WireGuard – A Modern-Day VPN Protocol

/0 Comments/in /by

VPN protocols have been around for decades now; over 20 years when you consider IPsec and OpenVPN. But now there’s a new VPN protocol that’s lightweight, super fast and highly secure. It’s called WireGuard, and there are several reasons you’ll want to consider this modern VPN protocol.

WireGuard: The Newest VPN Protocol

WireGuard is still very nascent and hasn’t yet endured the stress testing that time provides. Nonetheless, WireGuard has already proved itself worthy. It was integrated into the Linux kernel in 2020 and the Windows kernel in 2021, and since that time, WireGuard has performed impressively and shown no signs of any security weaknesses.

This modern VPN protocol uses the latest in cryptography, including Noise Protocol key exchange, Poly1305 authentication and the latest encryption ciphers like ChaCha20. Moreover, WireGuard abandons TCP tunneling in favor of the UDP protocol for fast, stateless connections (more on this later) and also makes no bones about the fact that UDP is easily intercepted.

On their site, WireGuard indicates the protocol is designed for “solid crypto” and is not geared for obfuscation. This is an important distinction: WireGuard contends that their VPN protocol is focused on encryption, and that it’s up to you to add additional controls for privacy — something they contend should happen a layer above WireGuard.

WireGuard Works Great with Mobile

WireGuard has several features that make it unique. As mentioned previously, WireGuard makes a radical departure from TCP tunneling in favor of UDP for better performance. The gains are seen not only with lightning-fast network speeds, but with better performance when it comes to mobile connectivity. TCP-based tunnels struggle and sometimes even disconnect when users regularly move between networks; this is due to the stateful nature of these protocols as they maintain active connections. WireGuard is superior because its stateless nature (UDP) makes it capable of dealing with regular network changes, and thus more reliable.

Mobile connectivity is a major consideration due to the growing number of remote, hybrid and flexible work environments. There’s a large percentage of employees who are using mobile devices — whether BYOD or managed — and that number will continue to grow. As a result, it’s prudent for any organization to support the most widely used platforms and devices, including Windows, macOS, Android and iOS.

WireGuard is cross-platform and supports iOS — which, in my opinion, is a critical device platform to support. A VPN infrastructure that does not support iOS is probably not a modern-day remote networking solution.

Wait, there’s more…

The WireGuard protocol has several advantages that make it worthy of consideration:

  1. The codebase is small compared to legacy VPN protocols, which can exceed hundreds of thousands of lines of code (LOC). WireGuard sports around six thousand LOC, which makes auditing and maintenance a breeze. Additionally, the smaller footprint reduces the opportunities for hackers to exploit.
  2. The protocol is open source, making it less susceptible to vulnerabilities going unchecked. Reviews for readiness, benchmarking and assurance have been and continue to be carried out by professional researchers as well as the private sector.
  3. The lightweight design and reliance on UDP deliver faster throughput speeds and reduced latency when compared to any other VPN protocols.
  4. As WireGuard is stateless, active connections are not maintained. This prevents eavesdropping on the connection link and provides superior mobile device connectivity and reliability.
  5. Strict crypto settings make for easy implementation and remove the risk associated with complicated configuration settings, which can end up disrupting traffic and, ultimately, productivity.
  6. Auto-updating code! If a flaw is found in any cipher, all endpoints are forced to update to a new version ASAP.
  7. WireGuard supports iOS — a major platform for the modern work environment!

Not Without Limitations

WireGuard has its share of disadvantages and challenges, to be sure. In its current, out-of-the-box setup, the default state stores your IP address. This makes your server identifiable, a big no-no when it comes to no-log or “logless” VPN services.

As mentioned before, WireGuard is not about privacy or obfuscation, and is therefore also vulnerable to censorship. Layers of obfuscation must be built on top of WireGuard to provide better privacy. The good news is that WireGuard is already offered by several VPN vendors and service providers who have solved the zero-log-keeping policy and have built the layers of obfuscation necessary for privacy compliance.

All things considered, WireGuard has delivered on its core mission of “solid crypto” and does so at blazing speeds. With its excellent data encryption security, solid connectivity across all platforms including mobile (iOS can’t be overlooked), and super-fast speeds, WireGuard is a worthy modern-day VPN protocol.

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference

/0 Comments/in /by

It was my privilege to address esteemed members and stakeholders in the education sector on behalf of main sponsor SonicWall at the recent Schoolscape IT 2022 conference.

An event highlighting how technology can integrate into the classroom of the future, Schoolscape IT 2022 took place in Cape Town and Johannesburg. With more than 120 schools and 250 attendees, it was an opportune moment to talk about cybersecurity and its role in building safer educational institutions for students and teachers alike.

Over the last few years, it has become apparent that countries in the Middle East and Africa are more susceptible to ransomware and network attacks. And that’s no less true for their schools and universities.

In a post-pandemic world that is increasingly online, risk has escalated along with the explosion of exposure points and the growth of remote/mobile workers. Securing this cybersecurity reality can be cost-prohibitive, and the acute shortage of trained personnel doesn’t help any. With resources so constrained, it can be hard to keep up with the challenges of today.

How Boundless Cybersecurity Protects Networks at a Lower TCO

The mid-year update to the 2022 SonicWall Cyber Threat Report noted an 11% increase in global malware, a 77% spike in IoT malware and a 132% rise in encrypted threats over the course of 2021. As attacks become more plentiful, sophisticated and complex, so should solutions. Instead of relying on reactive solutions, SonicWall’s boundless cybersecurity is the need of the hour.

Boundless Cybersecurity provides many features that ensure educational institutions are providing safe education, including:

  • Data-centric security posture
  • Always on, always learning software
  • Secure remote and mobile workforce
  • Aware of current and emerging attack vectors and threat sophistication
  • Protecting against the most evasive threats

How SonicWall Facilitates Secure Learning

Secure learning is essential for the safety of schools and students, whether they are in class or studying remotely. SonicWall offers real-time breach prevention and secure access to resources from anywhere, from any device, at any time, using solutions that deliver protection in the network, in the cloud and at the endpoint.

SonicWall's exclusive threat data shows nearly across-the-board increases in threat volume

Later in the event, Ziyad Ashour offered valuable insight into edtech that keeps learners safe. Mr. Ashour, who is the head of ICT for Al Dhafra Private Schools, Abu Dhabi, UAE, talked about how his schools suffered during the pandemic because they were unable to deal with the sudden increase in online traffic and the resulting security threats. He explained how SonicWall was able to provide cybersecurity that safeguarded their school and addressed their specific needs.

SonicWall’s very own Ashley Lawrence (Regional Sales Senior Manager – Sub-Saharan Africa), also spoke at the event, offering a quick intro to the company and the many solutions we provide to our 28,000+ channel partners.

Among the several case studies presented was that of Amanzimtoti High School in South Africa  — a stellar example of how a public school can transform its basic, open network into a secure and powerful tool for both students and teachers. The school used the TZ 600 next-generation firewall, which allowed them to create two separate networks, one for students and the other for teachers.

We also presented the success stories of Johannesburg’s McAuley House School and Pridwin Preparatory School, where SonicWall solutions were deployed to prevent ransomware and help increase remote access for staff, respectively.

With the successful completion of the Schoolscape IT conference 2022, we look forward to next year, where we can continue the important conversation of safe and secure education.

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection

/0 Comments/in , /by

Recent ICSA testing has proven that nothing beats the combination of a NSa Series NGFW and Capture ATP. And to celebrate our latest perfect score, we’re offering you the perfect chance to score major savings on this unstoppable duo, with the return of SonicWall’s ‘3 & Free’ promotion.

For a limited time, when you purchase an NSa 2700 or NSa 3700 High Availability firewall with three years of advanced licensing, you’ll receive the primary unit with stateful license absolutely free.

Why ‘3 & Free’ is the Best Deal of the Season

“The return of our popular 3 & Free promo offers anyone waiting for a good opportunity to upgrade or replace their old firewall a chance to do so at tremendous savings,” said Jason Carter, SonicWall Executive Vice President, Americas Channels & Global Renewals. “You’ll enjoy SonicWall’s industry-leading threat capabilities, simplified management and unprecedented performance. And with the addition of a second unit, you also get the assurance of a reliable, continuous connection, all at no extra cost.”

Taking advantage of the 3 & Free promotion couldn’t be simpler: When a customer purchases an NSa 2700 or NSa 3700 High Availability appliance and three years of Advanced Protection Services Suite, they’ll also get the primary NSa 2700 or NSa 3700 NGFW and a stateful HA Upgrade Service License free.

Best of all, this promotion is for every SonicWall upgrade that qualifies. You don’t have to be a current SonicWall customer to take advantage of the savings: If you make the switch from a competing product, you’ll enjoy the same great deal.

What Sets the NSa 2700 and NSa 3700 Apart

The SonicWall NSa Series is one of the best mid-range firewalls on the market. It offers superior performance to SMBs and branches, and it’s powered by SonicOS7 — which has been redeveloped from the ground up to be more agile, flexible and user-friendly than any of its predecessors.

Not sure which firewall is right for you? Here’s a closer look at the specifics:

The NSa 2700 and NSa 3700 are both great for small businesses, medium-sized businesses and branch offices. Here's a closer look at the stats for both.

In addition to the superior threat protection provided by the NSa Series, with the purchase of three years of SonicWall Advanced Protection Services Suite, you also get access to Capture ATP with RTDMI™ (Real-Time Deep Memory Inspection™).

Capture ATP is a cloud-based, multi-engine sandbox that can detect and block the most advanced threats before they have the chance to infect your network.

Included as part of Capture ATP, our patented RTDMI™ technology leverages proprietary memory inspection, CPU instruction tracking and machine learning capabilities to become increasingly efficient at recognizing and mitigating never-before-seen attacks. This includes attacks that traditional sandboxes will likely miss, such as threats that don’t exhibit any malicious behavior and hide their weaponry via encryption.

How the NSa Series Stacks Up to the Competition

When compared with other firewalls in its class, the NSa Series with Advanced Protection Services Suite repeatedly comes out on top.

For the past seven quarters, SonicWall has submitted a NSa Series NGFW with Capture ATP and RTDMI™ for independent, third-party ICSA testing. And for the past seven consecutive quarters — over 223 days of continuous testing, consisting of 9,071 test runs — SonicWall Capture ATP found all 4,251 malicious samples, the majority of which were four hours old or less. And over this entire stretch, the solution only misidentified a single one of the 4,820 innocuous apps scattered throughout.

SonicWall has now earned more perfect scores — and more back-to-back perfect scores — than any other active vendor, with a streak of 100% threat detection scores going back to January 2021 and 11 total certifications in all.

But since threat detection is only part of the picture, SonicWall occasionally performs more thorough market comparisons to evaluate its position on factors such as total cost of ownership, performance and more.

NSa 2700 Firewall vs. Fortinet FG 100F

SonicWall also commissioned Tolly Group to perform an in-depth comparison of the SonicWall NSa 2700 and the Fortinet FG 100F, both with equivalent security services and configured in HA mode. In this evaluation, SonicWall NSa Series came out on top as well: In its report, Tolly Group noted that the SonicWall solution had a significantly lower 3-year TCO.

When Tolly Group compared the SonicWall NSa 2700 with the Fortinet FG100F, SonicWall had a much lower cost per Gbps of threat protection.

This was due to several factors, chief among them the fact that SonicWall only charges for licensing the primary unit in a High Availability deployment. Given that the SonicWall NSa 2700 offers 3 Gbps to the FG100’s 1 Gbps, the Fortinet solution had a cost per Gbps of traffic protected that was 4.5 times that of the SonicWall solution. (Keep in mind that this value comparison used regular SonicWall pricing: Those taking advantage of the 3 & Free promotion will see even greater savings.)

The report also noted that in NetSecOpen testing, the NSa 2700 had an overall block rate of 99.43%, compared with 93.98% for the Fortinet appliance — yet another confirmation of SonicWall’s superior threat-blocking capabilities.

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security

/0 Comments/in , /by

SonicWall is thrilled to share that CRN has chosen SonicWall’s Network Security Appliance (NSa) 5700 Next Generation Firewall as a winner for the 2022 CRN Tech Innovator Awards in the Security – Enterprise Network Security category.

This annual award program celebrates innovative vendors in the IT channel across 38 different technology categories, in critical business areas ranging from cloud to storage to networking to security. The selection process for this year’s winners was overseen by a panel of CRN editors and is based on a review of  hundreds of vendor products using multiple criteria. These include key capabilities, uniqueness, technological ingenuity, and best fit with customer and solution provider needs.

“The growing volume of ransomware attacks has the enterprise moving quickly to evaluate their mitigation capabilities and strengthen their security postures,” said SonicWall CEO and President Bob VanKirk. “We consistently see high-profile, highly publicized cyber-attacks. SonicWall is there to help deliver solutions that are cost-effective with high security efficacy for organizations both large and small. We’re grateful to be recognized by CRN as offering the best Enterprise Network Security solution available.”

SonicWall Generation 7 Network Security Appliance next-generation firewalls offers enterprise-leading performance at the lowest total cost of ownership. With comprehensive security features such as intrusion prevention, VPN, application control, malware analysis, URL filtering, DNS Security, Geo-IP and Bot-net services, it protects the perimeter from advanced threats without becoming a bottleneck. The Gen 7 NSa Series has been built from the ground up with the latest hardware components, all designed to deliver multi-gigabit threat prevention throughput – even for encrypted traffic.

“Our CRN Tech Innovator Awards recognize those technology vendors that are making the biggest impacts in digital transformation for solutions providers with unique, cutting-edge products and services,” said Blaine Raddon, CEO of The Channel Company. “It is my pleasure to congratulate each and every one of our 2022 CRN Tech Innovator Award winners. We’re delighted to recognize these best-in-class vendors that are driving transformation and innovation in the IT space.”

The Tech Innovator Awards will be featured in the December issue of CRN and can be viewed online at crn.com/techinnovators.

A New Era of Partnering to Win

/0 Comments/in /by

SonicWall Partners are at the core of our success. We’re continually improving products, services, support, and brand awareness.

After a couple of months now as President and CEO of SonicWall, I’ve had a chance to begin focusing on the core objectives that will continue to drive the company going forward. A primary focus of mine will be staying better aligned with you, our trusted partners. To that end, I’d like to offer the first of many updates on how we’re doing as a company, what to expect in the future, and how we’re tracking on goals we’ve set for ourselves.

Where We Are and Where We’re Going

SonicWall is in the midst of historic growth: We’ve experienced five consecutive quarters of double-digit growth, with both top- and bottom-line performance at or near historic highs.

At the core of our successes are the key contributions from our partner community. We’re seeing strong bid performance globally, with record levels of Deal Registration Create, Deal Registration Close, In-Quarter Create and In-Quarter Close. We’re unbelievably thankful for your incredible performance and continued dedication.

We continue to see growth in the SMB market, which aligns to our strategy of building on our leadership there. We’re also continuing our expansion into the enterprise market, with strong growth in 2022. Much of this increase is due to the tremendous success of our enterprise-class NSsp next-generation firewall. We’re now coming off our highest-performing quarter of all time for our NSsp firewalls.

The growth of NSsp and other offerings has been bolstered by the strength of SonicWall’s supply chain. In 2020, long before any wide-scale supply-chain disruption had occurred, SonicWall had begun modifying its products, revisiting internal processes and changing the way we work with suppliers.

This has allowed us to have product in stock when others didn’t. In partnership with you, last year alone we collectively drove a 33% increase in the number of new customers and a 45% increase in sales — all while fulfilling 95% of all orders within just three days.

Getting ahead of supply-chain disruption has also allowed us to realize supply chain and shipping cost advantages, which in turn has enabled us to continue to offer industry-leading TCO. While SonicWall has long focused on providing the best products at the best value, during this time of economic uncertainty, this has become an even greater differentiator.

Prior to 2020, SonicWall had already begun looking toward a future built around widespread remote work. Since then, we’ve been developing, refining and expanding our cloud product offerings, including our Cloud Edge Secure Access solution, our NSv virtual firewall and more. And our focus in this area is paying off, with SonicWall’s cloud evolution achieving 36% growth in 2022.

The drivers of SonicWall’s long-term plan include maintaining our sizeable SMB base, steadfast growth in the enterprise space, and continued expansion into next-generation cloud security. And these strategies will be underpinned by ongoing innovation as we continue to build on our Boundless Cybersecurity architecture.

How We’re Continually Improving Customer and Partner Support

During this time, we’ll continue to focus on growing our MSSP program. In early 2023, we’ll introduce an updated MSSP portal, which will provide greater value for our MSSP partners.  We’re also increasing our MSSP product offerings: stay tuned as we lean even further into that area and ensure that every product is aligned to our MSSPs.

Over the past couple years, you’ve emphasized the importance of customer and technical support. We’ve already begun making strides toward greater alignment in this area, both through our web support presence and through our one-on-one support.

We’ve continued to grow and refine our knowledgebase and self-service options. As of this writing, our self-service score is 19-1. In other words, for every 19 inquiries, only one turns into a phone call — the other 18 are sufficiently addressed via the knowledgebase and other online tools. (For context, 13-1 is viewed as best in class.)

As you know, this is a journey and not a destination, and we’ll continue to do our best here. In fact, some of our efforts to improve the user experience for web-based support are already bearing fruit. In August, the Association of Support Professionals (ASP) awarded SonicWall a special award for Best Search on a Support Website, the first time such an award had ever been given.

ASP's annual Best Support Website, awarded to SonicWall in 2022 for our work with our partners.

But because not all support tasks can be handled through online inquiry, we’ve also been investing heavily in our support call center. We aren’t just focused on adding more support resources, however — we’re also focused on supporting more partners and customers, which is key as we grow and expand. Among our support initiatives is the addition of local language support wherever possible, greatly increasing the breadth of our support program.

How We’re Building Brand Awareness

Not all support is after the sale, however — we’re aware that we can make your jobs easier by ensuring end users recognize SonicWall and our partners as thought leaders in the cybersecurity space. In July, we released the mid-year update to our 2022 SonicWall Cyber Threat Report. This report continues to set records, not only in number of downloads, but also in terms of media coverage and mentions in major articles and news stories.

The Threat Report also serves as a vehicle to highlight SonicWall’s threat performance, particularly our patented Real-Time Deep Memory Inspection (RTDMI™). Through the end of Q3 2022, this technology had discovered 373,756 new malware variants — a 22% year-to-date increase, and an average of 1,374 new variants per day.

These capabilities have also been validated by third-party testing — not just once, but seven times in a row. For the past seven consecutive quarters, ICSA Labs has evaluated a SonicWall NSa 3600 equipped with Capture ATP with RTDMI. And in every test cycle, the solution identified 100% of new and little-known threats, some only hours old.

SonicWall is currently the only participating vendor to achieve seven straight 100% threat detection scores, and we’ve now had seven consecutive quarters with the highest overall score among all participants.

Our Partners Are at the Core

But no matter how strong our portfolio is, at SonicWall we know we’re only as strong as our partner community. That’s why we’re working toward increased partner communication and collaboration on every front.

Gen 7 have seen an eight- to nine-times improvement in their top line.

We’ll continue to focus on expanding our technical tracks, as well as our SonicWall University offerings, which have been incredibly successful. We’ve found that partners who take just three hours of SonicWall U training on topics such as Gen 7 have seen an eight- to nine-times improvement in their top line.

But for those who may not have a chance to complete a full training module right away, we’re introducing a new series of 15-minute videos that will serve as a supplement to our SonicWall U training. These videos will provide a bite-sized look at a particular topic and can be shared across your team and with customers. In our GTM revamp of the SonicWall sales team four years ago, we moved to weekly mandatory training for the entire team — something even I continue to do — every week.

With the COVID-19 pandemic easing a bit in many places, we’ll be ramping up our in-person training and will continue reintroducing our regional roadshows. Our Sales Enablement team members have begun meeting partners and customers in person where appropriate, as well.

But as our Sales Enablement team hits the road, we recognize they may be unavailable while they’re in transit or with customers. To maintain a Sales Enablement presence that’s consistently available, we’ve begun investing in virtual SES. These team members are equipped with a variety of tools and will be available during working hours in case you need a quick response.

We’re also in the process of revamping our SonicWall Secure First Partner Program. We’ll be spending a considerable amount of time, effort and investment into improving this program from a partner standpoint, to offer high-quality training and to reward the commitment partners are making in SonicWall.

Like so many of our other initiatives, this one is built around acknowledging the work that our partners put in and continuing to learn how we can better align and better understand your needs and pain points.

Going forward, my key priority is ensuring we’re listening across the company to our partners — getting your input and soliciting your opinion to shape our initiatives and offerings, as opposed to just providing updates. We’ve always strived to be a partner-centric company, but we want to continue to grow in how we can better support and enable our partners across every function and team.

Multiply Your Security with Multifactor Authentication

/0 Comments/in /by

According to Dark Reading, there are more than 24 billion credentials currently circulating on the Dark Web, up 65% from 2020. What’s even more frightening is that many of them belonged to people who did everything right with regards to their username and password — and still had them compromised anyway.

Each year, organizations that millions of us use each day are attacked by cybercriminals who steal passwords and email addresses (along with social security numbers, medical records and whatever else of value they can get their hands on). Once your credentials are in a cybercriminal’s possession, they can be exploited for further attack, used to steal your identity, sold on the Dark Web, and more.

If your credentials are stolen in an attack like this, it won’t matter how cleverly constructed your password is or that you never shared your account information with anyone. The apps and services you depend on for your daily life — including your email, your banking institution, your social media accounts or your retail shopping accounts — will have no way of knowing it isn’t you at the other end of the connection once the criminal inputs your login info.

By this point, prevention is off the table: your only real options consist of things like contacting customer service, monitoring your credit (or placing a credit freeze) and other forms of damage control.

But there is something you can do right now to keep this sort of attack takeover from happening in the first place.

What is MFA

Multifactor authentication (MFA), sometimes referred to as two-factor authentication or 2FA, requires anyone wanting to get into your account to present at least two pieces of evidence that they’re actually you.

These pieces of evidence are generally divided into three categories:

  • Something you know: A password, passcode or PIN
  • Something you have: A confirmation text on your cellphone or an alert from your authentication app
  • Something you are: Facial recognition scan, retina scan, fingerprint or other biometric marker

Unfortunately, the “something you know” is both the easiest piece for cybercriminals to get hold of, and by an overwhelming margin the most commonly requested. In fact, it’s usually the only piece requested, though this is beginning to change (albeit slowly).

No country in the world has a majority of business employees using MFA. Denmark comes closest at 46%, with the U.S. and Canada lagging at 28% and the U.K. doing slightly better at 33%. Microsoft has reported similar results, saying just 22% of enterprise customers that are able to implement MFA actually do so.

Another finding by Microsoft puts a rather fine point on how important MFA is to securing accounts: The company recently found that 99% of compromised Microsoft accounts hadn’t enabled MFA prior to the attack.

MFA Best Practices

MFA isn’t difficult to implement, but there are still some best practices that will help make the process simpler and safer.

  1. Ensure MFA is implemented company-wide. Mandating MFA to protect top executives, R&D or finance alone won’t do much good if someone in marketing, customer service or HR falls for a phish.
  2. Choose an authenticator app over receiving codes via text where possible. SIM-jacking is rare, but it does happen. Plus, this will cover you in cases where your cellular signal is weak or nonexistent.
  3. But be flexible about the implementation method. Allowing verification via authentication app, email or SMS messaging, based on whatever is most convenient to the end user, will help encourage uptake. In any case, while some authentication methods are safer than others, any MFA is better than no MFA.
  4. Check the web services you log into frequently. Some, such as Facebook, Intuit/Turbo Tax and Amazon have MFA built in as an option.
  5. Many of the popular password managers also include MFA (in case you needed yet another reason to start using a password manager.)
  6. And of course, set up passwords/passcodes on your laptop and mobile devices. Multifactor authentication can help prevent the vast majority of breaches, but you shouldn’t depend on it as a guarantee: Unless you’ve set up a biometric factor, it can’t do much if someone gains possession of your device, particularly if the device autoloads your username and password.

We at SonicWall hope this Cybersecurity Awareness Month has helped make you a safer and more secure individual, employee and citizen. Thanks for your commitment to seeing yourself in cyber, and check back for more CSAM tips and best practices in 2023!

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall

/0 Comments/in /by

People often struggle to say goodbye to their things. We grow attached and comfortable with the stuff we use on a regular basis. For instance, I have an old couch that I seldom use, but am nonetheless unable to part with. This comfort zone can be dangerous, as it makes you hold on to things you may no longer need.

We similarly get used to our old network devices. But unlike keeping an old couch, not updating your security gear on time can compromise your entire network. There’s no time like right now to evaluate your needs and adapt. Eliminate things that aren’t needed so that your network is simplified, and update those devices that are critical to the operation.

A good firewall is a cornerstone of a secure network. It’ll stop advanced cyberattacks, as well as keep up with the speed, performance and productivity needs demanded by today’s workplace. Here are the top 10 reasons you should consider updating your legacy firewall to one of the latest 7th generation SonicWall TZ Series firewall (TZ270, TZ370, TZ470, TZ570 and TZ670 Series):

1. Multi-gigabit support in desktop form factor with high port density
Organizations require increased throughput to support bandwidth-intensive applications — and as such, need multi-gigabit ports. Additionally, having a greater number of ports allows organizations to connect more devices directly to the firewall.

Why Upgrade: Gen 7 TZ series next-generation firewalls are the first desktop form factor to bring multi-gigabit (2.5/5/10G) interfaces or fiber (SFP+, SFP) interfaces, while the legacy or Gen 6 firewalls support only gigabit interfaces. Gen 7 TZs also support a minimum of 8 ports, while Gen 6 supports only 5.

2. Superior hardware upgrades with expandable storage and redundant power supply
Gen 7 TZs come with an expandable storage that enables various features, including logging, reporting, caching, firmware backup and more. A secondary power supply is available for redundancy in case of failure, ensuring business continuity.

Why Upgrade: Gen 7 TZ series models come with an expandable storage slot on the bottom of the device that provides the ability to expand up to 256GB, while Gen 6 does not. TZ670 comes preloaded with 32GB expandable storage, and TZ570/670 series firewalls support two AC power supplies for redundancy. The optional redundant power supply is available for purchase with TZ570/670 Series, while all other Gen 6 and Gen 7 firewalls support one power supply.

3. Groundbreaking firewall inspection, DPI performance and IPSec VPN performance
Network bandwidth requirements from apps, HD video streaming, social media and more continue to increase. And keeping up requires faster firewall inspection, DPI and IPSec VPN performance, which provide a secure network without performance degradation. Having faster firewall performance provides organizations with a greater capacity to utilize higher internet speeds and support more concurrent and remote users.

Why Upgrade: Gen 7 TZs offer up to 3 times firewall, DPI and IPSec VPN performance over Gen 6 firewalls.

4. Scale higher with increased connection count (per second, SPI, DPI, DPI-SSL)
Having a higher number of concurrent connections provides greater scalability by enabling more simultaneous user sessions to be active and tracked by the firewall.

Why Upgrade: Gen 7 TZs offer up to 15 times as many maximum connections as Gen 6 firewalls.

5. Deploy at scale
With easy onboarding and single-pane of glass management, organizations can reduce complexity, scale quickly, and get business running without additional IT personnel.

Why Upgrade: Gen 7 is simplified by Zero-Touch Deployment, with the ability to simultaneously roll out these devices across multiple locations with  minimal IT support.

6. Increased VPN connectivity
For organizations with remote and branch locations, such as retail POS businesses, the ability to create a larger number of site-to-site VPN tunnels is essential. It enables organizations to connect distributed networks together and securely share data.

Why Upgrade: Gen 7 offers up to eight times more site-to-site VPN tunnels than Gen 6 firewalls.

7. High VLAN interfaces
VLANs support the logical grouping of network devices, reduce broadcast traffic and allow more control when implementing security policies. This provides logical separation of devices on the same network. High VLAN interfaces allow better segmentation and performance for organizations.

Why Upgrade: Gen 7 TZ series offers up to five times more VLAN interfaces than Gen 6 TZ series.

8. 802.11ac Wave 2 technology with higher max number of access points
11ac Wave 2 technology enhances Wi-Fi user experience by supporting MU-MIMO technology. An integrated Wi-Fi option enables organizations to extend their wireless network farther without purchasing additional hardware. Alternatively, high number of APs supported by the firewall provide better scalability of the Wi-Fi network.

Why Upgrade: Gen 7 TZs (with the exception of TZ670) offer integrated 802.11ac Wave 2 support, while Gen 6 supports only 802.11ac Wave 1 or 802.11n technologies. Gen 7 TZs support up to four times as many access points as Gen 6 series.

9. Brand-new SonicOS 7.0 support
The feature-rich SonicOS 7.0 operating system features modern UI/UX, topology view, enhanced policy, advanced security and networking and management capabilities, along with TLS 1.3 and default support for BGP routing without the need for additional license.

Why Upgrade:SonicOS 7.0 support is available on Gen 7 Series, but not available on Gen 6 Series. Gen 7 includes BGP support as default with every firewall purchase, as well as Stateful HA support.

10. 5G USB Modem Support
The USB 3.0 port in the Gen 7 TZs could be used to plug in a 5G dongle for 5G connectivity. They’re backward compatible with 4G/LTE/3G technologies with the use of corresponding dongles.

Why Upgrade: 5G technology support is available on Gen 7 TZ series, but not Gen 6 TZ series.

 

About SonicWall TZ Next-Generation Firewalls

Get high-speed threat prevention in a flexible, integrated security solution with the SonicWall TZ Series. Designed for small networks and distributed enterprises with remote and branch locations, SonicWall TZ next-generation firewalls offer various models that can be tuned to meet your specific needs.

Ready to upgrade to the newest SonicWall TZ firewall? Take advantage of the SonicWall Customer Loyalty Program to save money when you replace your existing SonicWall firewall or other eligible security appliance.

Upgrade My Firewall

SonicWall Third-Party Threat Performance: Seven Times Superior

/0 Comments/in /by

The number seven is often associated with luck. But when it comes to SonicWall’s ongoing streak of top scores in independent ICSA testing, luck has nothing to do with it.

“SonicWall Capture ATP did remarkably well during this test cycle, detecting 100% of previously unknown threats while having zero false positives,” ICSA noted in its Q3 2022 Advanced Threat Defense (ATD) report.

From July 20 through Aug. 16, 2022, a SonicWall NSa 3600 NGFW equipped with SonicWall Advanced Threat Protection (ATP) and patented Real-Time Deep Memory Inspection™ (RTDMI) technology was subjected to 28 days of continuous testing by independent third-party testing firm ICSA Labs.

To measure the technology’s threat detection capabilities, a total of 1,292 test runs were conducted. 672 of these test rounds consisted of new and little-known threats, all of which were flagged as malicious by Capture ATP. The other 620 were innocuous apps and activities, none of which were improperly categorized by the SonicWall solution.

How SonicWall Stacks Up

This performance resulted in a perfect score in Q3 testing, but this isn’t a first for SonicWall. Since Q1 2021, quarterly ICSA Labs ATD testing has found that SonicWall offers the highest overall security efficacy, with 100% threat detection and the lowest rate of false positives. This has resulted in seven consecutive 100% threat detection scores, six of which were perfect scores (no false positives).

SonicWall’s performance in these testing cycles is unmatched. As of this test cycle, SonicWall has now had seen straight quarters of earning the highest overall score among participants, all with a solution that’s available at an industry-leading TCO.

What is ICSA ATD Testing?

Standard ICSA Labs Advanced Threat Defense (ATD) testing is designed to determine how well vendor solutions detect new and advanced threats that traditional security products are likely to miss. Eligible security vendors are tested quarterly for a minimum of three weeks. During that time, ICSA Labs subjects their advanced threat defense solutions to hundreds of test runs. The test set is comprised of a mixture of new threats, little-known threats, and innocuous applications and activities, designed to rate solutions on how well they detect these threats without miscategorizing the non-malicious items.

What are Capture ATP and RTDMI?

Third-party testing cycles like these become increasingly important as cyberattacks become more sophisticated and stealthy. The introduction of state-sponsored attacks in particular has changed the game, turning “cybercriminal” into a full-time government job. As a result, we are seeing a slew of complex and refined attacks capable of passing through the defenses of many organizations.

This highlights two tenets of modern cybersecurity: the importance of sandboxing technology for a security vendor and the fact that not all technologies are created equally.

SonicWall Capture Advanced Threat Protection (ATP) multilayer sandbox service is designed to mitigate new forms of malware that use sophisticated evasion tactics to circumvent traditional network defenses. This cloud-based service, available for SonicWall firewalls and other solutions, was built to give malicious code different environments in which to detonate harmlessly, sparing the network itself.

Included as part of Capture ATP, SonicWall’s patented Real-Time Deep Memory Inspection (RTDMI™) leverages proprietary memory inspection, CPU instruction tracking and machine learning capabilities to become increasingly efficient at recognizing and mitigating cyberattacks never before seen by anyone in the cybersecurity industry — including threats that don’t exhibit any malicious behavior and hide their weaponry via encryption. These are attacks that traditional sandboxes will most likely miss.

Best of all, because RTDMI incorporates AI and machine learning technologies, it’s constantly becoming more effective. For example, through Q3 2022, RTDMI has found 373,756 never-before-seen malware variants. This represents a 20% year-to-date increase, and an average of 1,374 per day.

The full ICSA Labs report can be downloaded here. To learn more about SonicWall Capture ATP with RTDMI, visit our website.

Q3 2022 Threat Intelligence Highlights Changing Threat Environment in 2022

/0 Comments/in /by

If there was one overriding theme of the mid-year update to the 2022 SonicWall Cyber Threat Report, it would be disruption, as we saw trends reverse, targets shift and new techniques come into widespread use throughout the first half of 2022.

Similarly, our Q3 threat intelligence presents a snapshot of a world in flux, as the shifts and reversals we noted in July continue to ebb and flow in our increasingly volatile threat environment.

“Being a security professional has never been more difficult,” said SonicWall President and CEO Bob VanKirk. “The cyber warfare battlefront continues to shift, posing dangerous threats to organizations of all sizes. With expanding attack surfaces, growing numbers of threats and the current geo-political landscape, it should be no surprise that even the most seasoned IT professional can feel overwhelmed. Armed with the latest cybersecurity tools, SonicWall partners can play a vital role in helping customers stay secure in even the most dynamic threat environments.”

Malware

While the first half of 2022 showed an 11% year-to-date increase in malware volume over 2021’s totals, we saw this growth slow in Q3. This resulted in a malware volume of roughly 4 billion, virtually unchanged from the malware volume recorded at this time in 2021.

This flat malware volume conceals a tremendous amount of movement, however. Traditional malware hotspots, such as the U.S. and the U.K., have continued to see their malware volumes drop, falling 5% and 25%, respectively.

But the rest of Europe saw a continued increase in malware volume, with totals up 3% over the same time period in 2021.

It was Asia, however, that saw the largest increase. While this region typically sees far less malware than North America and Europe, malware volume there rose to 603.4 million by the end of Q3, a 38% year-to-date increase. While this wasn’t a large enough increase to eclipse Europe’s totals, this is the closest it’s come to doing so in recent memory, and it represents a worrying trend as we move toward year’s end.

Ransomware

Global ransomware volume continued to drop throughout Q3 compared with 2021’s totals. The 338.4 million ransomware attacks logged in the first three quarters of 2022 represent a 31% decrease year-to-date, and an average of 1,014 ransomware attempts per customer.

This is presented with two major caveats, however: First, while ransomware is decreasing, it isn’t decreasing as aggressively as it was earlier this year, which could signal a reversal on the horizon.

Secondly, though ransomware has fallen off somewhat from 2021’s meteoric highs, the volume we’ve seen so far in 2022 still eclipses the full year totals we’ve seen in four of the last five years. With Ransomware-as-a-Service (RaaS) offerings become more readily available and ransomware groups continue to develop new ways of exploiting their targets, it’s likely we’ll see numbers begin to increase sooner rather than later.

 

Despite decreases in ransomware volume, 2022 is still on track to be the second-highest year for ransomware in recent memory

 

As with malware, we’ve seen a great deal of volatility in geographical ransomware trends. The U.S., typically ransomware’s epicenter, has seen a remarkable 51% drop in attacks in the first three quarters of 2022. Conversely, ransomware in the U.K. increased 20% and attacks in Europe as a whole jumped 38% year-to-date, a continuation of the geographical shift noted in the Mid-Year Update.

It was Asia that saw the biggest increase, however — compared with 2021 totals, ransomware volume there is up 56%. In August, Asia’s monthly ransomware count reached 2.61 million, more than 10 times the volume seen in January and the highest total in recent memory. In fact, Asia saw nearly as many attacks in the first three quarters of 2022 as it did in all of 2021, and roughly double the number of attacks recorded in 2019 and 2020 combined.

“Ransomware has evolved at an alarming rate, particularly in the past five years — not only in volume but in attack vectors,” said SonicWall Emerging Threat Expert Immanuel Chavoya. “The latest Q3 data shows how bad actors are getting smarter in the development of evolutionary strains and more targeted in their assaults.”

Cryptojacking

So far in 2022, SonicWall has recorded 94.6 million cryptojacking attacks, a 35% increase from the already record-high volume observed during the same period in 2021. With cryptojacking totals for the first three quarters of 2022 making up 97.5% of full-year totals for 2021, another yearly record seems imminent.

While a 31% increase in North America fueled some of this spike, triple-digit increases in Europe (up 377%) and Asia (up 160%) also contributed to the sky-high cryptojacking volumes seen so far this year.

The disparity in these trends points to a geographic shakeup similar to what’s been observed among other threat types. But there’s also been a shift in attack volume by industry: while government and education customers have typically seen the lion’s share of cryptojacking attempts, Q3 saw the crosshairs shift to the financial industry, as criminals increasingly targeted banks and trading houses to illegally mine cryptocurrency.

IoT Malware

But while other threat types showed geographical hotspots shifting, IoT attacks have, if anything, doubled down. The largest increase in attacks was seen in North America, which already saw the lion’s share of IoT malware: attacks there rose 200%. Asia recorded a (comparatively) smaller increase of 82%, while cryptojacking in Europe was relatively unchanged from the same time in 2021.

While the past couple years saw threats increase, at least they did so in a fairly predictable manner. However, years like 2022 — which see much of this predictability fly out the window — remind us that in cybersecurity, preparation is paramount.

Securing Your Credentials: Does Your Password Pass the Test?

/0 Comments/in /by

In the 1990s animated series “Futurama,” a villain and her henchmen are forced to stage an elaborate ruse to obtain the main character’s passcode. While we’re still a long way from the year 3000, they were a bit overly optimistic about the future’s commitment to securing our online presence. Instead, today’s credentials too often include passwords like the one used to destroy a planet in the movie “Spaceballs” (12345).

Even back in 1987, we knew that “12345” is less a secure password and more “the kind of thing an idiot would have on his luggage.” So why are so many people still securing their identities, finances and more with passwords like this in 2022?

The Passwords That Don’t Pass Muster

In a study conducted by Google and Harris Poll, a full quarter of respondents had used one of the following passwords, or a variation thereof:

  • abc123
  • password
  • 123456
  • Iloveyou
  • 111111
  • qwerty
  • admin
  • welcome

But just because someone didn’t use one of these egregious eight doesn’t mean their accounts are secure. A staggering 59% have incorporated personal information into their password (popular choices were a significant other’s name, their own name, a pet’s name or their kids’ names.)

These sorts of passwords can not only make you vulnerable to hackers — who with a bit of social engineering or a cursory search on social media can find out enough about you to guess your password — but also to the merely nosy. That same survey found that 27% of respondents admitted to having tried to guess another person’s password. And of those, 17%, or nearly 1 in 5, were successful.

But even people with good passwords undermine their security with bad decisions. In a Harris Poll, 78% of Gen Z, 67% of Millennials and Gen X’ers, and 60% of Baby Boomers admitted to using the same password for multiple online accounts.

Worse, when security firm SpyCloud compared 1.7 billion username and password combos gathered from more than 750 leaked sources, they discovered that nearly two-thirds of people were using a password exposed in a breach for other accounts.

Don’t Pass on these Password Tips

Because anti-malware and other security measures often cannot detect threat actors who have gained access using legitimate credentials, poor password hygiene can create a nearly indetectable pathway into your network. So how do you prevent this? Luckily, there are several ways to ensure your password earns a passing grade:

  1. Don’t reuse passwords! Reusing passwords can turn stolen credentials from one of your accounts into stolen credentials for ALL of your accounts. Very few things sting as badly as having your bank account compromised because you bought a pair of sneakers in 2016.
  2. Don’t give passwords away, either. If someone has control of your password, they have control of your account — and they can cancel it, offer access to others and more.
  3. Don’t use personal information in your passwords. Things like family members’ names, birthdates, favorite sports teams or city of residence are known to those close to you and can be figured out through social media.
  4. Check to see if your password has been involved in a breach. If you’re using a well-constructed password that’s been widely exposed, it isn’t much better than just using one of these. Go here to see if your password has been pwned, and if it has, change it everywhere it has been used and forget about it forever.
  5. Passwords should be at least 12 characters long, regardless of what combination of numbers, letters and characters is used.
  6. Complex to you isn’t necessarily complex to an attacker. People assume a password like T3Dl@55o will be hard to guess. And it will — for a human. But a password cracker will make quick work of it (it’ll only take about 39 minutes). You’re better off choosing a long passphrase than a short but complicated password. A passphrase that’s at least 15 characters long, as in the well-known example CorrectHorseBatteryStaple, is significantly harder for crackers to guess (it’ll take hundreds of billions of years … unless you actually use “CorrectHorseBatteryStaple,” in which case it’ll likely take much less time.)
  7. The best passwords of all are long; include a variety of numbers, characters and special symbols; and don’t make use of ordinary words. But these, understandably, can be hard to remember, so …
  8. Consider using a password manager. These services can create and store long, secure and unique passwords, so you only ever have to remember one — eliminating the need to ever again deal with the “Forgot Your Password?” link.

Now that you’ve ditched “p@ssw0rd!” and the like for truly secure credentials, you’re totally protected, right? Not necessarily — if the email provider, bank, etc., is compromised, attackers may still be able to get into your account. In our final Cybersecurity Awareness Month blog, we’ll discuss how multifactor authentication can stop most unauthorized access, even if your credentials fall into the wrong hands.