SonicWall Previews New APT at SonicWall World 2015

Suffice it to say, SonicWall ‘s been in the news recently. Certainly the news around EMC has garnered many headlines. But it’s great to know that while all of this goes on, our number one priority remains interacting with our customers from around the world. This week, many of us are at the annual SonicWall  World and the SonicWall Software User Forum 2015 in Austin. SonicWall World is one of our greatest opportunities to interact with our customers one-on-one. It provides us with an opportunity to give and receive information. My role here is certainly to do both. At the start of SonicWall World my focus was to communicate the SonicWall Security Solutions strategy and our roadmap. Yesterday at the SonicWall World Software User Forum main stage, I had the chance to disclose some of our key innovations, including Simplified Infrastructure Management of Security + Networking, SaaS Global Management, and Security Sandboxing just to name a few. But in addition to these innovations, I want to be sure to highlight the exciting technology preview for Network Security.

To protect customers against the increasing dangers of advanced persistent threats (APTs), SonicWall is offering a technology preview of the SonicWall APT Protection Service at SonicWall  World. This new service – available on both firewalls and email security solutions – scans files of any size and holds potentially malicious unknown files until a verdict can be reached. This solution is built on multi-layered sandbox technologies that use both system emulation and virtualization techniques to detect more threats than competitors’ single engine solutions and leverages the SonicWall GRID, our cloud forensics platform which leverages real-time analytics from over 500K connected next-gen firewalls (NGFWs). Customers immediately benefit from fast response times, high security effectiveness and reduced total cost of ownership.

Additional offerings from Network Security include:

  • New integrated management of SonicWall Networking X-Series switches through the SonicWall firewall interface allows customers to manage and enforce security policies across their network security, switching, wireless and WAN acceleration from a single pane of glass. This reduces complexity, increases operational efficiency and ultimately leads to better network security for multi-unit deployments.
  • SonicWall Email Security increases effectiveness with the addition of Cyren anti-virus signatures. SonicWall Hosted Email Security and Email Security appliances running software release 8.2 now features best in class multi-layer AV protection including \SonicWall GRID AV, McAfee AV, Kaspersy AV and Cyren AV.

What I love most about SonicWall World is my time spent talking to our customers and hearing how we can do better. I’m also extremely pleased that we’ve brought in our highly technical experts and resources to conduct in-depth detailed training. If you’re joining us here at SonicWall World 2015 and Software User Forum, THANK you, be sure to attend the track sessions highlighted in an earlier SonicWall World blog. The more training a company gets in security, the more secure they will be. I am thoroughly enjoying our time together. Please let me know if there are additional ways we can support you and be sure to visit our security evangelists in the Solutions Expo over the next few days!

 Picture of the DellWorld stage viewed from the audience

Firewall Hero Sandwich to the Rescue

When a giant global plastics manufacturer faced a super cyber threat landscape, SonicWall’s firewall “Hero Sandwich” came to the rescue. This powerful security solution of the SonicWall Firewall Sandwich was recently leveraged by our customer, a global enterprise network. The challenges faced by this customer were the same that all companies face today as the cyber threat landscape increases exponentially year over year. While vastly differing in scalability, architecture, and policy, cyber security is paramount to any business or corporation whether it be the local fast food merchant, multinational financial industry, or a government service or agency. As the customer’s network expanded, the network administrators desperately needed to augment their security protection and inspection for their Internet presence. While securing the gateway is fundamental, this did not take into account the ever increasing challenge that every network administrator faces today: protecting the network from the end users.

Every network with a mobile workforce is faced with the same inherent risk of the industry’s most elaborate and compromising cyber security breaches. Network admins must account for devices, often taken off-premises that have secure and trusted access to the corporate network generally beyond the gateway firewall. These devices are vulnerable when they connect to possibly unsecure public networks, or go to sites normally blocked by the corporate firewall or security policy. This trusted device then could compromise the corporate network once the device is reconnected to the internal network. A gateway solution does not account for this type of vulnerability.

The network administrator of the giant plastics manufacturer had to find a way to deliver security inspection and control for some 500 mobile devices while simultaneously securing a large datacenter serving over 5,000 global user workforce. While the manufacturer’s Internet connectivity is a 1 Gbps connection, this paled in comparison to the average per second throughput of their internal core network. Their core network on an average is moving 30 – 40 Gbps. The real challenge was identifying a security solution that could reach this high throughput demand, and provide a path to easily meet performance demands in the future without allowing latency in the network. Enter the SonicWall Firewall Sandwich to the rescue!

In this fluid design for this manufacturer, the network admin implemented four of the SonicWall SuperMassive 9800s in a single Firewall Sandwich deployment, our “Hero Sandwich”. With high performance SonicWall next-generation firewalls in place the customer could easily scale to their current 40 Gbps. Furthermore, the architecture of the SonicWall Firewall Sandwich enables the customer to easily scale this network by simply adding additional appliances over time as demand on throughput expands. Even speeds of 60, 100, even 300 Gbps and higher are easily deliverable with this solution. With the “Hero Sandwich” the network admin now has the ability to apply the industry’s best Application Control, Anti-Virus Inspection, Anti-Spyware Inspection, SSL Decryption, Botnet Inspection, and Intrusion Detection & Prevention on all traffic traversing his internal network. All these services are performed real-time on every packet, and without introducing any performance limitations or network latency. This particular network admin now has the ability to ensure the integrity of the internal network, even from internally introduced threats.

Here are some important questions you might want to ask yourself. Do you have similar network demands? Do you have a mobile workforce with devices coming and going on your internal network? Do you inspect inside-to-inside network activity? Are you able to monitor network applications, access, and user activity? Can you easily produce user activity and threat alert reports on inside LAN communications? Do you know what threats exist on your LAN today? The SonicWall Firewall Sandwich may be your solution, too. Download the tech brief and watch the Webinar and contact your SonicWall team today.

New SonicWall Email Security 8.2 w. Cyren AV

The foundation of email threat protection has long been anti-virus technology and IP reputation databases. Threat research teams across the globe are hard at work analyzing email, identifying spam and malware, and building anti-virus and IP reputation database libraries to help combat threats. Experts agree that for best threat protection, email security solutions should not rely on a single anti-virus engine or reputation database, but should integrate multiple sources to maximize security effectiveness.

To deliver best-in-class email threat protection, SonicWall Email Security 8.2 includes multiple anti-virus technologies, including SonicWall Global Response Intelligent Defense (GRID) Anti-Virus, SonicWall Time Zero, and premium anti-virus technologies, including McAfee, Kaspersky, and now, Cyren Anti-Virus.

Cyren AV is now included with SonicWall Hosted Email Security and, for customers that prefer an on-prem solution, available with Email Security appliance and software release 8.2, when purchased with the Total Secure subscription service. The SonicWall Email Security offers seamless set-up for IT administrators and provides immediate results.

“Since replacing our Barracuda appliance with SonicWall, we achieved a 95 percent reduction in spam reaching user mailboxes,” saidGary Walker, network administrator, City of Alexandria.

With SonicWall Email Security solutions, our GRID Network performs rigorous testing and evaluation of millions of emails every day, and then reapplies this constantly updated analysis to provide exceptional spam-blocking results and anti-virus and anti-spyware protection.  SonicWall Time Zero Virus Protection uses predictive and responsive technologies to protect organizations from virus infections before anti-virus signature updates are available. Suspect emails are identified and immediately quarantined, safeguarding the network from the time a virus outbreak occurs until the time an anti-virus signature update is available. Moreover, premium anti-virus technology from industry-leading, anti-virus partners including McAfee, Kaspersky, and Cyren provides an additional layer of anti-virus protection, resulting in protection superior to that provided by solutions that rely on a single anti-virus technology. In addition to the multi-layer threat protection and ease of use, the SonicWall solution is affordable and provides low TCO.

“With SonicWall, we have easily saved $30,000, and will save an additional $15,000 each year,” said Walker.

Learn More about SonicWall Email Security

For more information about SonicWall Email Security, please visit our website, refer to the SonicWall Email Security 8.2 release notesor contact a SonicWall representative at 1.888.557.6642, or

Visualization is Key to Deeper Network Security

If you follow sports at all you’ve probably heard about athletes using visualization to improve performance. It’s a simple tool where an athlete visualizes or “sees” himself or herself performing successfully in the athlete’s mind. Through visualization athletes paint a mental picture of how they will succeed and accomplish their goals.

The concept of visualization also applies to network security. If you’re an administrator it’s important that you have constant insight into what’s happening on the network. Gathering intelligence on users, applications, bandwidth consumed, etc. is a smart idea. Not only does it give you a better understanding of who’s on the network and what they’re doing, it also helps you develop a plan to optimize your network’s performance. Network visualization takes intelligence gathering a step further by providing a graphical representation of network activity. The ability to see various activities across the network in real time is a big advantage.

Want another reason why visualization is important? Most humans learn from watching. Here’s an interesting fact. According to the Social Science Research Network, 65 percent of the population are visual learners. We also process visual information much faster than information that’s text-based. It stands to reason then that having the tools to visualize network activity is critical to gaining a deeper level of security.

These days the new norm in network security is the next-generation firewall. One of the requirements of a next-generation firewall is application identification and visibility. Administrators should be able to view applications in use on the network, the amount of bandwidth and processing power they consume and who the top users are. Using this information you can make informed decisions such as which apps to allow and which to block, the amount of bandwidth to allocate to each app and whether you need to have a talk with an employee about his/her choice of websites which may potentially contain malware.

If you’re still using a legacy stateful packet inspection firewall or even a next-generation firewall to protect your network, here are 10 questions you should ask to make sure you’re getting the right level of protection from your security appliance.

Does my firewall:

  1. Gather information on critical topics such as apps, users, bandwidth consumption and threats across the network?
  2. Present the information visually in a way that makes it easy to understand?
  3. Update the information in real time so that I have the latest data?
  4. Provide daily reports on network threats (viruses, intrusions, malware) and non-essential multimedia apps (gaming, video) that have been blocked?
  5. Allow me to manage bandwidth per application and allocate more to business-critical apps while throttling those that are unproductive?
  6. Provide continual information on other vital functions such as connection count, memory and CPU usage, incoming and outgoing packets and more?
  7. Chart log activity?
  8. Offer filters that allow me to view information in multiple formats over different time periods?
  9. Enable me to export or email data directly from the firewall?
  10. Provide an intuitive dashboard that summarizes all the information I need?

Earlier I brought up the use of visualization in sports and how athletes use it to help improve their performance. Well, here’s another example of visualization, albeit in a slightly different way. The pylon cam. The pylon cam is the NFL’s latest tool for gathering information through visualization. Inside each goal line pylon is a high-definition camera that provides a field-level view across both the goal lines and sidelines. Officials can then use this information to make the correct call on critical plays. It’s an interesting use of the visualization concept to gather information and make decisions, just like in network security.

If you are interested in learning more about firewall solutions that provide application control and network visualization, take a virtual test drive of the SonicWall NSA 3600.

SonicWall Security is coming to SonicWall World 2015

SonicWall World 2015 takes place in Austin in a couple of weeks, Oct. 20-22, and I am eager to talk security with our customers, partners, press and analysts. We will kick off the conference with a Network Security Track at the SonicWall World Software User Forum, which leads to three information-packed days of technical training for SonicWall Next-Generation Firewall customers. The deep dive technical sessions delivered by our engineers and product managers will help them defend their networks against continuously evolving threats by leveraging their existing security infrastructure. The Network Security Track is designed to provide practical answers to questions and challenges associated with security in general and as it relates to  SonicWall Next-Generation Firewalls. We’ll have experts on hand to work directly with participants, step-by-step, to address their most pressing issues. Additionally, we are hosting lab sessions where they can see first-hand the best practices recommended by security engineers to address a variety of scenarios.

In addition to the focused Network Security track, SonicWall Security thought leaders will be presenting in a variety of breakout sessions at both the SonicWall World Software User Forum and at the SonicWall World Main Track. Here are all of the sessions available to attendees:

Main Track (MT) – Wed. 1 pm/ Thurs 9:30 am Panel – Mobilizing People and Data for a Future-ready Workforce:

Today’s workforce is evolving work is an activity, not a location, and people want choice in the tools they use. While many technology providers claim to have “the” answer to mobility, in reality they’re only equipped to address a narrow set of challenges, leaving the customer to patch together a solution. In this session, learn how SonicWall uses recent research to buck this one-size-fits-all approach with strategies centered on mobilizing two things: people and data. We’ll share how SonicWall integrates solutions across our end-to-end portfolio to give people the best tools for the job, while mobilizing data in a secure, managed and reliable way.

Main Track (MT41) – Wed 2:30 pm/Thurs 8 a.m. – Key Security Insights: Examining 2014 to predict emerging threats:

Cyber-crimes are alive and well on the global stage and will only continue to be pervasive as long as organizations prolong taking the necessary defense measures to stop threats from slipping through the cracks. In this session, we’ll present the most common attacks SonicWall observed since 2014 and the ways we expect emergent threats to affect small and medium businesses, as well as large enterprises moving forward. This session is perfect for anybody who is interested in learning more about the state of the union in security.

Software User Forum (SUF 60) – Endpoint to Perimeter: Network Protection That’s Inside Out and Outside In:

As an IT professional, it is an alarming time you live in.Each and every day you may be feeling unease about the risk of your network being breached.The cybercriminal community is relentless in its pursuit to exploit the weaknesses of your network wherever they could find them.So how well are you prepared for the next attack?In this session, we will discuss how you can take advantage of modern-day network security tools and services to achieve ongoing protection against emerging threats. Additionally, we will explore why it truly counts to have a nimble threat research and response team working for you.This session will provide a complete overview of the entire SonicWall Security solution portfolio to help you get a handle on what is important for your organization to think about.

Software User Forum (SUF 61) SonicWall Email and Encryption Solutions:

In this session, you will learn about leading edge-strategies and technologies to protect your email from viruses, spam, and confidential data leaks and how SonicWall can help you easily and affordably meet industry and regulatory requirements for secure email exchange.

  • Speaker: Jane Wasson

Software User Forum (SUF 62) Mobile Access and Security update:

In this session, you will learn about the leading-edge strategies and technologies to securely enable mobile worker productivity while protecting your data from loss or theft and how SonicWall Secure Mobile Access Solutions can help.

  • Speaker: James Whewell

Software User Forum (SUF 63)Key Security Insights:

Examining 2014 to Predict Emerging Threats: Cyber-crimes are alive and well on the global stage and will only continue to be pervasive as long as organizations prolong taking the necessary defense measures to stop threats from slipping through the cracks. In this session, we’ll present the most common attacks SonicWall observed since 2014 and the ways we expect emergent threats to affect small and medium businesses, as well as large enterprises moving forward. This session is perfect for anybody who is interested in learning more about the state of the union in security.

I hope to see you in a few weeks in Austin. Let me know, if you have questions. We can connect via Twitter @Johngord.

How to Transform Your Network Security Infrastructure To Be Future-Ready

As an IT leader, you understand how new disruptive technologies can improve your company’s competitive positioning and drive overall business value. Technology trends such as cloud, mobility, social and big data compel companies to move quickly to define and implement next-generation data center architectures and security defense strategies to take advantage of these new technologies. While these trends have proven to boost commerce and operational efficiencies for many businesses who are early adopters, they also introduce security loopholes that give cyber-criminals an easy path to inject malware into the network, evade detection, and steal data.

For example, when new software and network designs are implemented to enable BYOD initiatives, companies quickly find themselves at higher risk due to the increasing number of vulnerable web applications and unsafe systems and endpoint devices that are added to their network. They’re now forced to grapple with a significantly higher volume of connected devices accessing their networks which have the potential to slow performance as well as productivity. Not only can users consume an enormous amount of bandwidth with multiple connections per device and time-wasting, productivity-draining applications such as social media and video streaming, they also collectively create a much larger attack surface for cyber-criminals to exploit. To fully benefit from BYOD and other business enabling technologies, next-generation data centers must be agile, scalable, manageable, flexible, and most importantly, secure against the ever-changing global threat environment including network attacks that use encryption to bypass security controls. After all, a security system cannot stop what it cannot decipher.

To meet these challenges, the network security layer must be highly extensible to support the largest of data centers’ bandwidth consumption with absolutely near zero downtime. Such requirements have justified necessary networking security architectures that can be incrementally deployable and horizontally scalable. In other words, there might not be a single SonicWall Next-Generation Firewall (NGFW) with the scale to meet the performance requirements of some compute- and bandwidth-intensive networks such as large institutions, government agencies, and global enterprises. A more practical way to scale the performance beyond capabilities of a single SonicWall NGFW device is to combine multiple SonicWall NGFW devices into a network cluster for full redundancy, failover and failback to ensure there is no single point of failure in the design. In this infinite scale-out model, adding additional security compute resources should ideally be a matter of easily adding more firewalls to the system in a very cost-effective way.

If you are currently tasked with implementing big-bet initiatives to improve growth and competitiveness and feel that security is your biggest barrier for implementing these programs, SonicWall invites you to download this exclusive “A Massively Scalable Approach to Network Security” white paper to help you implement your future-proofed, network-based scale-out security layer architecture. This is a highly resilient design that offers transparent security services to augment existing security solutions, separate security functions and provide added capacity via N+1 redundancy to solve your most complex and demanding data center requirements. The solution provides the following benefits:

  1. Scalable performance to support 10, 40 and/or 100+ Gbps data centers
  2. Assured availability of internet services and connectivity without compromising security
  3. Deep security through SSL inspection and prevention of intrusions, malware, botnets, etc.
  4. Visualization of all applications, users, groups traversing the firewalls
  5. Cost savings up to 82%* lower than Cisco and 65% lower than Palo Alto Networks and 57% lower than Fortinet

Internet of Things (IoT) Challenges Solution Providers with Security Risks

A lot has happened in the last year across SonicWall Network Security Solutions. We have implemented a complete refresh of our SonicWall TZ Wireless firewall product line from top to bottom while expanding the portfolio with the introduction of new platform form factors and performance capabilities. We’ve innovated the software as well, improving features and performance, to deliver value for every size company from small businesses to distributed enterprises. At the annual partner conference, SonicWall  Security Peak Performance 2015 – Come for Knowledge, Leave with Power, we announced best practices for securing the Internet of Things (IoT). We continue to arm our security channel partners with next-generation firewalls to fight the malware economy with the support of our threat research, our Deep Packet Inspection Engine, and, responding to the rise in encrypted traffic, we’ve dramatically increased security for our customers by enhancing our DPI SSL capabilities and overall support from top to bottom. Our partners from 21 countries attended dynamic keynote presentations and 20 technical breakout sessions with our security experts at three levels of security curriculum.

The next big trend that people are talking about is the Internet of Things. At Peak, the buzz on how this will create new vulnerabilities was widely evident. One of the discussions by our SonicWall Security experts identified five key steps to take full advantage of the evolution of IoT devices:

  1. Put Security First: Be vigilant and ensure data is secured and encrypted from the data center or the cloud to the endpoint and everything in between. SonicWall advocates a holistic approach to security that includes looking at endpoint security, network security, identity and access management, and more. Be aware of the data device vendors collect. If they are collecting data on all of their customers, this consolidated data set may be a very attractive target for hackers.
  2. Research the Devices: Evaluate the IoT devices accessing and planning to access the system. Understand what they do, what data they collect and communicate, who owns the data collected from the device, where the data is being collected, and any vulnerability assessments or certifications the devices have.
  3. Audit the Network: It is critical to understand the impact of IoT on network traffic in the current “˜as-is’ state. Do an audit to understand what is currently accessing the system, when, what it does when it sees data, and what it communicates to and where. This will enable an organization to reassess its network performance and identify any changes on an ongoing basis as additional devices are knowingly or unknowingly added or removed.
  4. Compartmentalize Traffic: Employ a “˜no-trust’ policy when it comes to IoT devices. Ensure they are on a separate network segment or virtual LAN (VLAN) so they are not able to access or interfere with critical corporate data.
  5. Educate Everyone: IoT is the “˜Wild West’ and will continue to evolve and change rapidly over the coming months and years. As such, it will be critical to ensure IT, security and network teams educate themselves about the latest devices, standards, and issues. Be prepared for consolidation and emerging standards, but understand today, little of that exists as some devices have weak or no security.

Our Security Channel partners are all Peak Performers

Getting ready for the surge of devices that come with the IoT is something partners need to consider as they chart their future. SonicWall Peak Performance is both a forum for information exchange on best practices as well as a vehicle to prepare for the IoT future. SonicWall Network Security channel partners have achieved tremendous success in the last 12 months. This underscores the value of the channel program. Some of the highlights include:

  • 12,000 partners sold SonicWall products
  • Number of deal registrations increased by 7 percent to over 4,100 per quarter, while the number of partners submitting deal registrations rose by 12 percent to 1,300 per quarter.
  • Partners who attended Peak Performance last year saw 40 percent year-over-year growth and 33 percent quarter-over-quarter growth;
  • 8,700 network security courses were taken, representing 1,700 partner companies
  • 320 partners earned the network security competency, bringing the total number of Preferred and Premier level partners to 1,500

SonicWall Security Recognizes Peak Performers

Our Premier Partner, Secure Designs, Inc. delivered peak performance with their phenomenal customer success with Time Warner Cable Wireless.

“The key takeaway of SonicWall Peak Performance 2015 would be that  SonicWall is totally committed to make things happen, we learned that already in some of the breakout sessions and really whatever you want to do, you have the ability to do. Whether it’s a specific program that they have that you can deploy, or there’s something outside of the box that you want to tell them, they’re going to be interested in helping to make it happen,” said Larry Cecchini, President and CEO of Secure Designs Inc.

Joe Gleinser, president of GCS Technologies, a premier partner, was interviewed onsite:“I have used SonicWall for nearly a decade and have 500 clients deployed across Texas and my clients learn to depend on the SonicWall brand.”

“Our partners are such an important piece of our business and we’re thrilled to be able to recognize their tremendous accomplishments over the last year. The amount of energy and excitement coming out of the Peak Performance show was contagious and we’re looking forward to seeing how our partners capitalize on this. We look forward to celebrating more successes next month at SonicWall World in Austin, TX,” said Chris Szarlacki, Director, Channel Marketing, SonicWall.