two from CLI using the command:
cyberoam auth thin-client add citrix-ip <ip address of citrix server>
7.
IM Logging and Control for Yahoo and WLM

All Instant Messaging communication happening over Yahoo IM and Windows Live
Messenger traffic can now be scanned, logged and controlled too.
Cyberoam also provides an option to enable inspection of IM traffic on non-standard ports.
For details, refer to section Traffic Inspection on non-standard port.
The feature would allow Administrators to
1. Log all communication between specific set of users, over either Yahoo or WLM.
2. Control who can chat with whom
3. Have granular control over the form of communication i.e. chat, voice or video.
4. For example, chat can be allowed between Sales and Marketing team but it can be
denied between Sales and Accounts team.
Configuration
1. Add IM contacts or IM Group for whom rules are to be created
2. Define Conversation rule to allow or deny 1-to-1 or group Chat conversation between IM
contacts added in step 1
3. Define File transfer rule to allow or deny file transfers between IM contacts added in
step 1
4. Define Webcam rule to allow or deny the usage of Web camera between IM contacts
added in step 1
5. Define Login rules to allow specific Yahoo/MSN contacts to login to their servers. By
default, access to Yahoo and MSN chat is denied to all the contacts.
6. Define content filtering rules
The scanned IM logs can be viewed from Log Viewer page.
Limitations
1.
2.
3.
4.
8.
File transfer and web camera usage not supported for Windows Live Messenger v 2009
No support for File transfer logging
No file archive support
Yahoo traffic will be scanned only if HTTP scanning is enabled.
IPv6 Traffic Forwarding support

From this version onwards, Cyberoam supports forwarding of IPv6 traffic and Appliances
will be IPv6 Ready certified for Phase II.
IPv6 is version 6 of the Internet Protocol. It is an Internet Layer protocol for packet-switched
internetworks. It has a larger address space than standard IPv4 hence can provide billions
more unique IP addresses than IPv4. This results from the use of a 128-bit address,
whereas IPv4 uses only 32 bits. The internet is currently in transition from IPv4 to IPv6
addressing.
Cyberoam allows configuring IP address using following notations:
Standard
notation
Represent the address as eight groups of 4 hexadecimal digits

For example: 0EDC:BA98:0332:0000:CF8A:000C:2154:7313
Compressed
If a 4 digit group is 0000, it may be omitted.

notation
For example
3f2e:6c8b:78a3:0000:1725:6a2f:0370:6234 can be written as
3f2e:6c8b:78a3::1725:6a2f:0370:6234
4f7e:6c8b:79a3:0000:1725:0000:0370:6234 can be written as
4f7e:6c8b:79a3::1725::0370:6234
Mixed
notation
IPv4 addresses that are encapsulated in IPv6 addresses can be

represented using the original IPv4 ``.'' notation as follows:
For example
0:0:0:0:0:0:127.32.67.15
0:0:0:0:0:FFFF:127.32.67.15
It is also possible to use the compressed notation, so the addresses
above would be represented as:
::127.32.67.15
::FFFF:127.32.67.15
Configuration
To Implement IPv6, one simply needs to assign IPv6 IP addresses to an Interfaces
using CLI command as
cyberoam ipv6 interface Port <port number> <ip address>
E.g. cyberoam ipv6 interface PortB address add 3ffe:501:ffff:101:290:fbff:fe18:5968/64
Additional commands
1. Create Prefix list for the Interface
cyberoam ipv6 interface Port <port number> prefix add <ip address>
e.g.
cyberoam ipv6 interface PortC prefix add 3ffe:501:ffff:101::/64
2. Configure IPv6 Routing
Add Router
cyberoam ipv6 route add <ip address>
e.g.
cyberoam
ipv6
route
add
fe80::210:f3ff:fe08:7d6c interface PortC
3ffe:501:ffff:101::/64
gateway
Configure router advertisement

cyberoam ipv6 interface Port<port number> router-adv send-adv enable
e.g. cyberoam ipv6 interface PortC router-adv send-adv enable
3. Test connection with pin6
ping6 3ffe:501:ffff:100:20d:48ff:fe36:59a4
4. Tunnel IPv6 traffic over an IPv4 network:

cyberoam ipv6 tunnel add <tunnel-name> remote-ip <ip address v4> local-ip <ip address
v6>
9.
SSL VPN Updates

9.1
Application Access Mode
From this version onwards, Cyberoam now allows remote access to different TCP
applications over Application Access Mode. As application is launched in a web browser, it
offers a clientless network access.
The feature comprises of an SSL daemon running on the Cyberoam appliance and AAM
Client running at the Client side to establish a secure tunnel. AAM Client is a Java Applet
Thin client which requires JRE 1.4.2.
Application access allows remote access to different TCP based applications like HTTP,
HTTPS, RDP, TELNET e.g. telnet.exe, SSH e.g. putty, secureCRTand FTP (Passive mode)
without installing client.
Server side Configuration
1. Add Applications as Bookmarks
2. Select Application Access mode in VPN SSL policy
3. Assign policy to the User or Group
For administrators, Cyberoam Web Admin console provides SSL VPN management.
Administrator can configure SSL VPN users, access method and policies, user bookmarks
for network resources, and system and portal settings.
Prerequisite (Remote User)
For remote users, customizable End user Web Portal enables access to resources as per
the configured SSL VPN policy.
Microsoft Windows supported Windows 2000, Windows XP, Windows 7, Windows

Vista and Windows Server 2003.
Admin Rights Required Remote user must be logged on as Admin user or should
have Admin privilege.
JRE Installation Java Runtime Environment V 1.5 or below.
9.2
Save User Credential option for Remote Users
To remove the hassles to type username and password every time for login, option to save
username and password is provided on the SSL VPN client.
9.3
Auto-start SSL VPN connection
Auto-start SSL VPN option is provided to automatically establish the SSL VPN connection
whenever Client system starts. One needs to save username and password to enable autostart functionality.
10.
3G device support on WAN
With introduction of 3G (Third Generation) support, Cyberoam now delivers twin protection
for high-speed secure wireless WAN (WWAN) combined with high-performance UTM. It not
only secures the wireless connection but also inspects and encrypts the traffic over the
wireless network. Hence, Cyberoam now supports set of security policies over both wired as
well as wireless networks.
It works with wireless access points from any vendor to provide security and hence achieve
broadband connectivity via high-speed wireless networks where wired-broadband

connections are not available.
The WWAN can be used by:
1. People constantly on the road for business or pleasure and cannot be without web
connection
2. Ideal for users away from home needing to connect virtually anywhere in their coverage
area
3. Temporary network where pre-configured connection is not available like trade-shows
4. Mobile and cellular networks to utilize cellular technology to securely transfer data or
connect to the Internet
5. WAN failover connection
Wireless WAN support requires a contract with a wireless service provider. Check Appendix
A for supported wireless service providers.
Configuration
1.
2.
3.
4.
5.
Pre-requisite Cyberoam deployed in gateway mode

Enable WWAN from CLI with command: cyberoam wwan enable
Re-login to Web Admin console
Configure WWAN Interface settings from Network > Wireless WAN > Settings page
Once the connection is established, system host - #WWAN1 and WWAN1 Interface will
be automatically added with the IP address 0.0.0.0 and
6. As WWAN1 Interface will be the member of WAN zone, all the firewall rules configured
for the WAN zone will be applicable to WWAN1 Interface.
7. Additional firewall rules can be configured for host - #WWAN1
11.
Integration with Cyberoam-iView for Logging and Reporting
Cyberoam is now integrated with Cyberoam-iView to offer wide spectrum of 1000+ unique
user identity-based reporting across applications and protocols and provide in-depth
network visibility to help organizations take corrective and preventive measures.
It provides network administrators with the information they need to enable the best
protection and security for their networks against attacks and vulnerabilities.
Cyberoam Administrator can also choose to restrict visibility of logs and reports to an
administrator who manages Cyberaom-iView through Role base Access Control. For
example, create a profile with read-write access for Log & Reports pages and assign to an
Administrator who is required to manage reports through Cyberoam-iView. This feature can
be very useful in an MSSP scenario.
Cyberoam-iView can be accessed by clicking Reports on the topmost button bar on each
page or from View Reports page under Logs & Reports menu.
Administrator has to login to Cyberoam-iView with the default username & password for
Cyberoam-iView admin, admin and not with the Cyberoam username and password.
12.
Customer My Account Portal for Registration & Subscription
Customer My Account portal (http://customer.cyberoam.com) now supports creation of

Customer Account and registration of the Appliance and allows to subscribe to various
modules. In the earlier versions, one had to do register and subscribe from the Appliance
itself. One can also register additional appliance through the portal itself.
Two step process
1. For creation of customer account and registration of appliance, Registration option is

provided on the home page while to subscribe for modules, one has to login from the
home page with the credential - email id and password, set at the time of creating
customer account.
2. Synchronize the registration and subscription details on Appliance from Web Admin
console.
13.
External Authentication support for Administrator
Cyberoam Administrators can now be authenticated by the external authentication server RADIUS, LDAP, Active Directory. With the support of configuring multiple authentication
servers, it is also possible to configure combination of external and local authentication for
the administrators.
In case of multiple servers, administrator can designate primary and optionally the
secondary server. If primary server cannot authenticate the user then only secondary server
will try to authenticate. If secondary server also cannot authenticate the user then Cyberoam
refuses the access.
By default, primary authentication method is Local while secondary authentication method
is None.
14.
Support to mitigate HTTP-based DDos Attack
DoS attacks to Web services known as HTTP flood attack pose a serious threat to Web site
owners and hosting providers. In this type of attacks, malicious clients send a large number
of HTTP-GET requests to the target Web server automatically making it difficult or
impossible for legitimate visitors to access it, disrupt server operation and apparently cause
costly data transfer and bandwidth overages and can negatively impact the confidence of
that site's visitors, doing incalculable damage to the site's reputation.
While simplistic packet-based attacks can be more easily mitigated upstream, with an
HTTP-based attack it is often difficult to distinguish attack traffic from legitimate HTTP
requests as these HTTP-GET requests have legitimate formats and are sent through normal
TCP connections. Hence, Intrusion Detection Systems also cannot detect them.
To detect such attacks, Cyberoam identifies such attacks based on rate of HTTP requests
per source IP or number of HTTP requests per TCP connection. Number of requests higher
than the configured rate is considered as attack and the traffic is from the said source is
dropped. One can either configure allowed number of connections or for granular controls
can configure allowed number of requests per Method GET and PUT.
Configuration
From CLI, set number of connections and HTTP method with the commands:
set http_proxy dos add connection <number of connections>
set http_proxy dos add method <GET | POST> <number of requests>
15.
Traffic Inspection on non-standard ports
By default, Cyberoam inspects all inbound HTTP, HTTPS, FTP, SMTP, POP and IMAP
traffic on the standard ports. However, many applications scan for open ports for malicious
purposes. For example, worms and trojans often use non-standard HTTP port to pass
remoet commands and fetch data from remote sites. For phishing attempts, fraudulent
websites hosted on non-standard HTTP ports to lure customers to submit and disclose their
personal information.
To protect from such attacks, Cyberoam now provides option to enable inspection of HTTP,
HTTPS, FTP, SMTP, POP, IMAP, IM MSN and Yahoo traffic on non-standard port also.
Configuration
From CLI, use the command
set service-param <service> <add | delete> <port number>
1. Maximum 16 ports can be configured per service
2. Same port cannot be configured for across the services e.g. if HTTP is configured for
port 8080 then it cannot be configured for any other service.
3. Following default ports cannot be configured for any services: 21, 25, 80, 110, 143
16.
Protection of BGP Sessions via the TCP MD5 Signature
Since BGP uses TCP as its transport protocol, it is vulnerable to all security weaknesses of
the TCP protocol itself. For a determined attacker, it is possible to forcibly close a BGP
session or even hijack it and insert malicious routing information into the BGP data stream.
TCP MD5 Signature is used to secure the BGP session and protect against the introduction
of spoofed TCP segments into the connection stream and connection resets.
MD5 checksum added to every packet of a TCP session makes it difficult for the attacker as
to hijack the session MD5 key as well as TCP sequence number is needed.
Configuration
From CLI console, go to menu Option 3. Route Configuration > 1. Configuration Unicast
Routing > 3. Configure BGP
At the prompt, using the following command to enable MD5 support:
enable
configure terminal
router bgp <AS number>
network <network>
neighbor <neighbor address> remote remote-as <AS no of neighbor BGP router>
neighbor <neighbor address> password < MD5 Key >
Currently only ipv4 address are supported.
17.
Module level Logging capability
From this version, it will be possible to view logs - Admin, Antivirus, Antispam,
Authentication, Firewall, IPS, IM, System, Web Filter, from the Web Admin console. To help
diagnose the problem, all the configuration changes will also be logged.
18. Miscellaneous Enhancements

18.1
100+ Applications filter support
Cyberoams application layer filtering allows enterprises to have advanced control over
applications and network protocols. Rather than controlling access through IPS signatures,
Cyberoam has added 100+ categories to mitigate the risk from unauthorized applications
and reduce bandwidth cost by controlling access to these applications.
One can control access of hundreds of Applications that grouped as per the usage e.g.
Instant Messengers like Yahoo Messenger, QQ Messenger , Gtalk, Webmail Chat Attempt
etc. are grouped under IM category.
18.2
Web filter support
Cyberoam provides web filtering as a means to control access over the Internet use and
improvise on network security and employees productivity.
Cyberoam groups hundreds of web sites into default categories and allows to add custom
category as per the network requirement to prevent the access to malicious sites, protect
your network from malware, worms, spyware, trojans etc.
Cyberoam also allows allocating bandwidth based on the Web category apart from
allocating and prioritizing bandwidth based on users. It will not only improve the network
productivity by limiting the bandwidth used by the recreational applications but also
guarantee the performance of the critical business application.
18.3
Configurable Automatic Updates of Web Categories & IPS Signature

database
Automatic updates of Web categories and IPS signature database can now be disabled. By
default they are enabled and can be disabled from System > Maintenance > Updates page
of Web Admin console.
18.4
Support for Firewall rule Name
In the networks where more number of firewall rules are required, it became difficult to
identify the firewall rule with its numbered ids. Hence, to easily identify the firewall rule, they
can now be named like all other security policies of Cyberoam.
18.5
Appliance Management from Dashboard
For ease of use, rebooting appliance and shutting down appliance option are provided on
Dashboard. In version 9.x, one had to either do it from Manage Server page of Web Admin
console or CLI.
18.6
Global Administrator support
Apart from the default super admin cyberoam, Cyberoam is now shipped with one global
superadmin with the credentials username & password as admin. Both the consoles
Web Admin console and CLI, can be access with the same credentials. This administrator is
always authenticated locally i.e. by Cyberoam itself. We recommend changing the password
for this username immediately after deployment.
In case multiple external authentication servers are configured and both the servers go
down, Administrator will not be able to access Web Admin console with default admin
cyberoam. In such situation, administrator can login with credentials admin/admin.
18.7
Captive Portal page components customization support
As Captive Portal is an entry point to the Corporate network, Cyberoam provides flexibility to
customize the Portal page to offer consistent logon/log off page. This page can be exclusive
to your business including your business name and logo. It also provides flexibility to
customize page color scheme as per your companys Website.
18.8
Packet Capture log
Packet Capture log now includes details of all the packets and not just the Denied packets
details.
18.9
Automatic Certificate regeneration on modification
General Information
Technical Assistance
If you have problems with your system, contact customer support using one of the following
methods:
Email id: support@cyberoam.com
Telephonic support (Toll free)
APAC/EMEA: +1-877-777- 0368
Europe: +44-808-120-3958
India: 1-800-301-00013
USA: +1-877-777- 0368
Please have the following information available prior to contacting support. This helps to
ensure that our support staff can best assist you in resolving problems:
Description of the problem, including the situation where the problem occurs and its
impact on your operation
Product version, including any patches and other software that might be affecting the
problem
Detailed steps on the methods you have used to reproduce the problem
Any error logs or dumps
Technical Support Documents

Knowledgebase: http://kb.cyberoam.com
Documentation set: http://docs.cyberoam.com
Important Notice
Elitecore has supplied this Information believing it to be accurate and reliable at the time of printing, but is presented
without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any
products. Elitecore assumes no responsibility for any errors that may appear in this document. Elitecore reserves the
right, without notice to make changes in product design or specifications. Information is subject to change without
notice.
USERS LICENSE
The Appliance described in this document is furnished under the terms of Elitecores End User license agreement.
Please read these terms and conditions carefully before using the Appliance. By using this Appliance, you agree to be
bound by the terms and conditions of this license. If you do not agree with the terms of this license, promptly return the
unused Appliance and manual (with proof of payment) to the place of purchase for a full refund.
LIMITED WARRANTY
Software: Elitecore warrants for a period of ninety (90) days from the date of shipment from Elitecore: (1) the media on
which the Software is furnished will be free of defects in materials and workmanship under normal use; and (2) the
Software substantially conforms to its published specifications except for the foregoing, the software is provided AS IS.
This limited warranty extends only to the customer as the original licenses. Customers exclusive remedy and the entire
liability of Elitecore and its suppliers under this warranty will be, at Elitecore or its service centers option, repair,
replacement, or refund of the software if reported (or, upon, request, returned) to the party supplying the software to the
customer. In no event does Elitecore warrant that the Software is error free, or that the customer will be able to operate
the software without problems or interruptions. Elitecore hereby declares that the anti virus and anti spam modules are
powered by Kaspersky Labs and Commtouch respectively and the performance thereof is under warranty provided by
Kaspersky Labs and Commtouch. It is specified that Kaspersky Lab does not warrant that the Software identifies all
known viruses, nor that the Software will not occasionally erroneously report a virus in a title not infected by that virus.
Hardware: Elitecore warrants that the Hardware portion of the Elitecore Products excluding power supplies, fans and
electrical components will be free from material defects in workmanship and materials for a period of One (1) year.
Elitecore's sole obligation shall be to repair or replace the defective Hardware at no charge to the original owner. The
replacement Hardware need not be new or of an identical make, model or part; Elitecore may, in its discretion, replace
the defective Hardware (or any part thereof) with any reconditioned product that Elitecore reasonably determines is
substantially equivalent (or superior) in all material respects to the defective Hardware.
DISCLAIMER OF WARRANTY
Except as specified in this warranty, all expressed or implied conditions, representations, and warranties including,
without limitation, any implied warranty or merchantability, fitness for a particular purpose, non-infringement or arising
from a course of dealing, usage, or trade practice, and hereby excluded to the extent allowed by applicable law.
In no event will Elitecore or its supplier be liable for any lost revenue, profit, or data, or for special, indirect,
consequential, incidental, or punitive damages however caused and regardless of the theory of liability arising out of
the use of or inability to use the product even if Elitecore or its suppliers have been advised of the possibility of such
damages. In no event shall Elitecores or its suppliers liability to the customer, whether in contract, tort (including
negligence) or otherwise, exceed the price paid by the customer. The foregoing limitations shall apply even if the above
stated warranty fails of its essential purpose.
In no event shall Elitecore or its supplier be liable for any indirect, special, consequential, or incidental damages,
including, without limitation, lost profits or loss or damage to data arising out of the use or inability to use this manual,
even if Elitecore or its suppliers have been advised of the possibility of such damages.
RESTRICTED RIGHTS
Copyright 1999-2010 Elitecore Technologies Ltd. All rights reserved. Cyberoam, Cyberoam logo are trademark of
Elitecore Technologies Ltd.
CORPORATE HEADQUARTERS
Elitecore Technologies Ltd.
904 Silicon Tower,
Off. C.G. Road,
Ahmedabad 380015, INDIA
Phone: +91-79-66065606
Fax: +91-79-26407640
Web site: www.elitecore.com, www.cyberoam.com

Cyberoam Release Notes V 10

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cyberoam Release Notes V 10

Uploaded by

Copyright:

Available Formats

Cyberoam Release Notes

Version: 10.00 build 0227

Document version 1.1-17/04/2010