Your Email DLP Just Got Better and More Secure

These days, all types of business communications are done via email — so employees cannot sacrifice the mobility, reliability and economy of their inboxes. From contract information to the latest sales reports, it is imperative that email data remain confidential. A single wrong click can give away top-secret company information, broadcast private financial statements or expose sensitive negotiations.

CAS Data Loss Prevention (DLP) policies for Office 365 Email now include an automated workflow that allows emails violating an enabled CAS DLP policy to be encrypted before being sent, using the existing Microsoft Office 365 Encryption service included in several of the Microsoft 365 and Office 365 Enterprise bundles.

What is email encryption, and how does Microsoft 365 use it?

Encryption is the process by which information is encoded so that only an authorized recipient can decode and consume the information. Microsoft/Office 365 uses encryption in two ways: in the service, and as a customer control. Encryption is used in the Microsoft 365 service by default; you don’t have to configure anything. For example, Microsoft 365 uses Transport Layer Security (TLS) to encrypt the connection, or session, between two servers.

There are different ways to embed customer control in a workflow; below is one example.

Here’s how email encryption typically works:

  • If the encryption process is not automatic, the user selects the “Encrypt” option in Outlook.
  • The message is encrypted, or transformed from plain text into unreadable ciphertext, either on the sender’s machine or by a central server while the message is in transit.
  • The message remains in ciphertext while it’s in transit in order to protect it from being read if it is intercepted.
  • Once the message reaches its destination, the message is transformed back into readable plain text in one of two ways:
    • The recipient’s machine uses a key to decrypt the message, or
    • A central server decrypts the message on behalf of the recipient, after validating the recipient’s identity.

How does SonicWall Cloud App Security help?

When you have a Microsoft 365/Office 365 bundle that includes Office 365 Message Encryption (OME) and CAS Advanced package, CAS can automatically encrypt emails that violate configured DLP policies.  When you configure your CAS Office 365 Email DLP policy workflow to use the “Encrypted by Microsoft” action, an appropriate Exchange Online mail flow rule is created automatically. Using CAS’s “Protect (inline) mode, emails are intercepted and evaluated against the selected DLP policy rules. When an outgoing email matches a DLP rule, SonicWall Cloud App Security automatically encrypts the email before it is allowed to be sent externally. With the embedded workflow, the admin can manage the DLP content in a much more efficient manner without any extra overhead — once the CAS policy is triggered, the mail is encrypted and delivered to recipient.

End-user email if a DLP workflow is invoked (Below)

Always stay updated

Once you’ve enabled the DLP workflow, outgoing emails that have been encrypted by the policy can be easily located under the Events pane. Selecting the event itself allows you to drill down into the Security Event details with the History visibly stating, “Encrypted by Microsoft.” There are various filters available to examine the available events more closely in case suspicious activity needs to be investigated.

Many cloud providers encrypt their servers to defend against outside threats, but don’t follow the information once it’s been shared or sent externally. That information can be copied, emailed and opened by anyone once it leaves your environment. With the introduction of this new workflow in SonicWall Cloud App Security, sensitive emails and file attachments can be automatically encrypted, preventing unauthorized access to your sensitive information outside of your environment.

Cloud App Security’s DLP workflow leverages your existing Office 365 Message Encryption (OME) services. This protects your sensitive emails, reducing the need for multiple encryption services and providers, and helps you manage costs by using services you’ve already paid for. Protecting sensitive information and saving money? Sounds like a total win to me!

Cybersecurity News & Trends

This week, SonicWall experts feature on three podcasts discussing Boundless Cybersecurity, the Mid-Year Update to the 2020 SonicWall Cyber Threat Report, and the future of work in the age of Covid-19.


SonicWall Spotlight

Podcast: Cybersecurity for the Post-Covid New Normal of Work – Harvard Business School

  • Harvard Business School Professor Joe Fuller talks with SonicWall CEO Bill Conner as part of their Managing the Future of Work project. Bill and Joe discuss how 2020 has changed the cybersecurity landscape with Covid 19 forcing much of the workforce to work from home.

Tech Chat Episode 72: Boundless Cybersecurity and Ease of Use – Enterprise Management 360

  • SonicWall’s Terry Greer-King makes the case for Boundless Cybersecurity on the Tech Chat podcast.

Cyber Threats in the Time of Corona – Ping Podcast – Episode 27 – Firewalls.com

  • SonicWall’s Brook Chelmo guests on the latest episode of Firewalls.com’s Ping podcast, discussing the Mid-Year Update to the 2020 SonicWall Cyber Threat Report.

SonicWall Wins ChannelPro Reader’s Choice Award – SonicWall blog

  • SonicWall has been named the Bronze Winner in the “Best Security Hardware Vendor” category of the 2020 ChannelPro Readers’ Choice Awards. This is the fourth year running that SonicWall has placed in the top three for this category.

Batelco Partners with SonicWall to Launch Integrated Security Solutions for SMEs – ITP.net


Cybersecurity News

University of Utah Pays $450K to Stop Cyberattack on Servers – Washington Times

  • Following a ransomware attack on its computer servers, the University of Utah paid extortionists almost half a million dollars. The University states that it paid the ransom “as a proactive and preventive step” to prevent the data being leaked rather than to access the data.

Three Charged With Leaking Movies as Part of Global Piracy Ring – New York Times

  • Three men are facing federal charges of involvement in an international piracy ring known as the Sparks Group, a global-spanning movie and television show pirate group.

Group of Unskilled Iranian Hackers Behind Recent Attacks With Dharma Ransomware – ZDNet

  • A group of Iranian cyberattackers described as “newbie hackers” has been targeting companies located in Russia, Japan, China and India.

Cyber Attack Halts New Zealand Stock Market for Third Straight Day – SecurityWeek

  • The New Zealand exchange (NZX) had to halt trading as a result of DDoS cyberattacks three days in a row. A spokesman for the NZX said they would not be commenting on the origins of the attacks, “given the nature of the issues”.

Federal Cyber Agency Releases Strategy to Secure 5G Networks – The Hill

  • The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released a strategy to defend U.S. 5G networks against cyberthreats. The  five “strategic initiatives” to secure the buildout of 5G systems include development standards and supply chain threat awareness.

In Case You Missed It

All it Takes is One Click!

Have you ever found yourself wondering whether you should click a URL you received in an email? Thinking, “Where does the URL really go? Is it safe for me to access, or is there malware or a fake login page on the other end?”

You don’t have to wonder anymore — SonicWall is excited to announce that Cloud App Security now provides even more URL protection straight out of the box. In addition to pre-delivery email URL analysis, Cloud App Security now includes Click-Time Protection to block URL access to sites that were initially benign but are now malicious.

Attacks evolve with each passing day, and differentiating a legitimate link from a malicious link is a constant challenge. Attackers attempt to evade detection by using compromised servers that appear benign until after the message has been delivered. But with Click-Time Protection, you get an additional layer of safety. Each and every time a user clicks on a URL received in email, it is analyzed, and access is blocked if that website is found to be malicious.

Secure Mail in Transit

“You can’t be what you can’t see” is a simple way to explain how SonicWall Cloud App Security helps you secure your inbox. Virtual inline protection analyzes URLs contained in emails before they’re delivered to the user’s mailbox. URLs found to be malicious are blocked, never getting to the user. URLs that are benign at delivery will now be replaced with a SonicWall URL. When anyone clicks that link, SonicWall will test the site before redirecting it to the user.

SonicWall Cloud App Security provides Pre-Inbox and Post-Delivery solutions and protects against ever-increasing zero-day malware and malicious sites. Then it goes one step further, scanning emails across the company and retracting any other email that might be affected by the same threat.

Behind the Scenes: How We Protect Users

Regardless of whether you’re securing a few users or a few thousand users, the configuration options are simple and easy to manage. SonicWall Cloud App Security’s Click-Time Protection offers the flexibility to configure policy for all users, specific users, or a group, and provides three actions to choose from:

  1. Do nothing: Trust the user’s judgment and allow access to the site.
  2. Block: Prevent the user from visiting the site when the URL is found to be malicious.
  3. Warn: Notify if malicious, but allow the user to choose to proceed to the site.

Once Click-Time Protection has been enabled and policies are set, all links contained in incoming emails are replaced with SonicWall links. When the user clicks on a link, it triggers an immediate scan of the target site. If it is determined to be benign, the user continues without interruption. If it is determined to be malicious, the user is sent to a warning page. The user may be provided a link to the malicious page based on the policy and group he has been assigned to by the admin.

Enhanced Visibility — Analysis and investigation

Encountering a threat and obtaining forensic details of that threat are two separate actions that SonicWall’s Cloud App Security seamlessly stitches together without losing the essence or any details in translation. Each stage of the Click-Time Protection process is recorded for investigation and auditing purposes, from the original URL substitution event to the result of the time-of-click scan. Each step is logged and can be readily accessed based on the threat type. The events are grouped together so the activity can be easily understood.

Completing the Security Loop

The addition of Click-Time Protection to SonicWall Cloud App Security bolsters post-delivery protection, making our advanced anti-phishing technology even more robust. SonicWall Cloud App Security delivers next-gen security for SaaS applications, protecting email, data and user credentials from advanced threats while ensuring compliance in the cloud. SonicWall Cloud App Security also provides API-based security for software as a service (SaaS), delivering visibility, data security, advanced threat protection and compliance — all with low TCO, minimal deployment overhead and a seamless user experience.

To learn more about SonicWall Cloud App Security, click here.

Not Safe for Work

As businesses increasingly rely on Office 365 files, sightings of their “evil twin” are on the rise.

It was nearly a week late, but Tom finally received the pricing proposal he’d requested from Tetome Supply.

While he was eager to start reviewing it, he knew from his company’s quarterly cybersecurity courses to proceed with caution. He looked closely at the sender’s name and email address and checked to ensure the attachment was a Word doc as promised, and not some shady looking .exe file. The text of the email, which thanked him for his patience and asked about his new puppy, further reassured him.

As Tom sipped his morning coffee and scanned the day’s headlines on his phone, a message appeared on his monitor informing him that, since the .doc was created in iOS, he needed to enable editing and content. Doing so did allow him to see the contents of the document — but  it also set off a chain reaction.

As far as Tom knew, the document contained only the pricing info. There was nothing to indicate that a Powershell command had gone to work downloading Emotet from a compromised website — or that Emotet had called for backup in the form of another malware known as Trickbot.

By the time there were visible signs of compromise, it was already far too late: When Tom opened his laptop several days later, a note appeared informing him that all his files had been encrypted, and that the perpetrators wouldn’t unlock them until his company delivered $150,000 in bitcoin.

It was signed “Ryuk.”

Unfortunately, this sort of scenario isn’t uncommon — and based on data from the mid-year update to the 2020 SonicWall Cyber Threat Report, it’s only getting worse.

For the first half of 2019, malicious PDFs showed an edge over malicious Office 365 files, outpacing them 36,488 to 25,461. While the number of PDFs dipped 8% over the same period last year, the number of malicious Microsoft Office files skyrocketed to 70,184 — a 176% increase. It’s worth noting that the percentage of malicious Office files identified has now surpassed the number of malicious .exe files. This is likely because people have learned not to open strange or unsolicited .exe files, but most still think of Word docs, Excel files and other Office 365 files as completely benign.

While new threats identified over the past six months is up significantly, there are some bright spots: Despite making up a full third of all new malicious files identified by SonicWall Capture ATP during the first half of the year, the number of malicious PDF and Office files began trending slightly downward in the second quarter.

No one should be breathing a sigh of relief yet, however. Just six days into the second half of 2020, SonicWall Capture Labs threat researchers began observing advances in the way malicious Excel files distribute malware — including new techniques to evade signature-based anti-malware engines and hinder sandbox debugging and analysis.

Worse, after a months-long hibernation, Emotet re-emerged again in mid-July, taking the scenario above out of the realm of the theoretical and closer to the realm of the inevitable. And if the patterns of previous years are any indication, the worst may be yet to come for Emotet attacks.

How to protect from malicious Office 365 files

There are, however, several simple things you can do to protect yourself and others on your network, such as changing your Office 365 settings to disable scripts and macros, and keeping your endpoints and operating system up to date with the latest patches for Windows.

While Microsoft regularly patches vulnerabilities, there are enough people who let their updates lapse that attacks targeting these vulnerabilities succeed with shocking regularity. One example is Trickbot, a common secondary Emotet payload. Trickbot is capable of exploiting the Windows EternalBlue vulnerability, which many still have not patched more than three years later.

You’ll also need to invest in a quality cybersecurity solution, such as SonicWall Capture ATP. As reported in the Cyber Threat Report, during the first six months of 2020, SonicWall Capture ATP with Real-Time Deep Memory InspectionTM discovered 315,395 new malware variants — a 62% increase over 2019’s first-half totals.

Included as part of Capture ATP, RTDMI leverages proprietary memory inspection, CPU instruction tracking and machine learning capabilities to recognize and mitigate never-before-seen cyberattacks, including threats that do not exhibit any malicious behavior and hide their weaponry via encryption — attacks that traditional sandboxes will likely miss.

This is particularly important in cases such as Tom’s, as Trickbot and Emotet both use encryption to hide their misdeeds. Emotet is also capable of determining whether it’s running inside a virtual machine (VM), and will remain dormant if it detects a sandbox environment.

SonicWall Wins ChannelPro Reader’s Choice Award

SonicWall has been named the Bronze Winner in the “Best Security Hardware Vendor” category of the 2020 ChannelPro Readers’ Choice Awards.

The ChannelPro Network provides targeted business and technology information for IT channel partners who serve small and midsize businesses. Winners were chosen by a self-selected panel of ChannelPro Network online visitors and magazine readers, who participated by casting their votes for the most SMB- and partner-friendly products, technologies, services, programs, and professional organizations in the IT channel today.

More than 1,500 votes were collected between March 3 and May 8, with the winners announced earlier this month. This marks the fourth consecutive year that SonicWall has placed in the top three for this category, and we’d like to thank ChannelPro voters for their continued loyalty and support.

Get the Most out of Your Security Appliance with Multi-Instance

Most enterprises, colleges and universities, government agencies and MSSPs have deployed a number of stand-alone appliances to segment and secure different departments, data centers and customers over the years. Even though this type of deployment offers needed security, it creates operational and management complexities. In order to improve operational efficiency while dealing with constant changes to IT and network infrastructure, security professionals need to look at more efficient ways to deploy security appliances.

To help our customers increase efficiency and get most out of their security appliances, SonicWall has added multi-instance capability to our latest NSsp 15700 high-end firewall. Here’s how our newest feature will work, and how it compares with its predecessors.

Traditional way of doing things: Multi-tenant

Apart from deploying multiple standalone appliances to achieve segmentation and secure different entities, customers can also use multi-tenant technology. Multi-tenant allows security professionals to logically segment one instance into multiple virtual firewalls on a single security appliance. Those virtual firewalls will share the same physical resources available on the security appliance, such as CPU, memory, and interfaces. Although this method allows improved operational efficiency and the ability to deploy more than one firewall on a single security appliance, it has some limitations:

  • Virtual firewalls need to have the same software version installed — they cannot have independent versions
  • Potential for hardware resource starvation if one of the logical firewalls is oversubscribed
  • Firewall management tenant is shared, leading to configuration limitations

Multi-instance: A new generation multi-tenant

SonicWall has taken a modern approach to legacy multi-tenant with its multi-instance feature, which uses containerized architecture. This new feature enables security professionals to run multiple independent firewall instances on a single security appliance. Each firewall instance is allocated its own hardware resources, including CPU, memory and interfaces, thereby removing any potential for resource starvation.

In a containerized architecture, each firewall instance gets its own container, so they truly act as independent firewalls. This means each instance can have its own version of software, allowing for independent software upgrades and reboots. Management of each instance is done separately for every entity in the enterprise, allowing for customized security policy configuration. Multi-instance firewalling also enables flexible physical and logical interface assignments, which in turn enables simple network configurations. The figure below depicts single- versus multi-instance architecture on a four-CPU physical appliance.

Figure 1: Multi-tenant shares resources between firewall tenants. FW2 is compromised, causing resource starvation for all FW tenants.Figure 2: Multi-instance allocates dedicated resources for each firewall instance. FW2 is compromised but isolated, allowing other instances to function normally.

Multi-instance versus multi-tenant

While the traditional multi-tenant architectures suffer from resource starvation and tenant failures, this is where SonicWall’s multi-instance architecture shines. The table below offers a high-level comparison between the multi-instance and multi-tenant approach.

Modern multi-instanceLegacy multi-tenant
Multiple firewalls on one appliance
Containerized architecture
Complete tenant isolation
Independant software versions
Independant management
Multi-service potential
Single tenant failure resistant
Resource starvation resistant
HA instances

Table 1: Multi-instance versus multi-tenant

Multi-instance firewall will initially be available on the new SonicWall NSsp 15700 in August 2020. SonicWall NSsp is powered by  SonicOSX, which includes many other new features such as unified policy, a new security management platform, new low-end appliance and more. To learn more about SonicWall NSsp, please visit www.sonicwall.com/NSsp.

Cybersecurity News & Trends

This week, U.S. national security was at the forefront, with authorities working to secure voting systems ahead of the November elections, FBI and CISA issuing warnings about Linux malware and the U.S. Army detailing North Korea’s cyberattack strategies.


SonicWall Spotlight

Interview: Bill Conner, President and CEO, SonicWall — Infosecurity

  • With remote working likely to be far more common going forward, businesses are considering what they should do to adequately secure themselves.

How to Negotiate with Cyber Terrorists During a Pandemic — Bloomberg (United Kingdom)

  • According to SonicWall’s mid-year Cyber Threat Report, the number of ransomware attacks climbed 20% in the first half of the year, to a total of 121.4 million.
    *Syndicated on Yahoo! Finance UK, Washington Post and The Star

D&H Expands Hosted Security Offerings for MSPs, SMBs — Channelnomics

  • D&H Distributing is giving MSPs and SMBend customers access to SonicWall’s security solutions through a subscription model that removes upfront costs and offers predictable monthly payments.

Cybersecurity News

Taiwan says China behind cyberattacks on government agencies, emails — Reuters

  • Taiwan said hacking groups linked to the Chinese government had attacked at least 10 government agencies and some 6,000 government email accounts to steal important data.

FritzFrog malware attacks Linux servers over SSH to mine Monero — Bleeping Computer

  • A sophisticated botnet campaign named FritzFrog has been discovered breaching SSH servers around the world.

Ongoing Campaign Uses HTML Smuggling for Malware Delivery — Security Week

  • Referred to as Duri, the campaign attempts to evade network security solutions, including proxies and sandboxes, to deliver malicious code.

IRS Granted Tens of Thousands of Devices Network Access Without Proper Authentication — Nextgov

  • Most devices accessing the Internal Revenue Service’s internal network using wireless connections and virtual private networks weren’t authenticated, according to an audit.

U.S. Army Report Describes North Korea’s Cyber Warfare Capabilities — Security Week

  • A 332-page report, titled “North Korean Tactics,” details North Korean forces and their actions, with one chapter focusing on electronic intelligence warfare.

How a new federal policy for telling election officials about cyber-intrusions got put to use — Cyberscoop

  • An unidentified hacker reportedly spoofed the email account of a voting-equipment vendor and sent a phishing email to a local election official in Missouri.

NSA and FBI warn that new Linux malware threatens national security — Ars Technica

  • The FBI and NSA have issued a joint warning that Russian state hackers are using a previously unknown piece of Linux malware to infiltrate sensitive networks, steal confidential information, and execute malicious commands.

CISA Warns of Phishing Emails Delivering KONNI Malware — Security Week

  • The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert providing information on attacks delivering the KONNI remote access Trojan (RAT).

CactusPete hackers go on European rampage with Bisonal backdoor upgrade — ZDNet

  • The APT is attacking banks and military organizations throughout Eastern Europe.

Lawmakers introduce bill to help election officials address cyber vulnerabilities — The Hill

  • Reps. John Katko (R-N.Y.) and Kathleen Rice (D-N.Y.) introduced legislation to provide election officials with enhanced cybersecurity resources, as authorities ramp up warnings of foreign interference in the upcoming U.S. elections.

In Case You Missed It

SonicWall Products Compliant with NDAA Section 889 Regulations

SonicWall provides U.S. Government-certified cybersecurity solutions for administrative, intelligence, and military organizations and agencies. As such, SonicWall is committed to the integrity of its products as well as all partners and vendors that comprise SonicWall’s trusted and vetted global supply chain.

To ensure U.S. federal agencies and organizations can deploy SonicWall products and solutions with full confidence, all SonicWall products are compliant with the National Defense Authorization Act (NDAA), specifically Section 889.

SonicWall products, services and technology are also compliant with a number of key U.S. federal laws and regulations, including TAA, FIPS-140-2, Common Criteria, DoDIN APL, CSfC, USGv6, IPv6 Phase 2 and more.

SonicWall maintains a close and long-standing relationship with its subcontract manufacturers. SonicWall works closely with its manufacturers and suppliers to ensure the integrity and security of its facilities, systems and supply chain.

“What we have learned from the numerous breaches in the public and private sectors is that the foundation of the internet is a digital supply chain that must be defended from end to end,” SonicWall President and CEO Bill Conner wrote for The Hill.

NDAA SECTION 889 COMPLIANCE

SonicWall-branded devices, products and services are compliant with Section 889 of the National Defense Authorization Act. For more information on procurement or contract assurances, including a declaration of the NDAA compliance letter required for a proposal, please contact legal@sonicwall.com.

What is Section 889?

According to the National Defense Industrial Association (NDIA), Section 889 of the NDAA “prohibits federal agencies, their contractors and grant or loan recipients from procuring or using ‘telecommunications and video surveillance equipment or services’ from specific Chinese companies as a ‘substantial or essential component of any system, or as critical technology as part of any system.’

NDAA Section 889 also prohibits the use of telecommunications equipment and services produced by Huawei Technologies Company or ZTE Corporation, as well as video surveillance and telecommunications equipment and services produced by Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, Dahua Technology Company and affiliated entities and organizations.

To learn more about compliant SonicWall products, solutions and services for U.S. federal agencies and organizations, please contact federalteam@sonicwall.com or visit sonicwall.com/federal.

SonicWall CEO Bill Conner Talks Company Milestone in CRNtv Guest Appearance

Following a historic product launch that has been his mission in the making since arriving three and a half years ago, SonicWall President and CEO Bill Conner talks to CRNtv host Jennifer Zarata remotely from his Dallas home.

“The channels in all of us are now dealing with this new business normal with Boundless Cybersecurity,” said Conner. “Everyone is working within these newly extended distributed networks where that new extended ‘thing’ is your home … This is the exciting part of the timing of all this new capability.”

This global announcement unveiled the evolution of SonicWall Boundless Cybersecurity to include SonicOS 7, new high-performance NSsp 15700 firewalls, new multi-gigabit TZ570 and TZ670 firewalls, new CSa 1000 for on-prem sandboxing with Real-Time Deep Memory Inspection™ (RTDMI), new NSv virtual firewall choices and scalable cloud-native security management with Network Security Manager (NSM).

“The channels in all of us are now dealing with this new business normal with Boundless Cybersecurity,” said Conner. “Everyone is working within these newly extended distributed networks where that new extended ‘thing’ is your home… This is the exciting part of the timing of all this new capability.”

Conner also was joined by James Crifasi, COO and CTO of RedZone, a longtime partner of SonicWall.

“We’re excited about the integration between things like the Capture Client product, the Cloud App Security product, firewalls and the way they all work together,” said Crifasi. “In addition to that, the way that RTDMI is functioning and is used with Capture ATP, [it] just really can’t be competed with.”

CRNtv is a segment of CRN that shares video interviews with channel industry executives on the challenges and trends they’re seeing within the data, networking and security markets.

For over 30 years, Computer Reseller News’ editorial coverage has helped solution providers make successful decisions and avoid costly pitfalls. CRN also provides breaking news, channel voice opinions, and technical analysis by CRN Test Center.

Introducing the SonicExpress Mobile App

TZ570 and TZ670 Series firewall customers now have a new way to ease and enhance their onboarding experience.

For most of us, mobile devices are becoming the go-to means for getting work done in a digitally connected world. By 2023, the number of mobile device users will increase to 7.33 billion — and by 2025, 72% of those accessing applications and the web will do so with smartphones alone.

Network admins are also utilizing mobile devices to get work done: These devices allow them to extend their presence, enabling faster responses and easier network configuration and setup.

As part of our commitment to anytime, anywhere cybersecurity, SonicWall is launching the SonicExpress mobile app. The SonicExpress mobile app greatly simplifies firewall onboarding: device registration, initial setup, basic configuration, and monitoring for 7th generation SonicWall firewalls, including the recently launched TZ670 and TZ570 series. Designed for the Apple and Android platforms, the SonicExpress app is now available for download from the Apple App Store and the Google Play Store.

Onboarding as easy as 1, 2, 3

The typical onboarding process involves appliance registration and several other steps that must be completed in order to get a new firewall ready for configuration and use. With SonicExpress, the onboarding experience of a new firewall involves just three simple steps:

  1. Launch the SonicExpress App on a mobile device
  2. Connect a mobile device USB cable to the new firewall
  3. Finish setup

Designed with intuitive interfaces, the SonicExpress app guides the user through device registration and initial setup in less than a minute.

Simplified initial firewall setup

Zero-touch deployments require firewalls to connect to the internet using a DHCP address on the WAN interface. However, in certain deployments, WAN interfaces are assigned static IP addresses or configured over a PPPoE interface. For closed network deployments, there is typically no internet connectivity for the firewall being set up. The app helps with these and other initial setup configurations by connecting the firewall using the USB interface.

The SonicWall Express Setup Guide walks users through the process of getting their firewall registered and set up for specific deployment use cases. Alternately, users can choose to register the firewall without going through the entire setup process by simply scanning a QR code.

Monitoring your firewall

The SonicExpress app allows users to monitor firewalls for threat alerts, resource utilization and system status via an intuitive dashboard. It offers the flexibility of being able to check the health of your network from anywhere and the convenience of being able to make easy, quick changes necessary to ensure the security posture of your network.

There’s more coming

This is just the initial release of the app — we’ll be adding more features in future releases, including firmware management and advanced configuration capabilities similar to those available on the web management interface.

For a firsthand look at the new SonicExpress App, you can download it directly from the Apple App Store or Google Play Store.