With the modern threat landscape growing more complex by the day, it’s imperative for organizations to spend their money on solutions that work—not just against the threats of today, but also to meet the challenges of tomorrow.
That’s why SonicWall is continuously improving its products and services, most recently with enhancements to our operating system. SonicOS 7 is at the core of all SonicWall next-generation firewalls (NGFWs), from the TZ Series to the NSsp Series — and these improvements are designed to offer the same trusted security while also integrating seamlessly with other platforms.
Here are some of the security advancements introduced with SonicOS 7.1.1:
Superior Threat Protection:
- New CFS 5.0 engine
- Advanced DNS filtering
- Virtual TPM
- Shell Revocation
- Tamper-Free Filesystem
- Hardened OS with newtoolchain
- Improved console application
- Maintenance key for bothvirtual and hardware firewalls.
Use Cases and Business Requirements:
|NAC integration, offering synergy between SonicWall and Aruba solutions and providing health posture telemetry
|Need to apply enhanced user and device context (including role, device health and more) to NGFW rules and policies for protection against unsanctioned traffic
Need to protect users on the network from threats like malware, exploits and phishing
Need to enable closed-loop attack detection via next-generation firewall and policy-based response with ClearPass
Need to block unauthorized users and devices by implementing a single policy of authorization and enforcement for users and IoT devices across wired and wireless networks, up to the application level
|Enable enterprises and educational segments to integrate with their Aruba solutions and get more value on Gen7 with health posture
|DNS security that enables blocking websites at the DNS layer without enabling TLS/SSL decryption
|Block bad websites at the DNS layer without enabling TLS decryption and adding more hits to performance
MSP – Enables DNS protection to help customers avoid malicious domains
ISP – Protects ISPs from DoS and DDoS attacks
Enterprises – Offers a faster way to protect users while not affecting end user performance
K-12 – Provides safe browsing experiences for students and staff and keeps control of what domains they are accessing
Government – Keeps the systems away from malware and bad actors
|Delivers enterprise-level security to motivate customers to transition to Gen7 seamlessly
|Stronger content filtering solution with additional categories and reputation-based filtering
|Web filtering gateways need to be told which websites are malicious or undesirable
Users could take a series of static lists of known bad URLs and IPs and join them together to try to block malicious websites. However, static lists can’t keep up with websites and IPs whose status switches from benign to malicious and back very quickly
|Improved content filtering capabilities for Gen7, resulting in fewer inaccurately rated websites/URLs
|Security improvements, virtual TPM and enhanced security
|Users need both the OS and underlying kernel to be secure
|Provides additional layer of security with improved performance
While there are many use cases for each of these enhancements, here’s a closer look at just a few:
DNS filtering – sometimes called advanced DNS Security – is the process of using the Domain Name System to block malicious websites and block risky and/or inappropriate content. This helps ensure that the organization’s data remains secure and allows them to have control over what their employees and contractors can access within and outside their network.
Let’s consider a case where an employee receives a phishing email and is tricked into clicking a malicious website link. Before the employee’s system loads the website, it sends a query to the network’s DNS resolving service, which uses DNS filtering rules. If that malicious website is on the blocklist, the DNS resolver will block the request, preventing the bad website from loading and foiling the phishing attack.
CFS 5.0 is the latest content filtering technology for SonicOS 7.1.1. It introduces reputation-based content filtering, which filters URLs by reputation and blocks certain URLs based on what the URL is known for. Reputation-based filtering allows users to visit “safe” websites that don’t pose a security risk to users or the organization while safeguarding against those that could pose a danger.
Key changes for CFS 5.0 include:
- Web category extension (64 to 93)
- Reputation-based filtering
- UI enhancements for a better user experience
- Performance improvements in the backend
NAC Integration with Aruba ClearPass:
SonicOS 7.1.1 provides restful threat API to support the integration of Aruba ClearPass with SonicWall NGFWs.
With integrated Network Access Control (NAC), ClearPass can pass security context vectors including source-ip, source-mac, user-id, user-role, domain, device-category, device-family, device-name, os-type, hostname and health-posture to SonicWall solutions to build policies for mitigation actions.
This architecture will turn static security into contextual security, providing relevant details about what is traversing across the network/environment.
Virtual TPM and underlying Kernel Security Enhancements:
With the Virtual Trusted Platform Module (vTPM) feature, users can add a TPM 2.0 virtual crypto processor to a virtual machine. A vTPM is a software-based representation of a physical Trusted Platform Module 2.0 chip. A vTPM acts as any other virtual device, helping to secure virtual machines including the SonicWall NSv Series NGFWs.
Secure with Confidence
These are just a few of the security-enhancing benefits that come with running SonicOS 7.1.1. With this update, you get all of these new features alongside Capture Advanced Threat Protection and our patented Real-Time Deep Memory Inspection (RTDMI™). SonicOS 7.1.1 provides peace of mind and confidence in your network security that you won’t get everywhere else — all at a value you can’t get anywhere else.
For a more detailed breakdown, check out our SonicOS 7.1.1 datasheet.