Today, we are going to review one of Cyberoam's smallest UTM device, the Cyberoam CR25ia. This metal-looking appliance is a 100% UTM-enabled device, capable of url/content filtering, antivirus / applications inspection and IDS/IPS analysis. You can read the full Cyberoam CR25ia product specifications here, while you can download an even more detailed PDF here.

Current bare hardware list price is 563€ (+ 86€ for yearly 8x5 maintenance & support), while for a complete UTM solution you need the UTM license which costs another 216€, bringing total cost to 779€. While these are not dirty-cheap prices, they are considerably lower then similar UTM devices from other vendors, sometime by a great margin. Analyzing CR25ia, keep in mind its price advantage.

List price are obviously subject to change; however, you can not expect prices to excessively fall down: we are dealing with a very capable device that boasts 4 Gigabit Ethernet ports and  interesting UTM throughput, as Cyberoam certifies a ~50 Mbit/s full UTM (antivirus + IDS/IPS) performance. Firewall and VPN specifications are quite high, being rated at 450/225 Mbit/s (for UDP and TCP traffic respectively) and 75  Mbit/s for AES-encrypted traffic. On the other hand, 3DES performance is rated at only 30 Mb/sec.

While Cyberoam seems very serious about CR25ia performance (they repeatedly stated that CR25ia  UTM speed is “certified”), official specification, for both features and performance, should be verified on real world tests and under realistic workloads. For this very reason, I am going to test the performances of our hero in some common, networked-related tasks. So, lets go to next page to describe testing methodologies.