5 Security Tips Small Businesses Can’t Afford to Ignore

/0 Comments/in , /by

I returned to Las Vegas earlier this month to attend the Black Hat USA 2015 hacker conference where I learned about the latest and most shocking vulnerabilities discovered by security researchers from around the world. It’s fascinating to see some of the incredible security exploits being demonstrated there which I thought were possible only in sci-fi films. But that’s not the case at the Black Hat convention where top researchers revealed what was once impossible to hack is now possible. In past years researchers published their findings on how computers, mobile devices, routers, wireless access points, webcams, security systems, and smart appliances such as televisions, refrigerators, and thermostats can be made to do things that they were never designed to do once they are taken control by skilled hackers. This year, the scariest headlines focused on hacked cars and Internet of Things (IoT) devices. Just imagine hackers taking complete control of cars in the middle of a busy highway and doing the unthinkable or turning printers, VoIP phones or other office devices into transmitters broadcasting decodable radio waves to send data. Attacks this sophisticated threaten the world’s economy, our daily lives and in some case, our national security. You quickly realize that even your most concealed data and individual safety are at heightened risk in today’s digitally connected world.

If you are a small business owner, how is this relevant to you? Many of these pieces of office equipment are at the core of your daily business operations. The ugly truth is that these devices are deployed and often neglected. This makes them unsecured and targets for exploitations because they are rarely patched once they are installed. Thus, many network intrusion entry points and data breaches have been known to occur through these devices unbeknownst to the company. Just because you are a small business, you may think you’re not worth breaking into. The reality is cyber-criminals know most small businesses have poor security practices, weak network defenses and vulnerable devices which makes them easy and lucrative targets for automated attacks because they have the same valuable information (e.g. personal, customer and financial) as larger organizations. CNBC recently reported that companies with less than 250 employees accounted for almost one third of cyber-attacks in 2014. With the hacking economy valued at several billion dollars annually, it’s almost certain there are plenty of malware developers out there who are bent by greed developing new hacking techniques to make their millions at the expense of small businesses.

If you are unsure about whether or not you have implemented enough security measures to protect your small business, we recommend that you immediately boost your cyber security defense posture. SonicWall Security offers the following security tips to help enhance your chance at preventing a data breach.

  1. Enforce a privacy policy if your business collects, handles or stores sensitive data including personal and financial information about your employees or your customers, you need to establish a privacy policy to ensure their information is protected and secured in compliance with legal obligations.
  2. Conduct annual security awareness training for employees social engineering, online fraud, phishing emails, fake websites and free software downloads are successful tactics commonly used by cyber-criminals to get users to inadvertently share personal or business details on social networks and voluntarily install malicious software such as fake anti-virus or computer clean-up tools that are ultimately used for nefarious purposes. Employee awareness and recognition of common security risks when accessing the Internet are the first important steps to prevent a network breach.
  3. Control access to data implement rigorous access policies where access to specific data should be granted only to those individuals who have a specific clearance and use of that data.
  4. Establish multiple layers of security
    1. Protect endpoint devices with strong password enforcement, two-factor authentication, disk encryption, anti-virus, anti-spam and web content filtering.
    2. Control network access with secure mobile access technology to identify and stop unauthorized access attempts.
    3. Combine multiple network defense capabilities including intrusion detection, firewall, web filtering, application control, and anti-malware protection to prevent unauthorized network access and stop malicious code from infecting the network.
    4. Subscribe to around-the-clock threat counter-intelligence services to receive continuous protection against new threats that emerge.
  5. Secure your Wi-Fi network – make sure your wireless access point Service Set Identifier (SSID) name is not publically broadcasted, default password is changed and access is restricted to authorized devices and users only with preset expiration dates.

For additional information about the latest network security technology and how it can help protect your business from today’s advanced cyber-attacks, download this exclusive, “Securing Your Small Business eBook“.

Download eBook

Five Essentials for Best of Breed Next Gen Firewalls

/0 Comments/in /by

Beyond basic network firewall testing scenarios, the specialized firewall testing tools needed to accurately assess next-generation firewall (NGFW) security effective remain out of reach to any but the largest IT department budgets. Therefore, most organizations look to independent hands-on test results from respected research laboratories such as NSS Labs. NSS Labs uses a very specific testing methodology that is run on each of the NGFWs being tested. Their Next-Generation Firewall Product Analysis Report provides detailed information on how a specific firewall scored when tested in these key essential areas:

  • Security Effectiveness
  • Performance
  • Stability and Reliability
  • Management and Configuration
  • Total Cost of Ownership

Security Effectiveness

Security effectiveness verifies that the firewall being tested is capable of enforcing the security policy effectively. Security effectiveness tests include:

Firewall Policy enforcement

 Incremental tests that build configuration from simple to complex real world policy consisting of many addresses, policies, applications, inspection engines, protection from DoS attacks, IP spoofing.

Application Control

 Firewall is tested to see if it can correctly determine application regardless of ports/protocols used and enforce appropriate application policy granularity.

User/Group ID aware policies

 Correctly determine user/group from deep packet inspection and enforce policy with user awareness.

Intrusion Prevention

 Correctly block malicious traffic “out of the box” using the default policy (for this test no IPS tuning is allowed).
Evasion Decode/Block basic obfuscated exploits and provide accurate alert based on the actual attack not be fooled by the evasion technique itself.

How did SonicWall next-generation firewalls do? Passed all criteria. Noteworthy SonicWall results included a 97.9 percent exploit block rate. No NGFW tested achieved 100 percent exploit block rate due to constantly changing NSS Labs test suite. However, over the last three years SonicWall has consistently been rated in the leaders quadrant and has demonstrated consistent improved block rate year over year.

Performance

Measures how well a given NGFW performs when subjected to various traffic conditions. No two networks will have the exact same characteristics but this test does provide metrics to gauge if a given NGFW is appropriate in a given environment.

Raw Packet Processing Performance (UDP packets of various sizes are tested) Measures raw packet processing capability of each of the NGFWs in-line port pairs, packet forwarding rate is measured for highest performance /lowest latency.
Latency (packet loss/average latency) Determine the effect the NGFW has on traffic passing through it under various loads. Traffic passes through all port pairs simultaneously.
Maximum Capacity ( generates TCP session based connections and HTTP transactions) Stress the inspection engine with Multi-Gigabit “Real World” traffic generated to determine expected user response times, max connections per second, concurrent open connections, application transaction per second on a backdrop of a heavily utilized network.
HTTP Capacity ““ No Transaction Delay (uses HTTP GET request) How much HTTP traffic can be passed of varying packet sizes and various connection per second loads.
Application average response time ““ HTTP (across all in-line port pairs simultaneously) Measures average HTTP latency using various packet sizes at 90 percent of max load.
HTTP Capacity with Transaction Delay Same as above except introduces 5 second server response delay, forces a high number of open connections.
Real World Traffic (generates protocol mix usually seen by industry verticals, i.e. Financial, education, Data Center, Mobile Carrier, etc”¦ ) Same as previous test, excepts adds additional protocols and real content.

Stability and Reliability

These tests measure how well a next-generation firewall passes legitimate traffic while under attack. To pass, the NGFW must be able to block and alert on 100 percent of the attacks previously blocked while remaining operational.

Blocking under Extended Attack Measures consistency of Blocking. Sends continuous policy violations at 100Mbps over 8 hours.
Passing Legitimate Traffic Under Extended Attack Same as previous test except legitimate traffic is sent in addition. NGFW must pass all legitimate traffic.
Behavior of State Engine Under Load ( Can the NGFW preserve state across large number of connections over extended time. Must not exhaust resources allocated to state tables or “˜leak’ connections through after theoretical max concurrent connection is reached.
Protocol Fuzzing and Mutation Sends random, unexpected, or invalid data to the NGFW, verifies NGFW remains operational and detects/blocks exploit throughout the test.
Power Fail Power is turned off while passing traffic, NGFW should fail closed after power is cut.
Persistence of Data Measures if NGFW retains policy, configuration, log data when restored from power failure.

Total Cost of Ownership and Value

Measures overall costs over of deployment, maintenance and upkeep over the useful life of the product.

Product Purchase Cost of acquisition
Product Maintenance Fees paid to vendor (hardware maintenance, subscription services, etc”¦)
Installation Time required to make the NGFW operational out of the box.
Upkeep Time required to apply vendor supplied firmware, updates, patches.

How to Make Your Network Security Infrastructure Future-Ready

/0 Comments/in /by

It is clear that today’s businesses require reliable network connectivity, and access to both corporate and Internet resources. Connections to and from business units, external customers and SOHOs are all equally important to ensure continuity. Business runs all day, every day, even in off hours. Most companies run operations around the clock, seven days a week, so it is important to realize that solid business continuity strategy and redundancy technology should be considered and implemented.

To enable business productivity, Internet access must be operating and available all of the time. This is sometimes referred to five nines (99.999) uptime. Because things break, and unforeseen events do occur, we need to create an architecture that is ‘highly available’ or up as much as possible, with failures foreseen ahead of time, and the only downtime is for planned maintenance.

Redundancy means different things to different people, but to SonicWall, it means having no single (or in some cases tertiary) point of failure from Layer 2 to Layer 7.

In this exercise at SonicWall World Software User Forum, in Austin, TX, we will dive into the new Firewall Sandwich design that combines the best of breed SonicWall next-gen firewall and SonicWall Networking switch technologies. In this architecture, we will create redundancy in your core/edge network, and review how to properly design and implement this technology in case of a disaster. We will also briefly discuss the failover and failback operation, which may be needed if or when any of the components within our SonicWall solution fail.

We invite you to attend this exclusive SonicWall “How to make your network security infrastructure future-ready” technical training session. Upon completion of this course, you will have in-depth knowledge and a clear understanding of how to implement your future-proofed, network-based scale-out security layer architecture. This is a highly resilient design that offers transparent security services to augment existing security solutions, separate security functions and provides added capacity via N+1 redundancy to solve your most complex and demanding data center requirements. The SonicWall solution delivers the following benefits:

  • Scalability, add more capacity as you go reusing existing equipment
  • Redundancy and resiliency
  • In line upgrade for both firewalls and switches, no need to take a system down for maintenance
  • Single point of management for the Firewall cluster, ability to enforce policies to multiple firewall cluster blades
  • Full security services capability

I look forward to seeing you in Austin for SonicWall World Software User Forum and follow the conversation for updates on Twitter @SonicWall #DWUF and #SonicWallWorld. Register today, and take advantage of the Buy One Get One offer today. If you purchase one pass to the SonicWall World Software User Forum, we will include one additional pass at no extra cost for a colleague.

VIEW SONICWALL WORLD SOFTWARE USER FORUM AGENDA

How Next Gen Firewalls are Keeping Up with Ever Growing Pipes

/0 Comments/in /by

Scaling security devices is much more difficult than scaling routers or switches. A router acts on the destination IP lookup only, a 32 or 128 bit fixed length value, whereas a switch acts on a 48 bit fixed length MAC address, looking up on the destination MAC and adding the source MAC to a lookup table. Those values are not just fixed length, but they also appear at the same place in a data frame.

Routers and switches therefore embraced silicon very early on. Custom chips were designed that are comprised from transistors that form logic gates such as NAND or OR gates. Those logic gates are hardwired on a chip. These chips are called Application Specific Integrated Circuits – or ASIC, for short.

The logic in an ASIC used for routers and switches are hardwired, very similar to electronic components on an old TV circuit board. Unlike in an old tube TV, those ASICs process digital data. They can extract extremely fast IP and MAC addresses or perform table routing and forwarding table lookups in real time. Real time means that the time to perform a function always takes the same time, regardless of the load and run time.

There are several drawbacks with ASICs, though: First, ASICs cannot be changed once they leave the foundry. Second, there is a long lead-time to developing an ASIC. ASICs are simulated in software but can only be tested when a real sample exists. Producing samples is very costly, hence a long time is spent on testing an ASIC in software emulation before the first sample is built. This means that the technology used in an ASIC might be two or three years old before an ASIC hits production. And third, the development costs of ASICs are very high which makes them expensive for low volume production and evolutional versioning. The same ASIC generation has to be amortized over many years. The span between ASIC generations can therefore be five or more years, specifically for ASICs that are made for only one vendor’s products and sees low production count.

While this works for routing and switching that has not rudimentary changed in a decade or two, and there are still routers and switches in production today, which outlived a decade in service, this approach cannot be utilized for security where new threats appear by the minute. Threats typically do not obey fixed length requirements or are found at the same place within a data frame. RFC3514 has not been widely adopted by the BlackHat community for some reason.

The solution is to use microprocessors. Microprocessors are completely flexible and can be programmed in an instance to perform various tasks. Early firewalls started on common office technology processors, mostly Intel i386, but also PowerPC. The early days of firewalls were extensions to routers or switches. Security rules matched on source and destination IP, IP protocol ID, as well as source and destination ports for UDP and TCP protocols all fixed length values appearing at the same place within a data frame. While those general-purpose processors were programmable, they were not fast, and depending on the underlying operating system, not predictable, in terms of timing. This created substantial delays and jitter between packets. Security vendors took a hint from router and switch vendors and created ASICs to perform value extraction, table lookup, and packet switching. During the stateful inspection days, ASIC based systems have been very successful.

Stateful packet inspection (SPI) works by tracking TCP connection state between a client and a server socket. A socket is the combination of an IP protocol and a port. The two most common protocols are stateless UDP and stateful TCP. Stateful inspection was controlling access between sockets – that means access between clients and server applications. The problem with stateful packet filters these days is that traffic uses few sockets and that clients need access to many more servers. Other applications such as peer-to-peer (P2P) file sharing can use any socket. For instance, an internal client does almost all connections on HTTP and HTTPS and needs access to the entire Internet. In addition, a malicious attack can come over a legitimate connection, e.g. browsing a reputable news site that has a banner ad with malicious code embedded.

Deep packet inspection (DPI) inspects the actual data stream that flows between a client and a server. DPI can identify the application independent of sockets, and can look within the data stream for malicious code, or categorize applications and content. Whereas DPI was originally an add on to SPI, these days it replaced SPI as SPI is no longer effective in stopping threats, or controlling traffic flows. The term Next-Generation Firewall in NGFW implies DPI functionality. This includes common services such as user, application, and content identification, as well as intrusion prevention, gateway antivirus, geo fencing, botnet detection, bandwidth controls, and such. Also today, SSL client decryption is more and more important to be able to look into the payload of the data stream. After the recent website disclosures, we have seen a steady trend of more encryption that according to some predictions might reach two thirds of all sites by the end of next year.

DPI inspection cannot easily be done in silicon, or in other words few sub-functions could be done in hardware. DPI systems often apply hardware coprocessors that do cryptography, pattern matches, table look-ups, and framing. Vendor specific custom ASIC’s are less common today due to the cost of development. Sometimes Field Programmable Arrays (FPGAs) are utilized instead since their development cycle is low, but performance is significantly lower than that of an ASIC system, and there is little benefit to modern multicore processors. Another strategy by vendors that are locked into ASICs, is adding a microprocessor core to their legacy silicon. Performance of those afterthoughts is poor.

To summarize: Stateful inspection is no longer effective in protecting a network. DPI only benefits for some repetitive sub-functions from ASICs, but custom ASIC development is expensive with multi-year amortization cycles. On the other hand, office computer and server processors are too slow for scaling DPI beyond a few Gbps. They are also expensive and consume a lot of power, which means they cannot be packaged very densely, limiting the maximum throughput of the system.

SonicWall solved this problem by creating a security platform that is free from legacy. It is not based on custom ASICs, but uses high volume ASIC functions, that does not use power hungry and expensive microprocessors, but uses large clusters of processors more commonly found in low power applications such as smart phones. This permits a high packaging density of massive parallel processing, both in general microprocessors as well as ASIC coprocessors, utilized for signature match, table lookup, cryptography, framing, hashing, and switching.

SonicWall utilizes Cavium’s Octeon systems-on-a-chip (SoC) with up to 32 individual MIPS64 cores. Multiple SoC systems can be combined. Systems can have up to eight processing blades with one Octeon processor each within the same small two or three RU hardware enclosure. Enclosures can be deployed individually, as A/P HA pairs, or clustered up in a security fabric with a combined 2048 cores and DPI throughput of over 300 Gbps.

A single pass security engine, Reassembly Free Deep Packet Inspection (RFDPI), for which SonicWall got a patent awarded, brings this streamlined hardware with massive processing ability to life. RFDPI processes from SonicWalls around the world share intelligence with each other, over 2,000,000 devices today, enabled by the SonicWall GRID cloud. The GRID also offers cloud services such as sandboxing an access to a signature base of over 21,000,000 signatures, growing: 40,000 new malware samples are analyzed every day.

The philosophy behind SonicWall is to offer price effective massive parallel processing power that is highly scalable, and enable it with sophisticated on-board software that is connected via the cloud.

download report

How We Built a Self Healing Double Ring Helix w SonicWall Next Gen Firewalls

/0 Comments/in /by

In this guest post, our customers Kelley Parkes, Director of Technical Operations (on the right) and Dave Rupert, Systems Engineer (on the left) at First Source, describes how their company built a site-to-site VPN with SonicWall NSAs and TZs to enable secure collaboration and failover protection to sites spread across the country.

When your company grows by acquisition, the way ours does, your IT group has to run fast and hard just to keep up with more users, more sites, more remote connections and a secure perimeter that keeps expanding.

We’ve recently switched from keeping-up mode to being ahead of the curve thanks to a combination of our own internal expertise,  SonicWall next-generation firewalls and implementation help from Cerdant. I figured a lot of the people following Tech Center are in the same boat, so I asked SonicWall to let me share what we’re doing.

An expanding security perimeter

Our company is a nationwide distributor of specialty foods and confections from manufacturers like Godiva, Ghirardelli and Lindt. When you buy candy at Walmart, Cracker Barrel and Bed Bath & Beyond, chances are it comes from First Source.

We started out with sites in Virginia and Tennessee. We merged with a company in Buffalo, New York, and then we acquired a California location. Now we cover the entire country with around 500 employees in four main warehouses, two remote warehouses, one retail store and our data center. That means that our security perimeter covers eight locations from one coast to the other.

We had been using the ZyXEL 35, which has a very simple firewall application. However, when we looked at the roadmap of functions we wanted to offer the business, we knew the ZyXEL wouldn’t handle enough of them:

  • Remote computing “” We had no secure VPN for remote users. We used simple port forwarding over the ZyXEL firewall to give users remote desktop access. That offered some security, but nothing near the encryption level we wanted from a secure VPN.
  • Protection beyond the perimeter “” There was no mobile security for users connecting on BYO devices outside of our perimeter.
  • Quality of service for VoIP “” We plan a move to voice over IP soon, so besides network security we needed the ability to carve out QoS for that.
  • Content filtering “” We wanted the ability to block access to sites that waste time and devour bandwidth. Even more important for PCI compliance, we needed to be able to check any personally identifiable information or outgoing data that looks like a credit card number or a Social Security number.

And then strategically, we wanted everybody to be able to collaborate across the same network. For all of these reasons, we decided to build out a site-to-site VPN.

How to build a resilient, site-to-site VPN

We knew we were going to upgrade from the ZyXEL, so we looked at products from vendors like Cisco and Barracuda. We ended up selecting  SonicWall NSA and TZ Series next-gen firewalls, mostly because of their secure VPN, which would make it easier for all of us to log in remotely anytime from anywhere and access in-house files, applications and printers. The support team at SonicWall pointed me to Cerdant and we chose them as our implementation partner.

Cerdant is dedicated to SonicWall operation and applications, and they’ve given us good ideas based on our needs. The hardware inventory for our site-to-site VPN goes like this:

  • NSA 4500 in Virginia
  • NSA 3500 in Tennessee
  • NSA 3600s in California and New York
  • TZ 205s in each of the remote warehouses locations, at our retail store and at the data center

All of our SonicWall firewalls are connected by MPLS and business-class high-speed internet circuits. We’ve used them to create a primary, internal, closed-loop network over dedicated, fiber-optic MPLS lines (10 Mbps), which cost about $1,500 per month per site on average. We lease a secondary loop over standard ISP circuits (100 Mbps down, 20 Mbps up) for about $350 a month. (The retail store connects through its local cable provider for about $75 a month.) The secondary is a fallback loop in case the MPLS connection drops for a few minutes or a few hours.

The best part is that the SonicWall firewalls can use a probe to detect when the primary connection goes down and can automatically failover to the secondary loop. In fact, I can think of three or four times in the last year that the MPLS loop has dropped for anywhere from ten to 40 minutes and we’ve flipped over to that secondary network of internet connections.

Cerdant has been a great partner for us. They’ve automated the SonicWall firewalls to fail over from the primary to the secondary loop, and then back to the primary after our carrier has restored the MPLS connection.

As I mentioned, we went with SonicWall firewalls mostly because of the secure VPN. I’m very glad we’ve also gotten a self-healing, double-loop network in the bargain.

Saved about $20,000 on hardware alone

We’ve seen other big advantages to deploying SonicWall throughout the company “” operational, IT and financial advantages.

On the operations side, it’s been much easier to support our service level agreement, which is our commitment to users that we’ll keep our systems up and running. With the double-loop network, we don’t lose connectivity between locations, so we have full business continuity in the event our network fails.

From an IT perspective, we’ve gotten so much more than just firewall hardware. We reap the benefits of SonicWall features like deep packet inspection, gateway antivirus, anti-spyware, bandwidth management, content filtering and secure VPN, as well as SonicWall’s continuous threat research.

Financially, we’ve saved $5,000 to $6,000 per location on load balancing equipment. Our self-healing, double-loop network configuration required load and link balancers, and we get those functions from the SonicWall firewalls, in addition to all of the firewall security features they offer. That has saved us at least $20,000 in building out our network.

Your turn

When I first started this project, I researched several forums and saw other sys admins and IT managers trying to figure out how to connect multiple sites and asking questions about failover protection and the best type of connectivity. I could see that many of my counterparts aren’t happy with what they have in place. We’re very pleased with what we’ve implemented with SonicWall and Cerdant, and I wanted to describe it as a viable option for configuring a resilient network.

How do you connect your remote locations? What site-to-site VPN configuration works for you? Let me know in the comments below.

How to Boost your Agility with End-to-End IT Security

/0 Comments/in /by

It has been almost impossible to escape the news around high profile security breaches over the past couple of years. The world’s biggest brands are under attack by organized and heavily funded cyber-criminal organizations, and it seems as though they are losing the battle. SonicWall Security has written blogs about new, innovative, and highly effective methods of attacking due to compromised websites, memory scraping, attacks leveraging email and more. According to the recently published 2015 SonicWall Security Threat Report, the number of new point-of-sale countermeasures put in place in 2014 was 3X greater than the previous year. IT security professionals are under intense pressure to ensure that the risk profile of the organization is minimized, and the rapidly evolving threat landscape dramatically complicates this situation. The 2015 SonicWall Global Technology Adoption Index shows that IT decision makers consider security the biggest barrier to expanding mobile technologies, using cloud computing and leveraging big data. At SonicWall, we want security to be an enabler of agility, not a barrier.

But, the reality is that current approaches to security just aren’t working. Organizations simply cannot continue to spend more money buying the latest technology in an attempt to patch and cobble their way to a secure organization. Each solution that is purchased creates a learning curve for IT, adds to the complexity of the infrastructure, and opens up potential gaps in coverage that attackers are able to exploit. I believe that it is the security industry’s fundamental responsibility to develop solutions that close these gaps. By designing end-to-end solutions that automate the complicated parts of security, we are able to make it much easier for our customers to ensure that the organization is protected against the latest evolving threats.

At SonicWall, we call this connected security, and this is a major initiative that drives interaction between our product groups. As an example, last year we rolled out firewall-enforced file encryption. SonicWall Data Protection and Encryption (DDPE) is an application that provides file encryption and is offered as an option on business-class PCs that we sell. Encryption is a fantastic security tool and in the future we expect to see more and more encryption being used, not only on data at rest on computers but also for data in-flight on the Internet. However like many security measures, encryption is only useful if it is turned on, and the risk to the organization if it isn’t turned on is too great to ignore. So, we developed a solution for customers who use both SonicWall encryption and SonicWall firewalls. With a simple checkbox in the SonicWall firewall user interface, IT can turn on enforcement of DDPE clients. This means that the firewall automatically checks communications from any computers either on the internal network or trying to access the network remotely for VPN. If the DDPE encryption application isn’t present, the user will not be allowed to send files into or out of the organization. And, they are automatically redirected to a download server to obtain the DDPE software. So, risk is minimized because encryption is enforced. And IT is now enabling the organization instead of hindering the ability to make progress. This is just one example of how end-to-end security makes your organization agile.

We believe that if we can take care of the heavy lifting in security, our customers will be able to focus on their core business, or those things which make them profitable. By architecting our solutions to work together, we can help minimize the risk profile and ultimately turn security from a barrier into an enabler, allowing our customers to be ready for whatever the future holds. To learn more about leveraging IT security to help your organization succeed, download the tech brief titled “The AAA approach to network security”.

Is Your IT Security Strategy Aligned with Your Business Requirements

/0 Comments/in /by

Triple-A ratings are normally associated with chief financial officers keeping a tab on John Moody’s bond credit rating. In the world of IT however, how can a chief information officer or information technology decision maker (ITDM) rate the efficiency of an IT security implementation?

IT security is one of the main concerns for ITDMs with attacks such as Venom, Shellshock or Heartbleed and others affecting organizations globally. Therefore ITDMs are taking steps to protect the corporate network from threats of all sizes. However, as it stands security is still at risk from internal and external stand point.

How can ITDMs know when they have reached a level of security that will protect from cyber-attacks while still empowering employees to do their job better? A comprehensive security approach should encompass three factors, it should be adaptive to threats, business requirements and also the ever evolving use of the internet within the corporate network, have adapted to meet the specific requirements of an organization and have been adopted fully by end users.

These factors can be summarized as a Triple A security approach, that could help you with your overall security posture and grant your organization a Triple A security rating.

Adaptive:

IT infrastructures are constantly changing. In the past we had static IT infrastructures, however, we are moving towards a world of convergence. Therefore, security infrastructures need to adapt in order to be effective. An adaptive security architecture should be preventative, detective, retrospective and predictive. In addition, a rounded security approach should be context-aware.

Gartner has outlined the top six trends driving the need for adaptive, context-aware security infrastructures: mobilization, externalization and collaboration, virtualization, cloud computing, consumerization and the industrialization of hackers.

The premise of the argument for adaptive, context-aware security is that all security decisions should be based on information from multiple sources.

Adapted:

No two organizations are the same, so why should security implementations be? Security solutions need flexibility to meet the specific business requirements of an organization. Yet despite spending more than ever to protect our systems and comply with internal and regulatory requirements, something is always falling through the cracks. There are dozens of “best-of-breed” solutions addressing narrow aspects of security. Each solution requires a single specialist to manage and leaves gaping holes between them. Patchwork solutions that combine products from multiple vendors inevitably lead to the blame game.

There are monolithic security frameworks that attempt to address every aspect of security in one single solution, but they are inflexible and extremely expensive to administer and organizations often find that they become too costly to run. They are also completely divorced from the business objectives of the organizations they’re designed to support.

Instead organizations should approach security based on simplicity, efficiency, and connectivity as these principals tie together the splintered aspects of IT security into one, integrated solution, capable of sharing insights across the organization.

This type of security solution ensures that the security approach has adapted to meet the specific requirements and business objectives of an organization, rather than taking a one size fits all approach.

Adopted:

Another essential aspect to any security approach is ensuring that employees understand and adopt security policies. IT and security infrastructure are there to support business growth, a great example of this is how IT enables employees to be mobile, therefore increasing productivity. However, at the same time it is vital that employees adhere to security policies and access data and business applications in the correct manner or else mobility and other policies designed to support business growth, in fact become a security risk and could actually damage the business.

All too often people think security tools hamper employee productivity and impact business processes. In the real world, if users don’t like the way a system works and they perceive it as getting in the way of productivity, they will not use it and hence the business value of having the system is gone, not to mention the security protection. We have solutions that allow for productivity and security.

“We have tight control over the network nowadays and can manage bandwidth per application using the firewall. The beauty of our SonicWall solution is that we can use it to create better store environments for our customers.” Joan Taribó, Operations and IT Manager, Benetton Spain.

By providing employees with training and guides around cyber security, this should lead to them being fully adopted and the IT department should notice a drop in the number of security risks from employee activity.

Triple A

If your overall security policy is able to tick all of the three A’s, then you have a very high level of security, however, the checks are not something that you can do just once. To protect against threats, it is advisable to run through this quick checklist on a regular basis to ensure that a maximum security level is achieved and maintained at all times. It is also important to ensure that any security solutions implemented allows your organization to grow on demand; as SonicWall says: Better Security, Better Business.

DOWNLOAD WHITE PAPER

A Giant Step Forward for Small Business with New SonicWall TZ

/0 Comments/in , /by

Security has not kept up with the improvements in delivery and pricing of broadband speeds. This is especially true with smaller organizations. When these smaller organizations are compromised, they often go out of business.

Larger organizations are also at risk: just look at the news. I keep thinking back to a June 11, 2014 article in USA Today asks, “Is insecurity the new normal?” The article goes on to say that what once captured big headlines has become commonplace. With no end in sight to curtailing the growth of cybercrime, attacks have become chronic. Verizon’s 2014 Data Breach Investigations Report shows a continued upswing in cyber-attacks. Here we are well into 2015 and the wave of breaches continues on. Our goal is to keep networks secure and stay ahead of threats.

Today at Interop in Las Vegas, we announced five new products that can help the distributed enterprises and small and medium business stay ahead of cyber criminals. The new  SonicWall TZ Series of products offers market leading solutions at prices that can fit into tights budgets. The five new firewalls are the SonicWall SOHO, SonicWall TZ300, SonicWall TZ400, SonicWall TZ500 and SonicWall TZ600.

With the SOHO, we are again recognizing that the small office needs to be part of a better security perimeter. The TZ300 and TZ400 are outstanding solutions for the smaller office, whether it is a small business or retail environment. With the TZ500 and TZ600, you get a product that can scale as you grow. The products have the flexibility to meet the special needs of the distributed environment. A SonicWall firewall at the home office with GMS software will allow a centrally managed system to ensure common protection across all locations.

More than ever, small businesses can afford the same security as their larger counterparts. The TZ series recognizes the need to match faster internet connections with security performance that delivers enterprise level security effectiveness. Meeting protection and performance requirements for our customers leads the reason for this refresh.

These are not just about award winning products, but part of SonicWall’s recognition that better security means better business to deliver award winning solutions from the best security team in the industry. With customers who use our new TZ products, you get enterprise grade protection at a price you can afford. With these new products we respond to the dual needs of our customer performance and protection. All of the new SonicWall TZ Series products show exceptional performance and capabilities. In our 2015 SoincWall Security Annual Threat report, we saw a 100 percent spike in growth encrypted SSL traffic. With the TZ300, TZ400, TZ500 and TZ600, the ability to inspect encrypted SSL files will be included in our TotalSecure offer.

For all our products, our design goal is to provide products that inspect the whole file. Unlike our competitors who can only maintain performance by inspecting a limited number of ports, file sizes or protocols like SSL, SonicWall products protect you by not cutting corners with security.

Building a strong security perimeter needs to extend beyond the home office to include branch offices and retail sites. The SonicWall TZ series is part of a tightly coupled security solution when combined with GMS for management and 802.11ac SonicPoints. We offer products at price points that provide any value conscious organization the same level of security effectiveness found in our enterprise products. As you grow, and cybercriminals continue to attack, customers and suppliers rely on  SonicWall to be the strongest link in the security chain protecting from unwanted intrusions, corrupt websites, and hidden malware.

Our products are better: All of our products share the same security engine that earned SonicWall SuperMassive E10800 a recommended rating by NSS Labs.

Our products are faster: Our new products increases both the core count and core speed to further enhance Deep Packet inspection performance without compromising network throughput. Coupled with our new 802.11ac SonicPoints, your wireless communication can reach wired speeds.

Our products continue to be affordable solutions for any size business. Our bundle pricing is an affordable path to broad protection that can be renewed at very affordable rates.

SonicWall has a reputation for providing solutions to meet the needs of any size of business. The new TZ product line joins the NSA and SuperMassive product lines to give any organization, be it a business, a school, a hospital or a government agency state of the art tools to solve their network security needs. As part of the broad SoincWall Security solution that includes identity and access management, patch management and encryption.

Beyond launching new firewalls, SoincWall’s commitment to provide solutions will allow your business to thrive and grow by taking advantage of all the power the internet has to offer with the confidence that you are protected by SoincWall Security.

If you are planning to be at Interop, come visit SoincWall Security at booth 1827. Follow SonicWall Security on twitter @SoincWallSecurity.

SonicWall WXA 1.3 with Clustering for WAN Acceleration (WXA) Series Optimizes Bandwidth Utilization

/0 Comments/in /by

There’s been talk in the U.S. recently about increasing broadband speeds which is good news for many.

“As consumers adopt and demand more from their platforms and devices, the need for broadband will increase,” FCC Commissioner Mignon Clyburn recently said when the agency voted to change the definition of broadband. “What is crystal clear to me is that the broadband speeds of yesteryear are woefully inadequate today and beyond.”

Businesses in particular stand to benefit as the use of bandwidth-intensive applications such as file sharing, collaboration apps and social media by employees continues to grow. The end goal for any business, of course, is to be more profitable and one of the ways to do that is to improve the productivity of its workforce.

Purchasing more bandwidth is one way to help your employees be more productive if they’re feeling bogged down by slow network performance. Efficiently using what already have though may be a better, and less costly, solution. That’s where wide area network (WAN) acceleration can help.

WAN acceleration optimizes the utilization of available bandwidth by transmitting only new or changed data between sites over the internet. Eliminating redundancy cuts down the traffic volume which helps reduce the latency we’ve all experienced. It’s not just about the data however. Accessing an application that sits at the corporate headquarters from a remote site over the WAN can be a torturous experience at the best of times. When bandwidth is throttled due to an overabundance of traffic on the network, everything slows down and you end up with an unhappy and unproductive employee.

The  SonicWall WAN Acceleration Appliance (WXA) Series is a proven solution that enhances the user experience and improves productivity for employees at remote and branch sites.

Today we are releasing version 1.3 which includes a new clustering feature for the SonicWall WXA 4000, WXA 5000 and WXA 6000.

Clustering provides scalability for growing organizations by enabling you to link together multiple WXA products at each location to add more users and connections. Another nice feature of the WXA Series is that it’s an integrated add-on to  SonicWall next-generation firewalls. This means you get not only better WAN application performance, but also the added benefit of comprehensive scanning for intrusions and malware before the traffic is accelerated across the WAN or a VPN. The WXA Series is available in a variety of platform options including both hardware and virtual appliances as well as software. To learn more about WAN acceleration and the SonicWall WXA Series, visit our website. Our customers have gained significant speed with our solutions.