CAPTURE MORE. FEAR LESS: SonicWall Capture ATP for Ransomware Prevention

/0 Comments/in /by

If you pictured a specific technology exemplified as an animal what would it be?  Cars have been visualized as horses and bulls and the names like Mustang, Pinto, and Taurus all ring a bell with us. We see this in cyber security as well.  We have worms, bugs, and Trojan [horses] (I know that’s a stretch).  If you picture ransomware viruses as malicious bugs then you would see Capture Advanced Threat Protection (ATP) as a spider.

Spiders are the perfect foe of bugs. They sit in wait within perfectly designed traps and focus their energy on processing their prey.  SonicWall Capture ATP, multi-engine cloud-based sandbox, does just that; as a network sandbox it awaits suspicious code in order to process it to see what it wants to do from the application, to the OS, to the software residing on the hardware. If you read up on Cerber ransomware, you will see one of the most advanced persistent threats known today.  You will see how it evades traditional security and employs evasion tactics to get around network sandboxes. Thanks to Capture ATP’s parallel processing multi-engine sandbox, catching Cerber is easily done.

Capture ATP is not only successful versus Cerber and other nasty forms of ransomware, but it also finds many other forms of malware too.  Last year, SonicWall detected over 60 million new and updated malware; that’s roughly two per second.  With that volume of malware being processed on a daily basis, it’s important to have a network sandbox in place to catch yet-to-be-discovered malware before it can make itself known by locking your desktops and encrypting your files.

Watch the video below to see how Solutions Granted, Inc., a Platinum Partner, CEO, Michael Crean, sees the benefits of using Capture ATP.

Bringing a Focused Cybersecurity Education to the Front Lines with SonicWall University

/0 Comments/in /by

When the SonicWall community separated from Dell and announced our SecureFirst Partner Program 150 Days ago, we confirmed our commitment to 100 percent fulfillment through channel partners. Since then, more than 10,000 partners across 90 countries have registered as SonicWall resellers, including 2,000 new partners.

I cite these statistics not only as a testament to the global reach of SonicWall’s solutions but as a reminder of the heightened security landscape that causes businesses to seek out our partners and solutions in the first place. The cyber arms race intensifies every year as cybersecurity teams and criminals alike enhance their techniques for outwitting their respective opponents.

Because our goal is to outwit highly knowledgeable criminals, one of our greatest assets in this ongoing battle is cybersecurity education. Many small and mid-sized businesses (SMBs) rely on our partners as IT consultants to help them put the technology in place to detect and protect against breaches. This requires our partners to maintain real-time awareness of the constantly shifting threat landscape, a tall order that our partners have filled laudably. Still, many have expressed a desire for more real-time focused education that would help them provide the best possible advice based on a complete understanding of today’s current threats and technologies.

To meet this need, we are thrilled to announce an extension of SecureFirst called SonicWall University, which will help us more quickly and effectively communicate insights we have gleaned from our Global Response Intelligence Defense (GRID) Threat Network to the partner community. Partners can access the SonicWall University curriculum through a web-based platform and will receive specialized training and accreditation tailored to their role as a salesperson, systems engineer or support team member. In addition to our own curriculum, we’ll be sharing content from trusted industry sources as well as our partners themselves to ensure the full breadth of current knowledge is being distributed rapidly and effectively.

Partners have not only requested cybersecurity education for themselves, but for their customers and prospects, who may not always have up-to-date information on how to protect their infrastructure. Today we unveiled a major marketing campaign to educate SMBs on the three most prominent threats identified in the SonicWall 2017 Annual Threat Report – ransomware, encrypted communications (SSL/TLS), and advanced phishing and other email-borne attacks. Partners can apply for marketing development funds and earn special discounts and rebates for using these programs, which they can access through our new SecureFirst Partner Portal. We have had great momentum for our partners.

“As a long standing partner and direct marketer of SonicWall, we are seeing great business acceleration since SonicWall’s independence and the new programs such as the SonicWall University. We are delighted with the restoration of the SonicWall brand and the new marketing campaign ‘air cover’,” said Hillel Sackstein, President of Virtual Graffiti, Inc, a Platinum Partner and DMR.

“As a SonicWall partner, our team has already benefitted from the advantages of the SecureFirst Partner Program. The technical innovation in the SonicWall offerings are built from the ground up to secure the customer and benefit partners. The new SonicWall University with on-demand courses, certifications and accreditations will be an excellent way to deliver increased expertise to our customers.” said Eamon Moore, Managing Director of EMIT, a SecureFirst Silver partner based in Ireland.

“As a partner in Asia Pacific, we are delighted with the enhanced access and investment of the new on-demand technical resources and courses SonicWall University delivers to our teams. Since SonicWall has been independent, we have continued to push boundaries and together we have built more opportunity. SonicWall’s excellent track record of committing to innovation and delivering on their promise to better protect our customers is something we can always count on,” said Cary Wu, General Manager, SecuUnion in Asia Pacific.

“The introduction of SonicWall University is a great initiative from a company that remains committed to supporting its partners’ success. It’s critical that businesses facing today’s level of cybersecurity threats are prepared with both the latest technology and, equally as important, the cyber skills to manage that technology. With SonicWall University we’ll be able to provide our customers with even more support in a time when businesses are lacking the required in-house security skills needed. Everyone on our team is excited to get started on the SonicWall University training and accreditation to further enhance our customer offering,” said Jason Hill, Sales Director, Security, Exertis.

I could not be more delighted to introduce these initiatives and to be a part of the SonicWall community making them a reality. To our exceptional partner base, we’re excited and honored to be part of your business strategy, and it’s our great privilege to take an even more central role in educating you on today’s current threats and solutions. As you participate in SonicWall University courses and work to educate your SMB customers over the coming weeks and months, I look forward to your feedback and ideas for improving these programs. It’s our central goal to ensure you and your customers have the knowledge, training and technology you need to have more business and less fear.

CeBIT 2017: Real-Time Breach Prevention with SonicWall, Your Partner in Cybersecurity

/0 Comments/in /by

Join SonicWall at CeBIT 2017 on the 20-24th of March, in Hannover, Germany.

With “Experience the Digital Transformation” as this year’s theme, IT Security will be at the forefront of the visitors’ agenda, alongside other leading-edge technologies, such as artificial intelligence, humanoid robots and applications of virtual reality. But security can’t be an afterthought! It’s at the core of everything organizations do. Without it, they can’t grow, can’t move forward and can’t innovate. Without effective security, too often, organizations default to inaction, to not moving forward. And they will have no choice but to say NO to their digital transformation.

The explosion of advanced threats is rendering legacy network security solutions obsolete. Ransomware, zero-day threats, encrypted malware and other attacks expose organizations to breaches that threaten business viability and compliance requirements. This creates the need for a new breed of network security solutions that deliver more than just breach detection. Organizations require breach prevention capable of handling threats delivered by any vehicle including web and email, over encrypted or unencrypted traffic, across any network including wired and wireless, and for not only PCs but tablets, smartphones and IoT devices.

As an exhibitor in Hall 6, Stand E03, SonicWall with five of its German partners – Data_Sec, Tarador, Die Netz-Werker, Pallas and Synexus – will demonstrate cutting-edge network security solutions that enable our customers to stay ahead of cybercriminals in the continually evolving cyber arms race, allowing them to embrace their digital transformation whilst meeting their compliance requirements.

Speaking of which, the General Data Protection Regulation – GDPR – goes into effect in May 2018. It will affect companies of all sizes, in all regions, and in all industries, who holds EU citizen personal information. Victims of a data breach when the GDPR goes into effect risk significant fine (up to 20 million euros or four percent of their global revenues), and loss of reputation, that could bring the business to its knees. So don’t put off early consideration of GDPR: the scale, complexity, cost and business criticality of GDPR means that it will take some a long time for most companies to achieve full compliance…Start now if you haven’t done so.

SonicWall’s on-site presentations (we will have more than 45 exciting presentations), demos (including live hacking sessions), and experts will empower you and your organization’s networks to overcome numerous crimes targeting weak spots in your network. You will definitely want to see a demo of our award-winning multi-engine sandbox, SonicWall Capture ATP, which scans network traffic to prevent zero-day and advanced threats. We will show how we can block unknown files until Capture reaches a verdict, which is made possible by a highly effective multi-engine sandbox. Near real-time verdicts are rendered by our highly efficient GRID cloud threat network. Our next-gen firewalls also detect malware using SSL or TLS encryption to cloak malicious behavior, C&C communication and exfiltration.

Because email is a constant target for attacks we will showcase our revolutionary technology for email security that now integrates with our award-winning Capture Advanced Threat Protection (ATP) Service. SonicWall’s Email Security solutions allow you to deploy a next-gen solution to protect email files, stop phishing and block ransomware. Don’t miss out the opportunity to speak to our experts, and learn how you can block spoofed email and zero-day attacks with our hosted service or our on premise enterprise email security solutions.

Today’s ever-growing number of connected devices by mobile workers and vendors requires organizations to rethink their needs for IoT security. SonicWall’s access security and network segmentation delivers the right level of access to your mobile workers and reduces the threat surface. Right network segmentation is required for critical business apps and data to ensure better protection. With our Secure Mobile Access solutions, you can define granular access policies, enforce multi-factor authentication and monitor all activities for compliance.

Start securing your digital transformation with SonicWall, Stand E03 in Hall 6, where you will be able to experience first-hand how SonicWall next-gen firewalls, access security and email security offer the power to be competitive and fearless.

We are looking forward to seeing you soon. Bis Bald as they say in Germany!

Before you go, be sure to download our threat report.

Download Threat Report

CRN Recognizes SonicWall’s Steve Pataky as 2017 Channel Chief

/0 Comments/in /by

Steve PatakyI am honored to highlight my esteemed colleague, Steve Pataky, Vice President of Worldwide Sales at SonicWall, who was just named CRN Channel Chief – the Top 50 Most Influential Channel Chiefs of 2017. Steve not only brings with him more than 25 years of experience and an industry reputation for architecting and executing global channel and go-to-market strategies, but also a deep and genuine passion for helping partners succeed. He’s been a recipient of the CRN Channel Chiefs award for several years, and was among the magazine’s 50 Most Influential Channel Chiefs in 2014, 2015 and again this year.

CRN’s 50 Most Influential Channel Chiefs of 2017 are drawn from a larger group of Channel honorees that represent the elite members of the IT channel executives – “leaders who drive the channel agenda and evangelize the importance of the channel partnerships.”

2017 Channel Chief

These are exciting times for SonicWall and our Partners. As the newly independent SonicWall we are proudly declaring that we are once again 100% channel, 100% security, 100% of the time. We are so fortunate to have the most tenured, talented and loyal Partners and I know Steve, along with the entire company, feels a deep and abiding obligation to ensure this next generation of SonicWall always puts our Partners first in our strategies and our priorities.

To that end, Steve and our channel team have launched the SonicWall SecureFirst Partner Program worldwide to our thousands of valued SonicWall Partners. SecureFirst is designed to easily give partners access to our entire security portfolio and reward them for the value they bring to selling and supporting SonicWall solutions. We’re thrilled that SecureFirst is off to a extremely fast start. In the first 90 days:

  • SecureFirst program registrations reached over 9,000 Partners across 90 countries
  • SecureFirst registrations in North America exceeded 5,900 Partners
  • SecureFirst Deal Registrations have spiked 66% in North America since divestiture

We look forward to continue helping our partners work with their customers to successfully navigate the expanding landscape of advanced threats in the cyber security arms race. We’re actively driving an industry-leading product portfolio to help customers detect and prevent breaches delivered in any vehicle, in any package, across any network and on any device. In fact, our continued innovations around the SonicWall real time breach prevention platform recently won four awards at RSA 2017 including SC Magazine Trust Award for Best UTM Security Solution for our SonicWall TZ Firewall Series.

It’s clear that with Steve as our channel chief, backed by the full commitment and resource of SonicWall, we will continue to always put our Partners first, with SecureFirst.

Catching Cerber Ransomware

/0 Comments/in /by

Since the release of SonicWall Capture Advanced Threat Protection (Capture ATP) in August 2016 on SonicWall firewalls, we have seen a lot of unique behavior from authors of malicious code, namely ransomware.

Up until Christmas 2016, Locky received a lot of attention from security firms but then took a backseat during the holiday season. One thing I noticed around that time was that a ransomware variant called Cerber would actually be one of the more persistent pups in the litter.  I started seeing Cerber show up on Capture ATP’s daily reports and wanted to understand why we were still catching this on the sandbox instead of the firewall.

In short, we were catching this on the firewall because SonicWall’s Capture Labs research team was creating a large amount of signatures for Cerber, but what I was seeing were “updated” versions of Cerber being caught in the wild; as many as two versions a day.  This was done to get around Cerber signatures created to stop older versions of itself. To make things more interesting, these Cerber variants were utilizing seven different tactics to evade detection.

The image above is a snippet of a very long report that partly shows what Cerber wants to do. Did you notice the seven different evasion tactics?  Malware did not do this in the past; at least one that I remember fondly. In that past, the security industry was really trying to get the upper hand with the “explosive growth” of malicious code that was being authored and wanted to use virtual environments to run and test code.  About five years ago, the industry introduced the network sandbox to the market and it was a hit, because we now had a tool where we could run potentially malicious code in an isolated environment to see if we could white or blacklist it.

So, do you think that attackers folded up their laptops and found real jobs? Nope, they learned how to evade them, the real essence of what a hacker truly is. If you read third-party reports on network sandboxing, you will read skeptical and bearish reports about its effectiveness and ability to evade a sandbox at a medium difficulty. When you see the image above, you have to believe that the reports are real and Cerber’s evasion tactics rank up there with some of the best I have seen recently; truly an advanced persistent threat. So why am I able to show this to you? Although it is evading other sandboxes, it is not able to get past ours. But how?

In short, we leverage Capture ATP, a multi-engine sandbox that first runs suspicious code through a set of pre-filters that analyzes the code and compares it against a real-time list to see if anyone we collaborate with knows about it.  This step eliminates a lot of newly minted malware within milliseconds; almost at the same speed as lightning strikes the Earth.

After that, the code will go through a parallel set of engines that will help us determine what a new batch of code wants to do from the application, to the OS, to the software that resides on the hardware. We run it through real-time deep memory inspection, virtualized sandboxing, hypervisor level analysis and full-system emulation. Naturally, when we get to this point it does take a little time but it’s worth it.

Download a Ransomware eBook

General Availability of SonicWall Email Security 9.0 with Capture ATP at Virtual PEAK 2017

/0 Comments/in /by

SonicWall Email Security 9.0 with Capture ATP Service is available worldwide today. Leveraging a highly-scalable and redundant architecture, SonicWall Email Security 9.0 integrates with our award-winning Capture Advanced Threat Protection (ATP) Service, to deliver a cloud-based, multi-engine sandbox that not only inspects email traffic for suspicious code, but also blocks ransomware, zero-day and other malicious files from entering the network until a verdict is reached. I am excited to be joining hundreds of our channel partners for SonicWall’s Virtual PEAK 2017 this Thursday, March 2, 2017 from 8 am to 1 pm Pacific time. Learn more about all of SonicWall solutions and Email Security 9.0 that continues to offer an array of deployment options, including on-premises appliances, virtual machine, software and cloud-hosted solutions.

SonicWall Virtual Peak Keynote Speakers at Virtual PEAK 2017

According to the 2017 SonicWall Annual Threat Report, ransomware attacks grew at a tremendous rate in 2016 with email as one of main attacks vectors used by cyber criminals. Our response to this growing threat is SonicWall Email Security 9.0, which integrates our award-winning Capture Advanced Threat Protection Service.

SonicWall Email Security 9.0 with Capture Advanced Threat Protection Service provides comprehensive next-generation email security protection to prevent ransomware and emerging zero-day attacks.

This exciting new release demonstrates SonicWall’s continuing efforts to enhance our security portfolio and introduce innovation to our solutions to protect customers against new and evolving threats in 2017 and beyond.

Innovative features of SonicWall Email Security 9.0 include:

  • Advanced Threat Protection: Integrates Capture cloud-based sandboxing technology for detection of zero-day threats such as ransomware, for fine-grained inspection of SMTP traffic
  • Next-generation Email Protection: Incorporates anti-spam, anti-virus and anti-spoofing functionalities to not only detect and prevent spam and other unwanted email, but also scan email messages and attachments for ransomware, Trojan horses, worms and other types of malicious content.
  • Improved Office 365 Support: Enhances security by for multi-tenant environments by providing a method for ensured, mapped delivery of emails for SonicWall Hosted Email Security environments
  • Updated Line of Appliances: Refreshes SonicWall’s line of Email Security hardware appliances, helping customers to better face threats delivered by email.
  • Encryption Protection: Supports not only SMTP Authentication, but also the encryption service feature enables any email containing protected data to be automatically encrypted, routed for approval or archived.
  • Policy and Compliance Management: Enables an administrator to enact policies that filter messages and their contents as they enter or exit the organization. This allows organizations to meet regulatory requirements based on government legislation, industry standards or corporate governance activities.

SonicWall ESA Series at Virtual PEAK 2017

To learn more about Email Security 9.0, be sure to attend the upcoming SonicWall Virtual PEAK 2017, March 2, 2017. Join my session: Using SonicWall Email Security 9 with Capture ATP to Drive New Opportunity at 8 am. Don’t miss this opportunity to network and learn from our experts and your peers. Register today!

SonicWall Virtual Peak