Cyber Security News & Trends

This week, SonicWall warnings about school districts under cyberattack prove prophetic as a new bill to protect K-12 districts is introduced, and do you know that the first ransomware attack was 30 years ago?


SonicWall Spotlight

US Senators Introduce Bill to Protect Schools Against Cyber-Threats – Infosecurity Magazine

  • SonicWall CEO Bill Conner weighs in on the importance of cybersecurity in school districts, commenting on a new bill introduced to the US House of Representatives this week. The bill is designed to enhance the cybersecurity of K–12 schools in a year where they have suffered heavily under cyberattacks.

Cybersecurity News

Hackers Steal Data for 15 Million Patients, Then Sell It Back to Lab That Lost It – Ars Technica

  • Canada’s biggest provider of lab testing services has confirmed it suffered a data breach, with info as old as 2016 accessed. It has also admitted that it made “a payment” to the hackers to retrieve the data, without disclosing exactly how much was paid.

Oil and Gas Industry Risks Escalate, Cybersecurity Should Be Prioritized – HelpNetSecurity

  • A new in-depth report draws on a decade’s worth of cyberattack data in the oil and gas industries, calling for a strengthening of cybersecurity as the risks continue to escalate.

Mobile Devices Account for 41% of DDoS Attack Traffic – Dark Reading

  • While the image DDoS attacks conjure up might be one of racks of computers all being harnessed, the reality right now is that around half of the traffic is now coming from mobile and IoT devices. A newly released report on DDoS attacks looking deeply into the current DDoS threat landscape also finds that China, Turkey, the US, and South Korea are the main sources of the attacks.

WhatsApp Updated to Patch Bug That Allows Attacker to Crash Group Chats – Washington Times

  • Another WhatsApp bug has been discovered and patched. This particular vulnerability allowed a user to send a malicious message to a group chat that would cause the app on every participant’s mobile device to continuously crash.

Maze Ransomware Gang Dumps Purported Victim List – BankInfoSecurity

  • In the latest escalation of ransomware attacks, the gang behind the Maze ransomware is threatening to name and shame victims if they do not pay the ransom. Proving they can make good on their threat, last month the gang published data stolen from a security services firm who did not pay.

10 Cybersecurity Stories in 2019 That Make Us Feel Less Secure – Tech Republic

  • Before looking to the future, we have to look to the past. Tech Republic lists the top 10 2019 cybersecurity stories that worry them the most, including the Capital One breach, juice jacking, and the number of adware attacks like xHelper and Joker in the Android ecosystem.
And Finally

30 Years of Ransomware: How One Bizarre Attack Laid the Foundations for the Malware Taking Over the World – ZDNet

  • Thirty years ago, the first ransomware attack was launched… on a floppy disk… with a PO Box to pay the ransom by postal order or check.

In Case You Missed It

Cyber Security News & Trends

This week, SonicWall Capture Threat Labs releases data on cyberattacks over the Black Friday and Cyber Monday holiday period, and the cybercriminals involved in the attacks put the stolen data up for sale.


SonicWall Spotlight

Veiled Threats: The Growing Cyberattack Vectors Few People Talk About – Forbes

  • While many people are aware that malware attacks like ransomware can happen through a phishing email or an infected USB key, less well known are the attacks that use encryption or launch using non-standard ports. SonicWall CEO Bill Conner discusses the growth of these veiled threats, and how SonicWall protects from them, in his latest Forbes Technology Council post.

Black Friday Cyberattacks: Businesses Face Surge of Malware, Ransomware on U.S. Shopping Holiday – SonicWall Blog

  • The SonicWall Capture Threat Labs threat researchers releases data on cyberattacks across the 2019 Black Friday and Cyber Monday holiday period. In general, there was as much as a 63% surge in malware attacks over the shopping window, with attackers concentrating more on Black Friday than on Cyber Monday.

SonicWall and Veeam Enhance Managed Service Support – Computer Weekly

  • SonicWall’s recently launched My Workspace is covered by Computer Weekly, including SonicWall’s Terry Greer-King explaining why the technology is needed as more customers plan to move to a shared model or fully MSSP mode.

Cybersecurity News

The FBI Is Warning That Your Smart Home Devices Aren’t Secure. Here’s What You Should Do About It – Inc

  • Despite a recent FBI warning about cyberthreats attacking via the Internet of Things, the truth is that most smart devices currently have almost no cybersecurity. With this in mind, Inc takes a look how to protect your network from cyberattacks, with reference to SonicWall firewalls.

A $200,000 Internet Fraud: Will Anyone Investigate? – BankInfoSecurity

  • The story of a $200,000 phony bank scam exposes the difficulty in getting law enforcement agencies to investigate all but the highest profile internet fraud.

The Case for Cyber Insurance – Security Week

  • As the ongoing case between Mondelez and Zurich American Insurance highlights the complexities in deciding whether or not a cyberattack can be defined as a nation state attack, Security Week makes the case for specifically buying cyber insurance.

TrickBot Gang Is Now a Malware Supplier for North Korean Hackers – ZDNet

  • A newly published report finds that he authors of Trickbot, one of today’s top three malware botnets, has been linked to a North Korea state-sponsored hacking group known as Lazarus.

Cost of Data Breaches in 2019: The 4 Worst Hits on the Corporate Wallet – Security Boulevard

  • British Airways, Capital One, Marriott… some of the biggest breaches in recent times only started to affect the companies involved in 2019. These are not the biggest data breaches by volume, but by cost.
And Finally

Joker’s Stash Celebrates Turkey Day With Stolen Card Data – BankInfoSecurity

  • This week, a huge batch of card details stolen over the Thanksgiving shopping period appeared for sale online, with a price tag of half a million dollars. Successful use of Magecart card-skimming software is the most likely to blame.

In Case You Missed It

Smarter Cybersecurity: How SecOps Can Simplify Security Management, Oversight & Real-Time Decision-Making

Organizations continue to be alarmed by how easily cybercriminals can circumvent security defenses as malware, ransomware, cryptojacking and phishing attacks make headline news.

In addition, security operations lack visibility and awareness of unsafe network and user activities, network traffic irregularities, and unusual data access and utilization. This exacerbates the situation and creates a dangerous condition where security teams are too late or unable to:

  • Respond to security alerts or incidents at the speed and accuracy they need
  • Conduct thorough and effective investigations
  • Find answers fast enough to take corrective actions

Through close engagements with our top channel partners and key customers, SonicWall learned and understood these challenges first-hand. And through that collaboration, SonicWall developed and introduced the SonicWall Capture Security Center and two powerful risk management tools ­— Analytics and Risk Meters — to help customers solve these difficult problems.

Govern, comply and manage risk

The Capture Security Center is grounded on three core objectives:

‘Govern Centrally’ focuses on improving operational efficiencies and reducing overhead, while ‘Compliance’ and ‘Risk Management’ concentrate on the business value. These core objectives are interdependent as each leverages a common set of information, processes and technologies that help SecOps establish and deliver a strong, federated security defense and response services at the core of their security program.

Work faster and smarter — with less effort

Capture Security Center is a cloud solution organizations use to avoid operational overhead associated with software and hardware installation, upgrades and maintenance. This solution provides SecOps teams secure single sign-on (SSO) access to license, provision and manage their entire SonicWall security suite, including network, wireless, endpoint, email, mobile and cloud security products and services.

Think of it as a high-productivity tool that provides authorized users access to all available security services based on their role and access rules. The command console is assessible from any location and from any web-enabled PC. Once signed in, users are automatically granted access to everything — and are able do everything securely — using one cloud app.

The different tiles (shown below) are exactly what you’ll see when you log in to your Capture Security Center account. Users can easily navigate between tenants presented on the left panel and, on the right panel, manage any licensed cloud services registered to that tenant.

Available in January 2020, Capture Security Center version 1.8 adds capabilities for security teams to:

Study risks and threats in real time with real-world data

SonicWall Risk Meters is a threat monitoring and risk-rating tool we’ve integrated into the Capture Security Center. The tool is available to all SonicWall Capture Security Center customers at no additional cost.

Risk Meters, shown below, gives a direct line of sight into the cyberattacks affecting your security posture. Threat vectors are represented by colored arrows while threat types are shown as icons.

Clicking on an icon pops up an information panel that provides a detailed description of the threat. A tenant drop-down list allows you to view threat metrics at the tenant level. Visibility into the attacks targeting various defense layers helps guide your response to where immediate defensive actions are needed for a specific environment.

The first defense layer captures attacks blocked by the firewalls, Capture Advanced Threat Protection (ATP) sandbox and WAF.

The second defense layer reveals attacks targeting your SaaS appliances and email environments.

The third defense layer shows threats attacking your users’ devices. The DEFCON and Shield Level ratings displayed at the top-right corner provide the computed risk scores based on existing defense layers. Scores are adjusted as you toggle to activate or deactivate available services.

Taking this a step further, Risk Meters gains several important improvements in Capture Security Center 1.8. A new control panel presents users with customization functionalities to run analysis on a variety of threat data.

This new feature allows for experimenting “what-if” simulations at a more granular level to see how the risk score dynamically changes when sub-components of certain layer or multiple layers are added or removed.

Up until this release, risk scores were calculated based solely on security services from SonicWall. To give a more accurate account of customer security environments, CSC now factors in all security controls when calculating the risk scores, including non-SonicWall services.

The Risk Meters Control Panel allows users to configure and weigh third-party security controls into the calculated risk scores. Users can now review trends of different threat types and then compare them against regional and global averages to help identify which threat vectors to focus on and where to prepare their defenses.

Transforming threat data into decisions, decisions into actions

In conjunction with Capture Security Center 1.8, SonicWall releases Analytics 2.5 to introduce a new user-based analytics and reporting function to helps security teams visualize and conduct investigations into users’ actions and application and data usage.

Security teams can monitor or drill-down into the security data for more details about the user network traffic, access and connections, and what applications are being used and websites are frequently visited.

Also, security teams can investigate attacks that target a certain group of users and bandwidth costs associated with resource utilization to determine if policy-tuning or added configurations are needed to reduce their risk profile or optimize network performance.


About the SonicWall Capture Security Center

Capture Security Center is a scalable cloud security management system that’s a built-in and ready-to-use component of your SonicWall product or service. It features single-sign-on and ‘single-pane-of-glass’ management. It integrates the functionality of the Capture Cloud Platform to deliver robust security management, analytics and real-time threat intelligence for your entire portfolio of network, email, endpoint, mobile and cloud security resources.

Capture Security Center delivers a valuable team resource to help organizations control assets and defend entire networks from cyberattacks. Unify and synchronize updates and support, monitor security risks and fulfill regulatory compliance — all with greater clarity, precision and speed.

E-rate Funding 2020: Use It or Lose It?

The new FCC Report & Order on the U.S. government’s E-rate rules of engagement for 2020 and beyond are here. And it includes some critical E-rate funding changes that could impact current K-12 budgets.

First, this highly anticipated order permanently locks in Category Two (CAT2) funding for the E-rate program. Many rumors were flying around that E-rate program funding for infrastructure was going away. Well, we have our answer: it is here to stay!

Another critical change of the E-rate program concerns budgets. E-rate budgets begin a new cycle that will be in subsequent five-year periods starting in 2021.

What does that mean to schools and libraries participating in the program? Essentially, if a school or library is sitting on a bucket of CAT2 monies from the 2015-2020 season, then they must spend it now in E-rate 2020 or they will lose that funding (exact date to be released in January). This means there are millions of dollars sitting idle that schools and libraries must take advantage of this funding period.

Don’t lose E-rate 2020 funding

Now is the time for schools to act. There will undoubtedly be a tidal wave of applications to surge in the coming weeks. This E-rate season has been slow for Form 470 postings compared to past years and the delay in the Order has created a ‘watch-and-wait-to-post’ environment.

This delay created a short window for schools and libraries to act upon their funding requests. But when will the Universal Service Administration Company (USAC) start the clock on Form 471 posting season? Usually this would happen mid-January. With the rules of engagement posting so late in the year, will the E-rate 2020 season extend beyond March? We should know more soon.

What is E-rate?

To help offset funding and staffing shortages, the U.S. Department of Education and the FCC launched the E-rate program, which helps make telecommunications and information services more affordable for schools, campuses, districts and libraries.

The E-rate program is operated by the USAC, which has a core focus of providing underfunded verticals the access to affordable technology and security services. This includes schools, libraries, rural healthcare organizations and more. USAC provides a yearly Eligible Services List (ESL), which outlines which types of products and services can be procured via E-rate program discounts.

SonicWall and E-rate

Through its global channel of more than 21,000 technology partners, SonicWall is actively involved in helping K-12 education organizations cost-effectively obtain and deploy network security solutions. SonicWall provides a broad array of E-rate-eligible products and services, including firewalls and turnkey Security-as-a-Service solutions.

SonicWall integrated solutions meet the needs of school districts at the highest efficacy and at price points that fit within K-12 budget constraints. SonicWall helps reduce the total cost of ownership (TCO) for these under-funded organizations.

With the most comprehensive channel program in the industry, combined with additional E-rate discounts, SonicWall and our partners are best positioned to meet the needs of K-12 customers and help them take full advantage of the funding E-rate provides for securing their networks.

If you are an eligible K-12 organization, please contact your preferred SonicWall reseller for information on E-rate benefits and discounts, or visit the SonicWall E-rate page for information, tools and guidance.

For more information on applying for E-rate funding, watch SonicWall’s step-by-step video series. Or, you can submit a request to talk to a SonicWall E-rate expert now.

Navigating the E-rate Program

Black Friday Cyberattacks: Businesses Face Surge of Malware, Ransomware on U.S. Shopping Holiday

Cyber Monday and Black Friday are the proverbial holiday shopping seasons for cybercriminals and their strategic cyberattacks, including malware, ransomware and phishing attacks. Eager online shoppers are hurried to fill holiday dreams — often at the detriment of cybersecurity best practices and common sense.

According to Adobe Analytics, consumers spent $7.4 billion online during this year’s Black Friday event, up $1.2 billion over 2018. Those numbers jumped for Cyber Monday, where retailers collected $9.4 billion in online sales on the frantic shopping holiday.

That kind of volume — in terms of both people and dollars — makes for a lucrative target for the modern cybercriminal. In 2018, SonicWall Capture Labs threat researchers discovered a spike in ransomware attacks during the Black Friday and Cyber Monday shopping events, as well as a 45% jump in phishing attacks.

Black Friday and Cyber Monday in 2019 resulted in much of the same. SonicWall Capture Labs threat researchers recorded* a double-digit malware spike (63%) in the U.S. between the eight-day holiday shopping window from Nov. 25 to Dec. 2.

  • 129.3 million malware attacks (63% increase over 2018)
  • 639,355 ransomware attacks (14% decrease over 2018)
  • 51% increase in phishing attacks on Black Friday (compared to the average day in 2019)

Cyber Monday attacks dips, Black Friday takes the hit

Cybercriminals weren’t waiting until Cyber Monday to launch their campaigns, either. In the U.S., both malware (130%) and ransomware attacks (69%) were up on Black Friday compared to 2018. This trend continued on Cyber Sunday with increases in malware (107%) and ransomware (9%).

Interestingly, ransomware attacks were down on Cyber Monday (-41%) and Small Business Saturday (-55%), resulting in an overall 14% decrease in U.S. ransomware attacks during the eight-day shopping window.

Malicious Android apps spotted during Black Friday

It’s no secret that much of holiday shopping is done on mobile apps. Busy online shoppers often leverage mobile apps that keep track of deals, provide discount coupons and offer the convenience of skipping long lines at shopping malls.

To diversify their attack strategies, cybercriminals and malware writers use this opportunity to spread malware under the guise of shopping and deal-related apps — particularly during this eight-day Thanksgiving holiday shopping window.

In the past few weeks alone, SonicWall Capture Labs threat researchers observed a number of malicious Android apps that use the shopping theme to trick users into downloading and installing these apps.

One of the more notable malicious apps is this Amazon Shopping Hack, which is tied to a range of survey scams that attempt to steal user data and sensitive information.

Name: Amazon Shopping Hack
Package: com.amazon.mShop.android.shopping.hack
SHA: fa87b95eead4d43b2ca4b6d8c945db082b4886b395b3c3731dee9b7c19344bfa

After execution, this app shows a human verification page to continue using this app. This “verification” essentially leads to survey-related scams that attempt to extract sensitive user information, such as email address, credit card details, address, etc.

One of the domains contacted by this app during execution is mobverify.com. A quick search about this domain revealed a number of other survey related pages:

The mobverify.com domain is associated with a number of malevolent apps, survey scam links and malicious executables. During analysis, we observed a GET request to mobverify.com, which downloads a json file containing a list of different survey scams:

For additional examples of malicious Android apps, please review the in-depth findings of the Capture Labs threat team: Malicious Android Apps Observed During Thanksgiving Season 2019.

Intelligence for this report was sourced from real-world data gathered by the SonicWall Capture Threat Network, which securely monitors and collects information from global devices and resources including more than 1 million security sensors in nearly 215 countries and territories.


* As a best practice, SonicWall routinely optimizes its methodologies for data collection, analysis and reporting. This includes improvements to data cleansing, changes in data sources and consolidation of threat feeds. Figures published in previous reports may have been adjusted across different time periods, regions or industries.

Cyber Security News & Trends

This week, SonicWall strengthens MSSP security offerings, cyberthreats to the upcoming census, and the end of decade lists begin.


SonicWall Spotlight

SonicWall Strengthens MSSP Security Offerings, Simplifies Account Management, Product Registration, Licensing Control. – SonicWall Press Release

553: Opening a Spin-off’s Liberated Growth Chapter – CFO Thought Leader podcast

  • How do you take a business unit, extract it, and set it up to be a running company on its own, all within one year? SonicWall CFO Ravi Chopra sits down with the CFO Thought Leader podcast and explains exactly how he did it with SonicWall. He also discusses his career path, his experiences in the dot com crash, and how he learns from his mentors.

Cybersecurity Should Be the Core Pillar of Any Modern Digital Hospital: Dmitriy Ayrapetov – The Economic Times of India

  • SonicWall’s Dmitriy Ayapetov is interviewed talking about the impact of cyberattacks on the health industry – with ransomware attacks growing and the rise of the Cloud and Internet of Things devices leading to potentially many new entry points for a cybercriminal, he stresses the need for greater cybersecurity awareness.

Cybersecurity News

Black Friday UK: Just One in 20 Discounts Are Genuine, Research Finds – The Guardian (UK)

  • Research by consumer group Which? Has found that the majority of Black Friday deals are sold at the same price or cheaper throughout the year. SonicWall figures on ransomware are also referred to, highlighting the increase in cyberattacks around the Black Friday period.

Special Report: 2020 U.S. Census Plagued by Hacking Threats, Cost Overruns – Reuters

  • An in-depth investigation into the upcoming 2020 US census has found that despite a major technology overhaul, fears of hacking attempts are running high and a lack of adequate training and understanding of cybersecurity risks internally is not helping.

Report Highlights Nation-State Cyberthreats Facing SMBs in 2020 – Tech Republic

  • A new survey of over 1000 cybersecurity officials working at SMBs has found that more than 60% of respondents intend to increase their cybersecurity budgets next year due to growing fears of cyberattacks from both at home and abroad, especially during the upcoming elections.

India Plans Security Audit of WhatsApp After Hacking Attempt – Reuters

  • The Indian government is pushing for a security audit of WhatsApp after revelations emerged last month that spyware inserted by surveillance groups allowed access to the phones of roughly 1400 users.

44 Million Microsoft Users Reused Passwords in the First Three Months of 2019 – ZDNet

  • Microsoft has completed an audit of their accounts and found that 44 million people are still using usernames and passwords that were leaked online in 2019. A forced password reset has been enacted to help solve the problem.

FBI Issues Smart TV Cybersecurity Warning – Infosecurity Magazine

  • The Federal Bureau of Investigation has issued a warning to holiday shoppers over the cyber-risks an unsecured smart TV might pose to a household. Default passwords should be changed, and a familiarization of all connection options is recommended at a bare minimum.
And Finally

A Decade of Malware: Top Botnets of the 2010s – ZDNet

  • It’s the end of a decade, and with it comes the lists! ZDNet round up some of the biggest, in both size and infamy, botnets that hit throughout the 2010s, including those old favorites, Emotet, Trickbot, and Dridex.

In Case You Missed It

My Workspace: Streamlining Asset Management for MSSPs

Managed security services providers (MSSP) are being trusted more and more to help small- and medium-sized business (SMB), as well as distributed enterprises, remove the costs and complexity (i.e., headaches) of managing and protecting their digital assets and users.

There is a constant need for easing customer and asset lifecycle management for MSSPs. This includes everything from onboarding new tenants, managing and accounting for assets used by customers (dedicated or shared, leased or co-managed) to granting visibility and control to employees and customers.

For over 15 years, SonicWall partners and customers have used the MySonicWall portal to manage their assets, including registering products and licensing services.

To cater to the changing dynamics of security operations, SonicWall introduces My Workspace to easily manage customers, assets and access control.

Gain ‘snapshot’ view of all tenants, assets

As the new home for MySonicWall users, My Workspace functions as a dashboard offering a snapshot view of all tenants and assets registered to an MSSP with actionable intelligence.

Quick alerts for calls to action, including licenses that may be expiring or new software updates for hardware/software products, guide administrators to where they should prioritize their time for the day. My Workspace is also a shortcut to customer lifecycle management workflows, including tenant management, product management and user management.

Organize customers by ‘Tenants’

Tenants are the new way to segregate assets used by different customers — especially when using cloud services like Capture Security Center, Capture Client, Cloud App Security and WiFi Cloud Manager.

MSSPs can easily onboard new customers by launching the ‘Create Tenant’ wizard to assign a name and instantly provision role-based access control to user groups. User groups are assigned roles to manage and operate assets. Roles are assigned to operate every managed product, including MySonicWall operations as well.

Every tenant can have multiple user groups with access to MySonicWall (e.g., administrators and service line managers within the MSSP teams who need full admin or read-only access, or customer teams that may need varying degrees of privileges depending on their services requirements.)

Simplified product registration, management

Even product registration and product management workflows have been simplified. Registration is as easy as 1-2-3:

  1. Choose a tenant
  2. Enter serial number, auth-code or activation key
  3. Configure management options

Product views are faster and common workflows — like transfers across tenants, updating zero-touch settings for firewalls and activating additional services — are accessible via quick-action buttons. Bulk registrations have been simplified to allow the onboarding of multiple assets for one or more customers at the same time.

Simple learning processes for both end-users and MSSPs

While the user experience and interface are improved, the need for learning or “unlearning” existing practices is little to none. With contextual help available in each workflow, as well as the launch of a newly designed quick-start guide, both new and existing users will easily understand how to make the best of the new workflows to streamline daily operations.

My Workspace is open to all users and not limited only to MSSPs. Even SonicWall end-customers can take advantage of these features to streamline how they manage their own assets. Large enterprises may segregate their operations into multiple tenants based on their IT operating models.

Ready to see My Workspace? Customers and partners can log in to www.mysonicwall.com with their active credentials and take it for a spin!

SonicWall Simplifies Day-to-Day Operations for MSSPs

For nearly three decades, SonicWall’s been a 100% channel company. Our global family of SonicWall SecureFirst partners, including MSSPs, are the lifeblood of our business.

To ensure their success — and to help protect more than 500,000 customers worldwide — SonicWall is always innovating with our partner community in mind. Today, we announce important ways SonicWall empowers MSSPs to simplify business, operations, security and customer management.

  • SonicWall unifies MSSP security offerings via the SonicWall Capture Cloud platform, which delivers integrated, end-to-end security.
  • SonicWall helps eliminate complexities of day-to-day MSSP operations by simplifying oversight, visibility and management of cybersecurity ecosystems.
  • SonicWall enables new, emerging or fast-growing MSSPs simple, time-saving methods to manage accounts, register products and control licensing.
  • SonicWall empowers MSSPs with real-time, per-customer analytics for smarter, faster and better decision-making capabilities.

The complete Capture Cloud Platform includes SonicWall’s full product portfolio —  firewalls, email security, wireless security, endpoint protection, cloud application security, etc. — to strengthen and unify security across cloud, web, network, wireless, mobile and endpoints. And a handful of new and enhanced offerings make this even easier.

Eliminate complexities of day-to-day MSSP operations

Leading this MSSP-focused announcement is the introduction of My Workspace, an intuitive new user interface and experience within the SonicWall Capture Security Center (CSC). My Workspace makes running a complex managed security service business simpler and more effective. 

Available to MSSPs, partners and end-users alike, My Workspace provides an intelligent, fluid workstream to easily and quickly on-board new customers, set up and manage multiple tenants, and provision role-based access control to manage and operate different customer environments.

My Workspace also provides valuable self-service capabilities that allow MSSPs to engage, collaborate and communicate with customers, and facilitate, track and resolve issues and support cases, as needed.

Available within SonicWall Global Management System (GMS) 9.2, SonicWall Zero-Touch Deployment helps MSSPs simplify and accelerate the provisioning process for SonicWall firewalls at remote and branch office locations — even those without on-site IT staff. Admins also can centrally push custom configurations to all zero-touch appliances at multiple sites across the globe.

SonicWall Workflow Automaton, also available via GMS 9.2, offers rigorous configuration processes that review, compare, validate and approve firewall policies prior to deployment. Approval groups are user-configurable to enforce customer security policies and/or meet regulatory requirements.

Easily manage accounts, register products and control licensing

SonicWall My Workspace even provides a snapshot of all products that have been registered by the account across multiple tenants, including managed by current account (e.g., fully managed customers) and/or shared by other accounts (e.g., co-managed customers).

The intuitive My Workspace dashboard gives MSSPs instant visibility and awareness of products that have expiring licenses or require software/firmware updates. MSSPs can easily perform bulk product registrations, activate licenses and recommend trials.

With the tenants workflow, MSSPs and large distributed enterprises can quickly onboard new tenants and register products to individual tenants for separation of data and policies. Tenant workflows also provide instant access to security operations teams across organizations, including granular, role-based access control to all products managed by Capture Security Center.

Make smarter, faster and better decisions

Updates to SonicWall Analytics (2.5) provides MSSPs an eagle-eye view into everything that is happening within their customers’ SonicWall security environments — all through a single pane of glass.

With real-time threat intelligence, MSSPs can focus time and effort on making decisive defense actions and orchestrating rapid responses against identified risks against their customers with greater visibility, accuracy and speed — all through a single pane of glass.

MSSP can also gain complete authority, agility and flexibility to perform deep drill-down investigative analysis of network traffic, users’ activities, access, connectivity, applications and utilization, the state of security assets, security events, threat profiles and other firewall-related data.

To better understand customer security postures, MSSPs can now view customer-specific risk levels directly on the My Workspace dashboard. Integrated SonicWall Risk Meters deliver real-time indicators of customer security postures in relation to active security controls, including third-party services. Categorize attacker actions, underscore current security gaps and implement responses to neutralize incoming attacks.

New user-based analytics helps MSSPs responsibly know users, content behaviors and bandwidth consumption to maintain reliability and security.

Finally, MSSPs can track, measure and run compliant and effective customer networks and security operations with powerful, pre-defined and custom reports. GMS automatically create and deliver over 140 pre-defined reports as well as the flexibility to create custom or brandable reports using any combination of auditable data for various used outcomes.

How MSSPs can embrace the power of the Capture Cloud Platform

By leveraging the Capture Cloud Platform, MSSPs can ease customer fears by solving their top pain points, including ransomware attacks, application vulnerabilities, encrypted threats, intrusions, account takeover (ATO), business email compromise (BEC), wireless security, data loss prevention, mobile security, phishing, endpoint protection, security management, shadow IT and more.

MSSPs also can eliminate security silos with an intelligence-driven ecosystem, which applies SonicWall’s entire suite of interconnected and interdependent security and management solutions across entire cloud or on-prem customer environments.

These innovative new and enhanced capabilities within SonicWall Capture Security Center and Global Management System empower MSSPs with greater views into customer environments to simplify management, automate account processes, speed decision-making, improve support and correct security gaps.

Ambiente di lavoro MySonicWall: Razionalizzazione nella gestione dell’infrastruttura per gli MSP

I fornitori di servizi di sicurezza gestiti (MSSP) vengono scelti in misura sempre maggiore dalle piccole e medie imprese (PMI) e dalle imprese distribuite per eliminare i costi e la complessità (ovvero, le preoccupazioni) per quanto riguarda la protezione delle infrastrutture digitali e degli utenti.

Gli MSSP avvertono costantemente l’esigenza di facilitare la gestione del ciclo di vita dei clienti e delle infrastrutture, ovvero tutti gli aspetti che riguardano la presa in carico di nuovi tenant e la gestione e la contabilità delle infrastrutture utilizzate dai clienti (dedicate o condivise, concesse in leasing o co-gestite) per consentire visibilità e controllo a dipendenti e clienti.

Per oltre 15 anni, i partner e i clienti di SonicWall hanno utilizzato MySonicWall, il portale per la gestione delle loro infrastrutture, compresi i servizi di concessione in licenza e di registrazione dei prodotti.

Per far fronte alle mutevoli dinamiche delle attività di sicurezza, SonicWall ha messo a punto My Workspace, per facilitare la gestione dei clienti e delle infrastrutture e il controllo degli accessi.

Visualizzazione istantanea di tutti i tenant e di tutte le infrastrutture

My Workspace, il nuovo punto di riferimento per gli utenti MySonicWall, funge da pannello di controllo che consente una visualizzazione istantanea di tutti i tenant e di tutte le infrastrutture registrate presso i singoli MSSP con un’intelligenza azionabile.

Le segnalazioni per interventi rapidi, comprese le licenze in scadenza o gli aggiornamenti software per prodotti software e hardware, indicano agli amministratori le situazioni a cui dare priorità giorno per giorno. My Workspace costituisce inoltre una scorciatoia per i flussi di lavoro di gestione del ciclo vitale dei clienti, tra cui la gestione dei tenant, dei prodotti e degli utenti.

Organizzazione dei clienti in base ai tenant

I tenant sono il nuovo metodo per separare le infrastrutture utilizzate dai diversi clienti, soprattutto quando si utilizzano i servizi cloud come Capture Security Center, Capture Client, Cloud App Security e WiFi Cloud Manager.

Gli MSSP possono inserire facilmente nuovi clienti lanciando la procedura guidata “Create Tenant” per attribuire un nome e consentire istantaneamente ai gruppi di utenti il controllo degli accessi basato su ruoli. Ai gruppi di utenti vengono attribuiti i ruoli per gestire e utilizzare le infrastrutture. I ruoli vengono attribuiti per utilizzare tutti i prodotti gestiti, comprese le attività MySonicWall.

Ogni tenant può avere più gruppi di utenti con accesso a MySonicWall (ad esempio, amministratori e responsabili delle linee di servizi appartenenti al personale MSSP che hanno bisogno dell’accesso amministratore completo o in sola lettura, o personale dei clienti che può avere bisogno di diversi livelli di privilegi a seconda delle esigenze di servizio).

Semplificazione della registrazione e della gestione dei prodotti

Tutti i flussi di lavoro per la registrazione e la gestione dei prodotti sono stati semplificati. Per la registrazione sono sufficienti tre operazioni:

  1. Scegliere un tenant
  2. Immettere il numero di serie e il codice di autenticazione o la chiave di attivazione
  3. Configurare le opzioni di gestione

La visualizzazione dei prodotti è più veloce e i flussi di lavoro comuni – come i trasferimenti tra i diversi tenant, l’aggiornamento delle configurazioni zero-touch per i firewall e l’attivazione di ulteriori servizi – sono accessibili tramite pulsanti ad azione rapida. Le registrazioni cumulative sono state semplificate per consentire l’inserimento contemporaneo di più infrastrutture per uno o più clienti.

Semplici processi di apprendimento per utenti finali e MSSP

Anche se l’esperienza dell’utente e l’interfaccia sono state migliorate, l’esigenza di apprendimento o di disapprendimento delle prassi esistenti è sempre attuale. Grazie alla guida contestuale disponibile per i singoli flussi di lavoro e al lancio di una guida rapida di nuova concezione, gli utenti nuovi e quelli esistenti potranno capire facilmente come sfruttare al massimo nuovi flussi di lavoro per razionalizzare le attività quotidiane.

My Workspace è disponibile per tutti gli utenti e non solo per gli MSSP. Anche i clienti finali SonicWall possono avvalersi di queste funzioni per razionalizzare la gestione delle infrastrutture. Le grandi aziende possono suddividere le attività tra più tenant in funzione dei loro modelli operativi informatici.

Volete sapere come funziona My Workspace? Clienti e partner possono accedere a www.mysonicwall.com con le loro credenziali e farsi un’idea!