SonicWall Products Compliant with NDAA Section 889 Regulations

SonicWall provides U.S. Government-certified cybersecurity solutions for administrative, intelligence, and military organizations and agencies. As such, SonicWall is committed to the integrity of its products as well as all partners and vendors that comprise SonicWall’s trusted and vetted global supply chain.

To ensure U.S. federal agencies and organizations can deploy SonicWall products and solutions with full confidence, all SonicWall products are compliant with the National Defense Authorization Act (NDAA), specifically Section 889.

SonicWall products, services and technology are also compliant with a number of key U.S. federal laws and regulations, including TAA, FIPS-140-2, Common Criteria, DoDIN APL, CSfC, USGv6, IPv6 Phase 2 and more.

SonicWall maintains a close and long-standing relationship with its subcontract manufacturers. SonicWall works closely with its manufacturers and suppliers to ensure the integrity and security of its facilities, systems and supply chain.

“What we have learned from the numerous breaches in the public and private sectors is that the foundation of the internet is a digital supply chain that must be defended from end to end,” SonicWall President and CEO Bill Conner wrote for The Hill.

NDAA SECTION 889 COMPLIANCE

SonicWall-branded devices, products and services are compliant with Section 889 of the National Defense Authorization Act. For more information on procurement or contract assurances, including a declaration of the NDAA compliance letter required for a proposal, please contact legal@sonicwall.com.

What is Section 889?

According to the National Defense Industrial Association (NDIA), Section 889 of the NDAA “prohibits federal agencies, their contractors and grant or loan recipients from procuring or using ‘telecommunications and video surveillance equipment or services’ from specific Chinese companies as a ‘substantial or essential component of any system, or as critical technology as part of any system.’

NDAA Section 889 also prohibits the use of telecommunications equipment and services produced by Huawei Technologies Company or ZTE Corporation, as well as video surveillance and telecommunications equipment and services produced by Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, Dahua Technology Company and affiliated entities and organizations.

To learn more about compliant SonicWall products, solutions and services for U.S. federal agencies and organizations, please contact federalteam@sonicwall.com or visit sonicwall.com/federal.

SonicWall CEO Bill Conner Talks Company Milestone in CRNtv Guest Appearance

Following a historic product launch that has been his mission in the making since arriving three and a half years ago, SonicWall President and CEO Bill Conner talks to CRNtv host Jennifer Zarata remotely from his Dallas home.

“The channels in all of us are now dealing with this new business normal with Boundless Cybersecurity,” said Conner. “Everyone is working within these newly extended distributed networks where that new extended ‘thing’ is your home … This is the exciting part of the timing of all this new capability.”

This global announcement unveiled the evolution of SonicWall Boundless Cybersecurity to include SonicOS 7, new high-performance NSsp 15700 firewalls, new multi-gigabit TZ570 and TZ670 firewalls, new CSa 1000 for on-prem sandboxing with Real-Time Deep Memory Inspection™ (RTDMI), new NSv virtual firewall choices and scalable cloud-native security management with Network Security Manager (NSM).

“The channels in all of us are now dealing with this new business normal with Boundless Cybersecurity,” said Conner. “Everyone is working within these newly extended distributed networks where that new extended ‘thing’ is your home… This is the exciting part of the timing of all this new capability.”

Conner also was joined by James Crifasi, COO and CTO of RedZone, a longtime partner of SonicWall.

“We’re excited about the integration between things like the Capture Client product, the Cloud App Security product, firewalls and the way they all work together,” said Crifasi. “In addition to that, the way that RTDMI is functioning and is used with Capture ATP, [it] just really can’t be competed with.”

CRNtv is a segment of CRN that shares video interviews with channel industry executives on the challenges and trends they’re seeing within the data, networking and security markets.

For over 30 years, Computer Reseller News’ editorial coverage has helped solution providers make successful decisions and avoid costly pitfalls. CRN also provides breaking news, channel voice opinions, and technical analysis by CRN Test Center.

Fake TikTok Beta steals TikTok, Facebook and Instagram credentials

The popular social media app TikTok is getting banned in a number of countries. Fraudsters are using this opportunity to spread fake TikTok apps in an effort to infect and scam more victims. SonicWall Capture Labs threats research team identified one such fake TikTok app that tries to steal victim’s credentials of TikTok account by showing a fake login page.

Infection Cycle

  • Md5: 7bece16d84f38e36b531e4b22f298205
  • Package Name: insta.tiktok.in
  • Application Name: TikTok Beta

Upon installation and execution, we see a custom TikTok login page:

 

The fonts, colors and overall appearance of the login screen raises suspicion of a phishing/fake page.

On entering the credentials a 404 Page Not Found error is shown which further raises suspicion as popular apps handle such error conditions in a more professional and elegant way.

 

However if a victim as reached this far, his account is already compromised as the entered credentials are sent to the attacker’s server account-[redacted].000webhostapp.com as shown below:

 

Intelligence gathering

After further investigation of the domain we found the following links under Tik Tok Beta directory:

  • Tik Tok Beta.html – Login screen
  • Database420.txt – Stolen victim credentials as shown below:

 

 

We found similar directories for Facebook and Instagram on the same domain as well with a similar page – Database420.txt – for stolen credentials, indicating that authors behind this malware have multiple popular target apps in mind:

 

Phishing pages are a common medium in stealing sensitive user information. This app uses the popularity of TikTok to steal victim’s credentials. Someone with a keen sense of observation will easily spot the phishing page but as evident from one of the pages obtained on the server, few people were duped into entering their legitimate credentials.

One of the best way to safeguard against such threats is to install apps only from the Google Play Store and follow proper security practices.

SonicWall Capture Labs provides protection against this threat with the following signature:

  • Stealer.CR (Trojan)

 

Appendix

Fake login pages for TikTok, Facebook and Instagram:

 

 

Voidcrypt ransomware actively spreading in the wild

The SonicWall Capture Labs threat research team observed reports of a new variant family of VoidCrypt ransomware [VoidCrypt.RSM] actively spreading in the wild.

The VoidCrypt ransomware encrypts the victim’s files with a strong encryption algorithm until the victim pays a fee to get them back.

Infection Cycle:

The ransomware adds the following files to the system:

  • Malware.exe
    •    %App.path%\ [Name]. < .Void >
    •    %App.path%\ Dycription.info.HTA > recovery instruction

Once the computer is compromised, the ransomware runs the following commands:

The ransomware encrypts all the files and appends the [Void] extension onto each encrypted file’s filename.

After encrypting all personal documents, the ransomware shows the following picture containing a message reporting that the computer has been encrypted and to contact its developer for unlock instructions.

 

We have been monitoring varying hits over the past few days for the signature that blocks this threat:

SonicWall Capture Labs threat research team provides protection against this threat via the following signatures:

  • GAV: VOIDCRYPT.RSM (Trojan)

 

This threat is also detected by SonicWall Capture ATP w/RTDMI and the Capture Client endpoint solutions.

Introducing the SonicExpress Mobile App

TZ570 and TZ670 Series firewall customers now have a new way to ease and enhance their onboarding experience.

For most of us, mobile devices are becoming the go-to means for getting work done in a digitally connected world. By 2023, the number of mobile device users will increase to 7.33 billion — and by 2025, 72% of those accessing applications and the web will do so with smartphones alone.

Network admins are also utilizing mobile devices to get work done: These devices allow them to extend their presence, enabling faster responses and easier network configuration and setup.

As part of our commitment to anytime, anywhere cybersecurity, SonicWall is launching the SonicExpress mobile app. The SonicExpress mobile app greatly simplifies firewall onboarding: device registration, initial setup, basic configuration, and monitoring for 7th generation SonicWall firewalls, including the recently launched TZ670 and TZ570 series. Designed for the Apple and Android platforms, the SonicExpress app is now available for download from the Apple App Store and the Google Play Store.

Onboarding as easy as 1, 2, 3

The typical onboarding process involves appliance registration and several other steps that must be completed in order to get a new firewall ready for configuration and use. With SonicExpress, the onboarding experience of a new firewall involves just three simple steps:

  1. Launch the SonicExpress App on a mobile device
  2. Connect a mobile device USB cable to the new firewall
  3. Finish setup

Designed with intuitive interfaces, the SonicExpress app guides the user through device registration and initial setup in less than a minute.

Simplified initial firewall setup

Zero-touch deployments require firewalls to connect to the internet using a DHCP address on the WAN interface. However, in certain deployments, WAN interfaces are assigned static IP addresses or configured over a PPPoE interface. For closed network deployments, there is typically no internet connectivity for the firewall being set up. The app helps with these and other initial setup configurations by connecting the firewall using the USB interface.

The SonicWall Express Setup Guide walks users through the process of getting their firewall registered and set up for specific deployment use cases. Alternately, users can choose to register the firewall without going through the entire setup process by simply scanning a QR code.

Monitoring your firewall

The SonicExpress app allows users to monitor firewalls for threat alerts, resource utilization and system status via an intuitive dashboard. It offers the flexibility of being able to check the health of your network from anywhere and the convenience of being able to make easy, quick changes necessary to ensure the security posture of your network.

There’s more coming

This is just the initial release of the app — we’ll be adding more features in future releases, including firmware management and advanced configuration capabilities similar to those available on the web management interface.

For a firsthand look at the new SonicExpress App, you can download it directly from the Apple App Store or Google Play Store.

Cybersecurity News & Trends

This week marks one of the biggest launches in SonicWall history, bringing with it a comprehensive set of new solutions designed to increase security, simplify management and meet the challenges of today’s cybersecurity reality.


SonicWall Spotlight

SonicWall’s Biggest Launch To-Date Delivers Future-Proof Security, Remotely — CRN TV

  • CRN’s video discusses SonicWall CEO Bill Conner’s leadership and showcases the importance of SonicWall to the channel and the industry overall.

SonicWall Leads SMB Market To Resolve Stretched Security Budgets And Risks For Newly Extended Remote Workforces — Source Security

  • SonicWall is introducing new zero-touch enabled, multi-gigabit SonicWall TZ firewalls with SD-Branch capabilities, along with a redesigned cloud-native management console.

SonicWall Refreshes High End Both Enterprise and SMB Firewalls — ChannelBuzz

  • ChannelBuzz highlights the new versions of SonicWall’s firewalls and includes commentary from Bill Conner on the importance of the launch.

SonicWall Sounds Off On Next-Gen Security Line Up  — SDxCentral

  • SDxCentral explains how SonicWall’s Gen 7 offerings expand the company’s enterprise capabilities and strengthen its current portfolio of products.

SonicWall Ships High-Speed Firewalls for SMB and Branch Office Environments — The ChannelPro Network

  • In a feature on SonicWall’s Gen 7 launch, the ChannelPro Network discusses SonicWall’s new firewall appliances.

Cybersecurity News

Israel Says It Thwarted Cyber Attack Targeting Defense Industry — Bloomberg

  • Israel has announced it foiled a cyberattack targeting its defense industry by a shadowy group that the U.S. has linked to North Korea. .

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal — Threat Post

  • The RAT is surging in 2020, becoming more prevalent than even the infamous TrickBot or Emotet malware.

Trump Moves on China Apps May Create New Internet ‘Firewall’ — Security Week

  • A Trump administration ban on apps such as TikTok and WeChat risks fragmenting an already fragile global internet and creating an American version of China’s “Great Firewall.

Avaddon ransomware launches data leak site to extort victims — Bleeping Computer

  • The Avaddon ransomware operators’ site will be used to publish the stolen data of victims who do not pay a ransom demand.

Hacked government, college sites push malware via fake hacking tools — Bleeping Computer

  • A large scale hacking campaign appears to offer articles on hacking social network accounts, but instead delivers malware and scams.

UN reports sharp increase in cybercrime during pandemic — The Washington Times

  • A 350% increase in phishing websites was reported in Q1 2020, many targeting hospitals and health care systems responding to the COVID-19 pandemic

Magecart group uses homoglyph attacks to fool you into visiting malicious websites — ZDNet

  • A new campaign is utilizing the Inter kit and favicons to hide skimming activities.

Maryland officials warn gun dealers about phishing scams — The Washington Times

  • Authorities in Maryland have issued an advisory about an apparent email phishing scam targeting firearms dealers in the state.

In Case You Missed It

Bring the Power of RTDMI Analysis On-Premises with CSa 1000

Our cloud-based Capture Advanced Threat Protection (ATP) service has been a great success across the SonicWall ecosystem since its introduction in 2016. With hundreds of thousands of networks around the world protected by Capture ATP, the security provided to our customers only continues to get stronger through a powerful network effect.

The advanced multi-engine sandboxing technology and our patented Real-Time Deep Memory InspectionTM (RTDMI) technology that comprise the Capture ATP service are built to detect the latest evasive malware and prevent it from landing on end-user machines with technologies like Block Until Verdict.

All products in the SonicWall portfolio plug into this powerful Capture ATP engine to provide advanced protection no matter where the user is: endpoint, network, wireless, email, SaaS cloud, private cloud, public cloud and even in remote access products.

Mitigate data residency, performance challenges

However, not all organizations can take advantage of this powerful protection against unknown, previously unseen threats. There may be a variety of reasons for this, including regulatory requirements, country-wide data residency requirements, performance reasons and more.

For example, a government organization in Canada may not be able to send files to a data center in the United States for analysis. A financial services company in the U.K., likewise, might not want to send its files to Germany or the U.S. A school with thousands of students might get overwhelmed if it had to send the thousands of files constantly in flight across its network to the cloud for analysis.

For that reason, we’re happy to introduce the Capture Security Appliance (CSa) 1000, which brings the power of RTDMI into a fast and efficient 1U form factor. We’ve already bragged about RTDMI’s ability to spot evasive malware days and weeks before other malware engines are able to identify it. Now that power can be deployed for a broader set of customers.

The CSa 1000 has another use, in addition to providing ATP services to SonicWall customers.

Non-SonicWall customers can use the CSa 1000 API capabilities to tap into the power of RTDMI for their internal workflows. A website portal for file submissions in an insurance company can ensure that malicious PDF and Office documents do not land on its network. Threat analysts inside of large organizations can script against the CSa 1000 API to rapidly assess whether a suspicious file that they gathered as part of evidence collection is malicious or benign.

The CSa 1000 aggregates files coming from all sources — firewalls, email security appliances and API sources — into a single console that allows one to view the activity across the network, schedule reports, analyze individual files, etc. It can scan approximately 2,500 files per hour when there’s a typical mix of file types, or approximately 300 files per hour when they’re executables that require deep dynamic analysis.

Analysis on the CSa 1000 is performed in three stages:

  • Reputation Check
    The appliance checks the reputation of the file and whether it’s been seen across our worldwide threat research network. The lookup occurs with a file hash, without the file ever leaving the appliance, in order to respect the data ownership requirements. Even this hash-based lookup can be disabled for customers who wish for absolutely zero evidence of the files that traverse their networks.
  • Static Analysis
    If the reputation lookup cannot determine whether the file is clearly benign or malicious, the file moves to the Static Analysis stage. This is a method of analysis that observes and deconstructs the file into its basic characteristics and extracts artifacts that can be used in a variety of models, including machine learning models, to quickly correlate the observed characteristics with files previously classified as malicious.
  • Dynamic Analysis
    This is where RTDMI dynamic analysis fully kicks in for the deepest level of analysis. The suspicious file is allowed to execute in a custom virtualized environment that is monitored by RTDMI, without the suspicious file being aware of the observation. Then, when the suspicious file unveils code that exhibits characteristics of being malicious, the RTDMI engine detects it and acts accordingly. How can it do that? Well, that’s the “secret sauce,” but it is devastatingly effective against obfuscation and evasion techniques deployed by malware writers. RTDMI doesn’t care what encryption, packing techniques or obfuscation techniques the malware uses. The malware is observed in memory at a near-real-time speed, so when the malware finally unpacks its actual payload, RTDMI can pounce and report on the activity.

At launch, the CSa 1000 will also support closed-network operation for the most sensitive networks, in which case the appliance does not initiate any internet connections and needs to be updated manually.

To learn more about CSa 1000, please visit the new product page. Customers who would like to use the API can also find code samples to get started at www.github.com/sonicwall.

SonicWall NSM: Centralized Firewall Management that Scales for Any Environment

As your organization expands, the need for rapid deployment of firewalls and other security services underscores the importance of unified security management — particularly if you’re a large, distributed enterprise or MSSP. Meanwhile, managing firewall operations, responding to risks and ensuring strong security measures and access controls are in place continue to be complex daily challenges. This has everyone, from C-level executives to security operators, asking some very nerve-racking questions:

  • Is our SecOps team overburdened with managing complex and perhaps even fragmented firewall silos?
  • How often do we experience inconsistent firewall policy implementations or policy misconfigurations, omissions or conflicts that cause security vulnerabilities that ripple across the organization?
  • Does our team have the required visibility and insight into these potential risks to respond quickly?
  • How we are measuring against our own internal security audits?

To help you address these tough questions, SonicWall is introducing Network Security Manager (NSM), a multi-tenant centralized firewall manager built for the cloud. NSM puts you in command of your firewall operations and lets you see and manage risks across your firewall ecosystem — all from one easy-to-use cloud app.

To borrow a “Star Trek” reference, when using NSM, you’ll have the “conn.” Device templates and configuration deployment wizards allow for central orchestration of firewall management while reducing policy misconfigurations and human error. The modern UI has been redesigned with a user-first emphasis and is intuitive and visually stunning. The menus, navigation and workflows have been simplified, and are logically organized and streamlined. By simplifying what was once complex, labor-intensive and error-prone, NSM gives you the power to be more effective, aware and in control.

Be in control

Built using cloud-native architecture like microservices and containers, NSM can infinitely scale on demand. Combined with NSM’s tenant-level manageability and visibility and its group-based device control, this unlimited scalability allows you to centrally deploy and manage an unlimited number of firewall devices, device groups and tenants while eliminating firewall silos.

NSM also gives you the ability to synchronize and enforce consistent security and policies across on-prem and cloud environments. And with NSM’s user-friendly cloud console, you can do it all from any location, using any browser-enabled device.

Be more effective

NSM gives you the tools to work smarter and take security actions faster with less effort. Workflows are guided by business processes and designed to simplify — and in some cases, automate — tasks to reduce the time and overhead of performing everyday security operations. For example, you can:

  • Track all managed firewalls from a single view and take administrative actions — including editing settings; synchronizing firewalls; upgrading software, audit or backup configurations; managing commits; scheduling reports; and more — directly from a unified device table
  • Onboard and operationalize hundreds of firewalls, switches and access points remotely through NSM’s significantly enhanced zero-touch deployment
  • Deploy configuration changes easily with an intuitive, four-step Commit and Deploy wizard
  • Use the REST API service to automate firewall operations — including device group and tenant management, audit configurations, performing system health checks and more — programmatically for any managed SonicWall firewalls.

Be more aware

NSM’s interactive dashboard features real-time monitoring and provides comprehensive reporting and analytics data. This allows security analysts and operators to troubleshoot problems, investigate risks and take smart security policy actions. NSM’s executive dashboard can help guide decision makers with security planning and policy actions, giving C-level executives the tools to better understand current threat activities and monitor company security posture. This data can also be used to determine whether internal security requirements are being met, whether to build risk management into the business strategy, or both.

… all with a lower TCO.

NSM can help lower overall TCO with its cloud-native SaaS offering. There’s no HW/SW to deploy; no maintenance schedule; no software customization, configurations or upgrades; no downtime; and no depreciation and retirement costs. Instead, organizations simply pay a low, predictable yearly subscription cost.

The UX/UI usability enhancements further reduce IT overhead, as management workflows are simplified for maximum efficiency. SecOps can easily find what they need and get things done with far fewer screens and clicks.

Deployment use cases

Since NSM is built for the cloud, it can fundamentally scale to support any environment — from a single small network with a few firewalls to a multi-tenant enterprise or MSSP environment with hundreds of security nodes under each tenant.

In small businesses with several managed firewalls, users can deploy a simple template for the firewalls in the DMZ zone and a different template for firewalls on the LAN to provide simple access control.

NSM also features a strong set of enterprise-level capabilities. Using a combination of features such as zero-touch, device group, template, and commit and deploy, admins can create and deploy a configuration template for each defined group of devices and apply it independently. This gives SecOps teams total operational control over how, what, where and when to manage their firewall operations.

Let’s take it a step further with a typical use case for a distributed enterprise — in this case, a major brand retailer with multiple outlets. This network infrastructure divides multiple locations around the country based on geography. In each location, NSM has multiple device groups created and categorized as Stores, Warehouses and Datacenter. It then commits and deploys a template to multiple device groups on the same network or over multiple networks.

Unlike a distributed enterprise, an MSSP manages multiple tenants in different locations. Each tenant has completely different ways of organizing devices and varying security requirements for each network. In this use case, a specific template or multiple templates can be created and applied to every tenant. Those assigned templates are considered local to a tenant. MSSP also has the flexibility to apply a global template to multiple device groups across all managed tenants to enforce consistent security measures on everything they manage.

In summary, although NSM is typically used by SecOps to run the day-to-day firewall operation, the use cases and benefits extend to other key stakeholders, from C-level executives to security analysts and IT leaders.

To learn more about NSM, visit www.sonicwall.com/nsm

New SonicWall NSsp 15700 Firewall: Security for Modern Enterprises

When it comes to solving business challenges, enterprises are generally eager to adopt new technologies, such as cloud computing, workforce mobility and automation. But now, many enterprises are finding their digital transformation journey laden with new challenges, including a surge in the number of connected devices, millions of encrypted connections, increased bandwidth needs, continually evolving evasive attacks and increased operational costs. On top of that, the uncertainty accompanying the COVID-19 pandemic has just redefined something as basic as the way work gets done.

To solve these challenges, enterprises want to deploy best-of-breed technologies while minimizing costs. However, many point products in the market pose challenges of their own, including management complexity, lack of interoperability, complicating or preventing unified security, and compliance requirements necessitating multiple appliances. All of these can lead to an explosion in overall operating costs.

Introducing SonicWall NSsp 15700: a NGFW for Enterprises, Government, Higher Ed & MSSPs

The SonicWall Network Security Services Platform (NSsp) 15700 is a next-generation firewall (NGFW) with multiple 100/40/10Gb interfaces that can process millions of connections. Its high-speed connectivity and large port density — coupled with superior IPS and TLS1.3 inspection support — make the new NSsp 15700 is an ideal threat protection platform for enterprise internet edge and data center deployments. And the newly introduced multi-instance capability (modern multi-tenancy) allows MSSPs and enterprises to provide guaranteed performance, reliability and availability while adhering to service level agreements.

SonicWall NSsp 15700 combines validated security effectiveness and best-in-class price performance in a high-end, multi-instance-capable next-generation firewall.

What’s New

High-speed connectivity with built-in redundancy

NSsp 15700 is an energy-efficient, reliable appliance in a compact 2U chassis. Powered by the next-generation SonicOSX 7.0 operating system, it is capable of processing millions of encrypted and unencrypted connections to deliver the uncompromised security required for large organizations.

The high-port-density NSsp 15700 includes 6x100GbE, 4x40GbE and 16x10GbE interfaces. It features a dedicated management port, 960GB of built-in storage, and redundant PSU and fans.

Specifications at a glance:

  • Up to 82Gbps of threat prevention performance
  • Up to 85Gbps of application inspection performance
  • Up to 21Gbps of TLS inspection performance
  • Up to 80 million stateful and 50 million DPI connections
  • 100/40/10GbE interfaces
  • Redundant power supply and fans

Powered by the new SonicOSX 7.0

The SonicWall NSsp 15700 is powered by SonicOSX 7.0, a new operating system built from the ground up to feature a modern user interface, intuitive workflows and user-first design principles. SonicOSX 7.0 provides multiple features designed for enterprise-level workflows, including support for TLS 1.3 encryption standard and Unified Policy, which brings Layer 3 and Layer 7 access and security under a single policy. SonicOSX 7.0 also introduces multi-instance architecture — including complete tenant isolation, resource reservation, and firmware and configuration management options — allowing MSSPs and organizations to offer multiple firewall instances on a single hardware appliance.

Major features:

  • Unified policy
  • Multi-instance architecture
  • Security services profiles
  • Configuration audit and change management
  • New application framework
  • Enhanced APIs
  • New dashboards for device, network, application, threats and Capture Advanced Threat Protection (ATP)
  • Notification center providing actionable alerts
  • Consistent look and feel between firewall and Network Security Manager (NSM)
  • Usage statistics for rules, objects and services

More details about the new SonicOSX 7.0 can be found here.

Unified Policy for modern enterprises

With Unified Policy Layer 3 to Layer 7, access and security controls are combined in a single policy to reduce rule management overhead and provide a centralized location for policy configuration. Security services like Gateway Anti-Virus, Anti-Spyware, Capture Advanced Threat Protection (ATP), Intrusion Prevention and Geo-IP Filtering can be enforced per policy to provide greater flexibility for enterprises.

The SonicWall NSsp 15700 features an intuitive interface of contextual security policies and actionable alerts, all manageable with point-and-click simplicity. This helps administrators reduce configuration errors and deployment time, improving overall security posture. Views such as “shadow rules,” “active and inactive,” and “used and unused” help with maintaining overall rule hygiene.

Multi-instance architecture — the modern multi-tenancy

SonicWall has taken a modern approach to legacy multi-tenancy with its multi-instance, containerized architecture. This feature enables the platform to run multiple independent firewall instances on the same hardware without having to manage multiple appliances. The ability to establish degrees of separation across business units or customers helps enterprises and MSSPs meet their compliance requirements.

While traditional multi-tenancy architectures suffer from resource starvation and tenant failures that can affect other tenants, SonicWall’s multi-instance architecture shines by allowing dedicated hardware resources, independent firmware and separate configurations for its instances.

The following comparison of multi-instance-based architecture comparison with legacy multi-tenant solutions clearly illustrates the superior value of NSsp 15700 solution.

SonicWall Multi-InstanceLegacy Multi-Tenancy
Containerized ArchitectureX
Complete Tenant IsolationX
Independent Firmware VersionsX
Independent Configurations and ManagementX
Multi-Service PotentialX
Single Tenant Failure ResistantX
Resource Starvation ResistantX
HA InstancesX
Multiple Firewalls on a Single Hardware

What’s more, NSsp 15700 offers huge cost savings by eliminating additional license costs for its instances and security services.

Overall Solution Value

With the introduction of the new NSsp 15700 NGFW, SonicWall continues its commitment to providing enterprise-class security at a very reasonable budget, all without compromising performance.

To learn more about the new NSsp 15700, watch the video or visit our website.

New SonicWall TZ570 and TZ670: Security for Modern SMBs and Branches

Last weekend I was at a well-known retail chain location to pick up an online order. To comply with social distancing recommendations, businesses have been fulfilling online orders at the curb. What struck me was that small businesses and branches are continuing to find new normal ways to continue doing business — and that the pandemic has just redefined the way we interact, but not operate. Businesses, more than ever, are being overwhelmed by the sheer volume of network traffic and need security solutions that scale, accommodate ever-increasing broadband speeds and fit within their limited budgets.

While there are many products that claim to deliver these capabilities in an entry-level firewall, few offer a complete feature set with high performance at a low total cost of ownership. Some solutions don’t provide adequate protection from threats such as malware and ransomware, while others lack integrated features such as SD-WAN for branch locations. Modern branches continue to look for integrated, single-pane-of-glass management solutions for their network setup — including firewalls, switches and access points — at small-business price points.

Introducing TZ570 and TZ670 – Integrated SD-Branch Platforms

The new SonicWall TZ Series is the first small (desktop) form factor, business-class, deep packet inspection firewall on the market to feature multi-gigabit interfaces (10G/5G/2.5G). The new TZ line of products features state-of-the-art hardware designed to handle the requirements of small businesses and modern software-defined branches.

Let’s look at some of the major highlights of the new TZ series platforms:

Next-generation hardware platforms with industry-leading performance

The new TZ series platforms provide groundbreaking performance to deliver automated real-time breach detection and prevention, as well as TLS/SSL decryption and inspection, all over multi-gigabit wired and 802.11ac Wave 2 wireless networks.

TZ670 is a high-port density firewall featuring 2x10GbE SFP+, 8x1GbE interfaces with a dedicated management port and 16GB of built-in storage. In addition to the multi-gigabit ports, high-speed processors and robust onboard memory, the new TZ series includes additional hardware enhancements that make it the ideal firewall for small businesses and distributed enterprises. For added redundancy, an optional second power supply is available in case of failure. An expandable secondary storage module of up to 256GB is provided to support various features, including logging, reporting, configuration backup and restore, and more. The TZ670 comes pre-populated with 32GB of secondary storage.

Specifications at a glance:

  • Up to 2.5Gbps of threat prevention performance
  • 10GbE Interfaces
  • 11ac Wave 2 wireless
  • Built-in storage expandable up to 256GB
  • Optional redundant power supply
  • USB 3.0 super speed ports for 5G/LTE USB modems

Secure SD-WAN platform for modern branches

The SonicWall TZ series represents the continuing evolution of SonicWall’s vision for a deeper level of network security without a performance penalty. More than simply a replacement for its predecessor, the new TZ series lineup addresses the growing trends in web encryption and mobility by delivering a solution that meets the need for high-speed threat prevention. To protect against more advanced threats such as unknown and zero-day attacks that are concealed in encrypted web traffic, the new TZ570 and TZ670 products utilize Capture, SonicWall’s cloud-based, multi-engine sandboxing service with patent-pending Real-Time Deep Memory Inspection™ (RTDMI) technology.

With built-in SD-WAN (provided at no additional cost), routing and advanced security services — coupled with zero-touch provisioning of SonicWall switches, Dell X-Series & N-Series switches, and SonicWave access points through NSM —the new TZ platform provides the rapid deployments required for modern branch setups.

SonicOS 7.0 features modern-look UX/UI and TLS1.3 support

The new TZ products are powered by SonicOS 7.0, a new, modern user interface built from the ground up and designed with intuitive workflows and user-first design principles. SonicOS 7.0 provides multiple new features, including support for the new TLS1.3 encryption standard. More details about the new SonicOS 7.0 can be found here.

Today, with the introduction of the new TZ570 and TZ670 integrated threat prevention SD-WAN platforms, SonicWall continues its commitment to providing enterprise-class security at small business budgets, without compromising on performance.

To learn more about the new TZ series, watch the video or visit our website.