SonicWall Named Silver Partner of the Year by CDW Canada

/0 Comments/in /by

SonicWall is proud to announce that it recently won the Silver Partner of the Year Award from CDW Canada.

At the March 22 virtual ceremony, SonicWall was chosen from among four finalists, a list that also included Juniper Networks, Okta and NVIDIA.

“In a truly tumultuous year, SonicWall played an integral role supporting CDW’s goal of putting our customers at the center of everything we do,” said Ginette Adragna, vice president and general manager for CDW Canada. “The ongoing and meaningful collaboration between our two great organizations played a crucial role in 2020, and we look forward to building on this relationship to best serve our Canadian customers in 2021 and beyond.”

The Partner of the Year Awards are selected based on input and recommendations from CDW Canada’s sales, product and partner management, marketing, and finance teams. The selected brands are evaluated based on their ability to demonstrate outstanding leadership and provide excellent service to CDW Canada’s coworkers and customers.

CDW Canada is a leading multi-brand technology solutions provider for government, education, healthcare and business organizations. CDW Canada helps customers meet their goals by delivering integrated technology solutions and services to help customers navigate an increasingly complex IT market and maximize the return on their technology investment. The company is focused on software, networking, unified communications, data center and mobility solutions.

CDW Canada is on the Channel Daily News Top 100 Solutions Providers list, and is a wholly owned subsidiary of Vernon Hills, Illinois-based CDW Corporation, a Fortune 500 company.

Expanding the Trophy Case: SonicWall Attains 5-Star Rating in 2021 CRN Partner Program Guide

/0 Comments/in /by

Only three months into the start of a new year, SonicWall has now claimed its 18th industry-recognized accolade. The SonicWall SecureFirst partner program has received a 5-star rating in the 2021 CRN Partner Program Guide.

The honor is awarded to an exclusive group of companies that offer solution providers the best of the best, going above and beyond in their partner programs. This annual guide provides a conclusive list of the most distinguished partner programs from leading technology companies that provide products and services through the IT channel.

“At SonicWall, we listen,” said HoJin Kim, SonicWall SVP, Worldwide Channel, North American Sales. “We work incredibly hard to provide partners with everything they need in order to not only meet their yearly objectives, but exceed them. We hope to see our partners increase their use of partner playbooks and marketing campaigns in the new year and ingrain themselves in our partner community.”

The SonicWall SecureFirst program was modified this year to make it more inclusive of registered partners. Changes include acceptance of third-party certifications for the silver tier to recognize the rise of industry talent. The continuing education requirement was also reduced to allow more flexibility with enablement requirements, as was the number of gold partners to strengthen the program and partner relationships.

“As innovation continues to fuel the speed and intricacy of technology, solution providers need partners that can keep up and support their developing business,” said Blaine Raddon, CEO of The Channel Company. “CRN’s 2021 Partner Program Guide gives insight into the strengths of each organization’s program to recognize those that continually support and push positive change inside the IT channel.”

Given the importance of IT vendor channel programs, each year CRN develops its Partner Program Guide to provide the channel community with a detailed look at the partner programs offered by IT manufacturers, software developers, service companies and distributors. Vendors are scored based on investments in program offerings, partner profitability, partner training, education and support, marketing programs and resources, sales support, and communication.

In addition to its 5-star rating, SonicWall’s Bob VanKirk, HoJin Kim and Dave Bankemper were recently named to the annual CRN 2021 Channel Chiefs List, which recognizes leading IT channel vendor executives who continually demonstrate outstanding leadership, influence, innovation and growth. In March, the company was included on the outlet’s list of Top 100 Security Companies and took home 10 Globee® Awards in the 17th Annual 2021 Cybersecurity Global Excellence Awards®.

If you’re interested in more information on becoming a SonicWall partner, please visit, www.sonicwall.com/partners/become-a-partner.

Does Your Network Need a Watchman?

/0 Comments/in /by

So, you’ve decided to open a bar. You hire the best decorator, purchase the best selection of bottles imaginable, and hire the best bartender you can find. The bar opens to rave reviews, and instantly becomes the hottest spot in town.

Within a month, it’s closed. As it turns out, allowing just anybody in—or out—isn’t sound business practice.

That goes double for cybersecurity. Imagine if your business was content having no visibility into a common source of problems and noncompliance. Unfortunately, this may already be the case, as many businesses still do not make inspecting encrypted traffic a priority.

First of all, let’s explore what encrypted threats are: In simple terms, SSL (Secure Sockets Layer) can create an encrypted tunnel for securing data over an internet connection. TLS (Transport Layer Security) is a newer, more secure version of SSL.

While TLS and SSL provide legitimate security benefits for web sessions and internet connections, cybercriminals are increasingly using these encryption standards to hide malware, ransomware, zero-day and more. Today, an estimated 35% of threats are encrypted — and that number is on the rise (Source: Gartner).

Unfortunately, there’s a fear of complexity and a general lack of awareness around the need to responsibly inspect SSL and TLS traffic — particularly using deep packet inspection (DPI) — for malicious cyberattacks. This attitude is especially dangerous because traditional security controls lack the capability or processing power to detect, inspect and mitigate cyberattacks sent via HTTPS traffic.

In the case of our theoretical bar, hiring a watchman would have made all the difference in continuing to be successful, and having to shut down (or being shut down) due to insufficient or nonexistent control over traffic. Similarly, as the rate of encrypted threats continues to rise, examining encrypted traffic could make the difference between recognizing and blocking a threat, and being forced to pick up the pieces after a successful cyberattack.

Imagine your bar had a dress code. Regardless of whether that dress code mandated fashionable club wear or a jacket and tie, without a watchman or doorperson, there’s nothing to enforce it. Worse, with no one to check coats, you never know who might be wearing a hockey jersey or a crass political T-shirt under their khaki trench coat.

The interplay between content filtering solutions and encrypted traffic is similar. With 80 to 90 percent of traffic now coming over encrypted connections using HTTPS, your content filtering solutions become completely inaccurate (Source: Google Transparency Report). They have a limited efficiency when it comes to identifying the destination webpage and deciding how to deal with potential threats. And without the ability to see what’s going on below the surface, you’re in danger of threats sneaking past.

Similarly, sandboxing solutions are of limited usefulness when it comes to encrypted threats. If a cybercriminal manages to establish an encrypted connection between the threat actor controller and an endpoint, they could transfer files back and forth—including additional malware. In most cases, organizations have a single sandboxing solution which is capable of scanning all files and ensuring they’re non-malicious before allowing them.

But if communication is encrypted, the sandboxing solution is rendered useless because you’re unable to capture the files traveling between a CC and the endpoint. The solution sees encrypted traffic happening between two IPs but have no visibility into what’s going on.

In the example of our watchman, think of him as a seasoned professional. He’s got a mental list of troublemakers 20 years in the making and can spot one a mile away. But without someone at the door to recognize those who become a danger to themselves and others, they can walk right in—and to someone whose job isn’t spotting these sorts of troublemakers, they’re just another patron until it’s too late.

Sometimes it’s not just about what’s going into the bar (or network)—it’s also about what’s leaving.  Many security solutions are designed for data loss prevention, but encryption has the ability to hide this entirely. This allows malicious actors (from inside or outside the organization) to steal private or confidential data without anyone noticing, and then once they have enough to blackmail you, they will often deploy ransomware.

Unfortunately, normal gateway appliances without decryption available/turned on have no visibility into this traffic. And the risks extend beyond trojans, ransomware and malware—such data exfiltration could also put you out of compliance with regulations like HIPAA, PCI or GDPR, inviting stiff fines.

Did your bar close because patrons got caught leaving with drinks or employees were witnessed sneaking bottles out in a handbag? That isn’t just illegal for them—it’s illegal for you, too. And sometimes the penalties for lack of compliance, whether that’s local ordinances for pubs or national compliance regulations for large organizations, can threaten or even close businesses.

In both cases, the answer is the same: a fearless and effective defender who’s smart enough to know who to let in and who to keep out—and the muscle to back it up without creating a bottleneck at the door.

To find out more about what you need to do to inspect your organization’s encrypted traffic, click here to register for the latest Mindhunter webinar: “Does Your Network Need a watchman?” on April 20, at 10 a.m. GMT

La vostra rete ha bisogno di un buttafuori?

/0 Comments/in /by

Finalmente avete deciso di aprire un cocktail bar. Trovate il miglior arredatore di interni, acquistate la migliore selezione di vini e liquori e assumete il miglior barman che riuscite a trovare. Nel giro di poco tempo tutti parlano del vostro cocktail bar, che diventa il locale più di tendenza della città.

Ma dopo un mese, il locale chiude. A quanto pare, la decisione di far entrare – o uscire – chiunque non è stata una buona idea.

Lo stesso vale per la cybersecurity. Immaginate cosa potrebbe accadere se la vostra azienda non fosse a conoscenza di un certo problema o non conformità interna. Purtroppo questo accade già molto spesso, in quanto l’ispezione del traffico crittografato non viene considerata una priorità da molte aziende.

Ma prima di tutto chiariamo cosa sono le minacce crittografate: in poche parole, l’SSL (Secure Sockets Layer) può creare un tunnel crittografato per proteggere i dati in una connessione internet. Il protocollo TLS (Transport Layer Security) è una versione più recente e più sicura dell’SSL.

Mentre TLS e SSL offrono evidenti vantaggi in termini di sicurezza per le sessioni web e le connessioni internet, i cybercriminali utilizzano sempre più spesso questi standard di crittografia per nascondere malware, ransomware, zero-day e altre minacce. Secondo alcune stime il 35% delle minacce attuali sono crittografate, e questa tendenza è in crescita (fonte: Gartner).

Purtroppo esiste un certo timore verso la complessità e una generale mancanza di consapevolezza sull’importanza di ispezionare a fondo il traffico SSL e TLS, in particolare con l’ispezione approfondita dei pacchetti (DPI), per rilevare attacchi informatici dannosi. Questo atteggiamento è particolarmente rischioso, perché i controlli di sicurezza tradizionali non hanno le capacità o la potenza di elaborazione per rilevare, ispezionare e mitigare i cyber attacchi sferrati attraverso il traffico HTTPS.

Nel caso del nostro cocktail bar teorico, la presenza di un buttafuori avrebbe fatto la differenza tra il continuare un’attività di successo e il dover chiudere a causa di un controllo insufficiente o inesistente del traffico. Allo stesso modo, visto il continuo aumento del numero di minacce crittografate, l’ispezione del traffico crittografato può fare la differenza tra il riconoscere e bloccare per tempo una minaccia e il dover rimediare ai danni subiti dopo un cyber attacco andato a buon fine.

Supponiamo ora che il vostro cocktail bar abbia un dress code. Indipendentemente dal codice di abbigliamento che decidete di adottare, senza un controllo all’ingresso non c’è modo di applicarlo. Inoltre, se nessuno si occupa del guardaroba, non si può mai sapere se sotto una giacca elegante un ospite indossa una maglia da calcio o una t-shirt con slogan offensivi.

L’interazione tra le soluzioni di filtraggio dei contenuti e il traffico crittografato funziona in modo simile. Con l’80-90% del traffico proveniente da connessioni crittografate con HTTPS, le soluzioni di filtraggio dei contenuti non sono in grado di fornire un’ispezione accurata (fonte: Rapporto sulla trasparenza di Google). Quando si tratta di identificare la pagina web di destinazione e di decidere come gestire potenziali minacce, queste soluzioni hanno un’efficienza limitata. E senza la capacità di vedere cosa succede sotto la superficie, aumenta il pericolo che le minacce passino inosservate.

In modo analogo, le soluzioni di sandboxing non sono particolarmente utili nel caso delle minacce crittografate. Se un cybercriminale riesce a stabilire una connessione crittografata con un endpoint, potrebbe essere in grado di trasferire anche file e malware di vario tipo. La maggior parte delle aziende utilizza un’unica soluzione di sandboxing che scansiona tutti i file e verifica che non siano dannosi prima di consentirne l’accesso.

Ma se la comunicazione è crittografata, la sandbox diventa inutile perché non è in grado di riconoscere i file trasmessi tra un CC e l’endpoint. La soluzione vede semplicemente che due indirizzi IP si scambiano traffico crittografato, ma non ha alcuna visibilità sul loro contenuto.

Nell’esempio del nostro buttafuori, sappiamo che è un professionista esperto. Si ricorda di tutti gli attaccabrighe degli ultimi 20 anni e li riconosce lontano un chilometro. Ma se alla porta non c’è nessuno in grado di riconoscere chi può essere un pericolo per se e per gli altri, queste persone possono entrare tranquillamente e nessuno se ne rende conto finché non sarà troppo tardi.

A volte il problema non riguarda solo chi entra nel locale (o nella rete), ma anche ciò che esce.  Molte soluzioni di sicurezza sono progettate per prevenire la perdita di dati, ma la crittografia ha la capacità di nascondere completamente i dati. In questo modo gli utenti malintenzionati (all’interno o all’esterno dell’azienda) possono rubare dati privati o riservati senza che nessuno se ne accorga e, una volta raccolti dati a sufficienza, spesso utilizzano un ransomware per ricattare l’azienda.

Purtroppo, i comuni gateway senza decrittografia disponibile/attivata non hanno alcuna visibilità su questo traffico. I rischi non si limitano a trojan, ransomware e malware: un’esfiltrazione di dati di questo tipo può anche mettere a rischio la conformità a normative come GDPR, HIPAA o PCI, esponendo l’azienda a multe severe.

Il vostro locale ha dovuto chiudere perché alcuni clienti sono stati sorpresi a uscire con dei drink o i dipendenti hanno trafugato alcune bottiglie? Si tratta di un’azione illegale non solo per loro, ma anche per voi. A volte le sanzioni per la mancanza di conformità, che si tratti di ordinanze locali per locali notturni o di normative di conformità nazionali per le grandi organizzazioni, possono mettere a rischio o addirittura portare alla chiusura delle aziende.

In entrambi i casi, la soluzione è la stessa: ci vuole un addetto alla sicurezza imperterrito, efficace e sufficientemente esperto da sapere chi lasciare entrare e chi no – il tutto con l’abilità necessaria per non creare code all’ingresso.

Per scoprire cosa vi serve per ispezionare il traffico crittografato della vostra azienda, registratevi al nuovo webinar di Mindhunter: “La vostra rete ha bisogno di un buttafuori?”, che si terrà il 23 aprile alle ore 14:00 CET

Cybersecurity News & Trends – 03-26-21

/0 Comments/in /by

This week — with higher education institutions and electricity companies on high alert, and with the Microsoft Exchange server crisis raging on — it’s no wonder 82% say cyberterrorism is America’s top potential threat.

SonicWall in the News

IoT malware attacks saw a huge rise last year — Techradar

  • As the number of consumer-oriented IoT devices grows, data from SonicWall’s 2021 Cyber Threat Report suggests, IoT malware has been on the rise.

Phishing Email Warning Shows Cybercriminals Seizing on Tax Filing Delay, Vaccine Rollout Gallery — Channel Futures

  • Dmitriy Ayrapetov explains how bad actors are targeting vaccine distribution and takes a closer look at the threats caused by the remote workforce.

ICYMI: Our Channel News Roundup For the Week of March 15 — ChannelPro Network

  • SonicWall’s 2021 Cyber Threat Report was included in ChannelPro Network’s weekly news roundup.

India Saw Largest Spike In Malware Attacks In 2020: Report — ET CISO

A Pandemic Of Email Scams — Financial Times

  • SonicWall recently reported a 62% increase in ransomware attacks last year and a 74% increase in malware variants.

New SonicWall 2020 Research Shows Cyber Arms Race At Tipping Point — CIO Review India

  • This article spotlights SonicWall’s 2021 Cyber Threat Report.

Industry News

Lawmakers reintroduce legislation to secure internet-connected devices — The Hill

  • The Cyber Shield Act would create a voluntary cybersecurity certification program for IoT devices.

Ransomware operators are piling on already hacked Exchange servers — Ars Technica

  • The fallout from the Microsoft Exchange server crisis isn’t abating just yet.

Purple Fox Malware Targets Windows Machines With New Worm Capabilities — Threat Post

  • A new infection vector from the established malware puts internet-facing Windows systems at risk from SMB password brute-forcing.

Thousands of Exchange servers breached prior to patching, CISA boss says — Cyberscoop

  • A U.S. government cybersecurity official has warned organizations not to have a false sense of security when it comes to vulnerabilities in Microsoft Exchange Server software, noting that “thousands” of computer servers with updated software had already been breached.

Covid-19: Vaccines and vaccine passports being sold on darknet — BBC

  • Researchers say they have seen a “sharp increase” in vaccine-related darknet adverts, while the BBC has been unable to determine whether the vaccines being sold there are real.

UK colleges and unis urged to prepare for ransomware before it’s too late — The Register

  • There’s been an uptick in attacks since schools reopened, warns National Cyber Security Centre

Electricity Distribution Systems at Increasing Risk of Cyberattacks, GAO Warns — Security Week

  • A newly published report form the U.S. Government Accountability Office describes the risks of cyberattacks on the electricity grid’s distribution systems, along with the scale of the potential impact of such attacks.

8 in 10 say cyberterrorism is top potential threat: Gallup — The Hill

  • According to the survey, 82% of respondents said cyberterrorism is a critical threat to the U.S.

TikTok Doesn’t Pose Overt U.S. National Security Threat, Researchers Say — The New York Times

  • A new study by university cybersecurity researchers found that the computer code underlying the TikTok app doesn’t pose an overt national security threat to the U.S.

Acer reportedly targeted with $50 million ransomware attack — ZDNet

  • The REvil ransomware gang has published various Acer documents, such as financial spreadsheets, bank balances and bank communications.

FBI warns of BEC attacks increasingly targeting US govt orgs — Bleeping Computer

  • The Federal Bureau of Investigation is warning U.S. private sector companies about an increase in business email compromise (BEC) attacks targeting state, local, tribal, and territorial (SLTT) government entities.

Microsoft Defender Antivirus now automatically mitigates Exchange Server vulnerabilities — ZDNet

  • Mitigation fixes will be applied automatically in a renewed effort by Microsoft to contain security incidents caused by the bugs.

SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests — ZDNet

  • Existing victim networks are used as a novel form of sandbox, as cybercriminals exploit them to test out payloads.

In Case You Missed It

China’s “Winnti” Spyder Module

/in /by

Overview:

SonicWall’s Capture Labs Threat Research Team, recently captured and evaluated a new malicious sample termed Spyder, from China’s “Winnti” hacking group. This backdoor is written in C++ and designed to run on 64-bit Windows. This module is being used for targeted attacks on information storage systems, collecting information about corrupted devices, executing mischievous payloads, coordinating script execution, and C&C server communication. The module is loaded by the MSDTC system service using a well-known DLL Hijacking method. The function names within the modules export table are related to the exported functions of the apphelp.dll system library.

Static Information & Error Checking Information:

Dynamic Information:

Dll Main inside x64 debug:

Encrypted PE File in memory:

Call to Shellcode see RAX:

Dll Main inside Encrypted PE File:

Network Artifacts:

Get Request:

Possible domains in the wild:

  • sidc.everywebsite.us
  • snoc.hostingupdate.club
  • wntc.livehost.live
  • hccadkml89.dnslookup.services
  • koran.junlper.com
  • nted.tg9f6zwkx.icu
  • sidcfpprx14.in.ril.com
  • sidcfpprx01.in.ril.com
  • sidcfpprx25.in.ril.com
  • sidcfpprx10.in.ril.com

Supported Systems:

  • Windows 10
  • Windows 8.1
  • Windows 8.0
  • Windows 7
  • Windows Vista

SonicWall, (GAV) Gateway Anti-Virus, provides protection against this threat:

  • GAV: Spyder.DN (Trojan)

Appendix:

Sample SHA-1 Hash: 41777d592dd91e7fb2a1561aff018c452eb32c28

Hog ransomware decrypts victims who join their Discord server spreading in the wild

/in /by

The SonicWall Capture Labs Threat Research team observed reports of a new variant family of Hog ransomware actively spreading in the wild.

The Hog ransomware encrypts the victim’s files with a strong encryption algorithm and only decrypts them if they join the developer’s Discord server.

Infection Cycle:

The ransomware adds the following files to the system:

  • Malware.exe
    • %App.path%\ [Filename]. Hog

Once the computer is compromised, the ransomware runs the following commands:

When Hog is started it will create and assign a unique ID number to the victim then scan all local drives for data files to encrypt.

When encrypting files it will use the AES encryption algorithm and encrypt all files except following extensions:

.exe .dll .ini .scr .sys .vmx .vmdk

The ransomware encrypts all the files and appends the [.Hog] extension onto each encrypted file’s filename.

 

If the victim has joined the Discord server the ransomware will decrypt the victims’ files using a static key embedded in the ransomware.

After encrypting all personal documents, the ransomware shows the following page containing a message reporting that the computer has been encrypted and how to unlock the files.

SonicWall Capture Labs provides protection against this threat via the following signature:

  • GAV: HogRansom.RSM (Trojan)

This threat is also detected by SonicWall Capture ATP w/RTDMI and the Capture Client endpoint solutions.

Accelerated SonicWall Portfolio Expansion Delivers Enterprise-Grade Protection, Lower TCO

/0 Comments/in /by

The last 12 months have been about acceleration — across all aspects of life. For the cybersecurity industry, that meant helping organizations and businesses quickly deploy secure remote workforces in a matter of weeks.

And while we accomplished those goals early on, the mission has now shifted to delivering more innovation around security, capacity, flexibility and cost savings in a remote-first world.

To keep that commitment, today we announce yet another expansion of our product portfolio with the all-new NSa 3700, a multi-gigabit next-generation firewall designed to thwart attacks targeting organizations in all industries. In addition to the NSa 3700 firewall, we’re also introducing several product updates that add more value, simplicity and versatility to our modern security and management offerings.

The expansion of the Capture Cloud platform includes:

  • SonicWall NSa 3700 — Our latest mid-range firewall expands threat protection with multi-gigabit security for retail, K-12 and secondary education, higher education, distributed enterprises, and government agencies. Powered by SonicOS 7.0, the new SonicWall NSa 3700 firewall delivers a modern UX/UI and advanced security controls, plus critical networking and management capabilities to increase visibility and help defend against today’s increasingly targeted attacks.
  • SonicWall CSa 1.2 — CSa’s newest update delivers advanced, closed-network threat protection for governments and compliance-conscious organizations using SonicWall Capture Security appliance (CSa) appliances. The SonicWall Capture Advanced Threat Protection (ATP) service with patented RTDMI™ can now be deployed without the need to connect to external resources, which is important for organizations operating air-gapped networks.
  • SonicWall Network Security Manager (NSM) 2.2 — Our cloud-native security management service includes new enhancements to usability, security and flexibility. This includes powerful capabilities around policy configuration, certificate management, two-factor authentication and more.
  • SonicWall Next-Gen Analytics 3.0 — The powerful analytics engine transforms threat data into defensive actions to address hidden risks across networks, applications and users. This helps organizations find threats up to 25% faster and mitigate suspicious behavior upon discovery.
  • SonicWall Wireless Network Manager (WNM) 3.5 — We’ve rebranded and reimagined our existing wireless security management solution to unify visibility and control. By combining SonicWall switches and SonicWave wireless access points into a single solution, it’s now easier than ever to securely monitor and manage both access points and switches — all from a single interface.
  • SonicWall Capture Client 3.6 — Our popular endpoint protection solution now includes support and compatibility for devices running Apple macOS Big Sur.

“These new and enhanced solutions offer organizations an elastic and scalable cloud model to enable leaders to close critical security gaps using robust, enterprise-grade threat protection with next-generation technology,” said SonicWall President and CEO Bill Conner in the official announcement. “As the cyber arms race continues to escalate, SonicWall looks to equip organizations with proven security at a low total cost of ownership and high security efficacy.”

To learn more about SonicWall’s new products and enhancements, review the official press announcement, contact a SonicWall security expert, or click the product names  for a closer look into each major new product.

Capture Client 3.6: Big Sur, But Safer

/0 Comments/in /by

The release of Capture Client 3.6 is bringing the platform’s next-generation malware protection and application vulnerability intelligence to macOS Big Sur.

The update is still beneficial regardless of which OS you’re running, however— v.3.6 includes a number of bug fixes that improve user and management experience. The SonicWall team is already hard at work on v.3.7, which will take this commitment to user experience even further with a strong roadmap update.

Previously, the 3.5 release of Capture Client focused on improvements to our user interface and the addition of Global Operations, which is best suited for our MSSP partners. This release greatly improved the Global Dashboard and added Global Policies for use across tenants. For a more detailed look at the v.3.5 release, watch “How to Manage Global Multi-Tenant Operations and Policies with Capture Client 3.5.”

To learn more about how SonicWall Capture Client can help you stop attacks before they execute, manage multiple tenants with ease, and use advanced reporting to effortlessly understand your security posture, click here.

New SonicWall NSa 3700: The Latest Next-Generation Firewall for Medium Enterprises

/0 Comments/in /by

Medium enterprises are increasingly faced with budget constraints and a shortage of cybersecurity experts among their IT staff. At the same time, network traffic continues to rise … as does the number of online transactions …  and the number of connected devices, including IoT devices.

This increase in new potential threat vectors has driven an increase in just about every form of attack, with emboldened cybercriminals launching increasingly sophisticated attacks such as zero-days and ransomware — many of which evade traditional perimeter defenses.

But despite this increase in risk, organizations are more reliant than ever on business continuity to ensure the continual availability of information and services provided across their network.

To meet these challenges, IT directors need a highly reliable next-generation firewall (NGFW) — one that can not only can scale to support millions of connections, but also scan them for threats over multi-gigabit speeds without compromising performance. It also must be cost-effective, easily manageable, and capable of handling high bandwidth and support multiple networks and clouds.

Introducing the SonicWall NSa 3700: A Generation 7 NGFW with high port density and low cost of ownership

The SonicWall Network Security Appliance (NSa) 3700 NGFW features high port density, including multiple 5 and 10 GbE ports. NSa 3700 protects mid-size networks with comprehensive integrated security services like malware analysis, encrypted traffic inspection, cloud application security and reputation services. It also supports centralized management with a truly intuitive single-user interface, significantly improving operational efficiency.

SonicWall NSa 3700 runs on the latest SonicOS 7.0.1 and includes advanced networking features such as HA/clustering, SD-WAN, dynamic routing, and virtual routing and forwarding. It combines validated security effectiveness and best-in-class price performance in a single rack unit appliance.

In short, medium enterprises can now get the performance, networking and security capabilities they need from their NGFWs without breaking the bank.

NSa 3700 Next-Generation Firewall Highlights

Appliance at a glance

The NSa 3700 is an energy-efficient, reliable appliance in a compact 1U chassis. Powered by the next-generation SonicOS 7.0.1 operating system, it is capable of processing millions of connections while delivering multi-gigabit threat prevention throughput. The following are a few high-level features that make NSa 3700 an attractive option for medium and distributed enterprises:

  • 24 x 1 GbE interfaces
  • 4 x 5 GbE interfaces
  • 6 x 10 GbE interfaces
  • 3.5 Gbps of threat prevention performance
  • 4.2 Gbps of application inspection performance
  • 2 million stateful and 750,00 DPI connections
  • 22,500 connections per second
  • Dedicated management port

Powered by the new SonicOS 7.0

The SonicWall NS3700 runs on SonicOS 7.0, a new operating system built from the ground up to deliver a modern user interface, intuitive workflows and user-first design principles. SonicOS 7.0 provides multiple features designed to facilitate enterprise-level workflows, easy configuration, and simplified and flexible management — all of which allow enterprises to improve both their security and operational efficiency.

SonicOS 7.0 features:

More details about the new SonicOS 7.0 can be found here.

NSa 3700 Deployment Options

SonicWall NSa 3700 has two main deployment options for medium and distributed enterprises:

Internet Edge Deployment

In this standard deployment option, SonicWall NSa 3700 protects private networks from malicious traffic coming from the Internet, allowing you to:

  • Deploy a proven NGFW solution with highest performance and port density (including 10 GbE connectivity) in its class
  • Gain visibility and inspect encrypted traffic, including TLS 1.3, to block evasive threats coming from the Internet — all without compromising performance
  • Protect your enterprise with integrated security, including malware analysis, cloud app security, URL filtering and reputation services

Medium and Distributed Enterprise Deployment

The SonicWall NS3700 supports SD-WAN and can be centrally managed, making it an ideal fit for medium and distributed enterprises. By leveraging NSa’s high port density, which includes 10 GbE connectivity, enterprises can support distributed branches and wide area networks. This deployment allows organizations to:

  • Provide direct, secure internet access to distributed branch offices instead of back-hauling through corporate headquarters
  • Allow distributed branch offices to securely access internal resources in corporate headquarters or in a public cloud, significantly improving application latency
  • Reduce complexity and improve operations by using a central management system, which is accessed through an intuitive, single-pane-of-glass user interface

Overall Solution Value

The new NSa 3700 offers enterprises a best-in-class next-generation firewall with high speed and port density, all at a lower total cost of ownership. With integrated security services like malware analysis, URL filtering and cloud application security, NSa 3700 delivers superb protection from advanced threats.

To learn more about the new Generation 7 NSa Series, watch the video or click here.