Boost Productivity and Conserve Bandwidth with New SonicWall Analytics Tools

The internet has become an indispensable resource in both professional and personal life — and due to its ubiquity, people have a natural inclination to use corporate networks for both work and non-work-related web applications.

This mingling of personal and professional app usage has increased the speed with which boundaries between home and office are falling. Unfortunately, unbounded and non-selective usage of business-critical organization network for non-work-related web activities has significant downsides.

Unrestricted access to the internet places additional pressures on IT teams responsible for managing a network infrastructure and guarding against security threats. The tendency to use non-work-related internet applications during working hours can hurt organizational productivity — and worse, organizations can be held legally liable for employees’ actions while using company web resources.

To protect organization assets and workforce productivity, internet usage within the corporate network should be checked for fairness and optimized for the organization’s overall performance. However, the abundance of internet resources makes it unfeasible for network administrators to analyze each and every one accessed over the corporate network.

To get a clearer picture of internet usage, those resources need to be classified based on value to the organization, such as into “productive” and “unproductive” categories. Furthermore, this categorization must agree with corporate policy, internet usage policy and industry domain. Successful categorization provides valuable insight into usage patterns and behavior.

Once categorization is established, we must understand which metrics are available for monitoring internet usage patterns, as well as the utility of each metric. For example, when we analyze internet usage patterns from the perspective of how well corporate bandwidth is being utilized or the financial implication of internet bandwidth consumed by non-productive categories, we must look at total data transfer in each productivity group. The data transfer metric is also important from the perspective of network capacity planning.

If we are analyzing internet usage patterns from a workforce productivity point of view, the time spent by employees in different productivity categories is of primary importance. Moreover, to get a complete picture from a workforce productivity perspective, the browsing time data must be correlated with the time of day, determining if usage was during working hours or non-working hours. Lastly, the relative demand of internet resources in an organization is established by the number of connections established to it, which is tracked by the connection metric.

In summary, we need a powerful and intelligent analytical engine capable of:

  1. Ingesting firewall event data at wire speed
  2. Filtering out relevant internet access events
  3. Mapping them to the productivity categories as defined by each organization
  4. Summarizing reports for each productive category in multiple analytical metrics

And for maximum usability, all this functionality needs to be coupled with an apt and intuitive user interface for easy access to reports and analytical data.

To this end, SonicWall has added the advanced capabilities and workflows required to manage the internet productivity of an organization as Productivity Reports in the SonicWall Analytics solution.

SonicWall Analytics is a cloud-native analytics engine designed for speed and scale. The Productivity Reports feature provides fully customizable productive group configuration based on content filtering categories. The thoughtfully designed user interface offers insightful executive snapshots in different productivity categories. Analysts can drill down from those snapshots or jump directly into individual websites, users and web categories to analyze usage patterns and investigate associated threats.

The Productivity Reports’ interface extends beyond reporting and analytical capabilities. For example, it integrates policy creation directly from the report screen to restrict users, websites, or web categories.

To discover the full breadth of SonicWall Analytics, visit www.sonicwall.com/analytics or contact sales for a free trial.

SD-WAN and VPN Orchestrations: Fast-Tracking Enterprise Growth

If you’re planning to onboard multiple branches or refresh existing sites with newer firewalls, SonicWall now offers options to help you effortlessly fast-track the process.

We recently announced the expansion of our Network Security Manager version 2.3, which introduced three essential firewall management capabilities: Template Variables, SD-WAN, and VPN Orchestration and Monitoring. These new features help facilitate the rapid deployment, provisioning and central management of your enterprise-wide SD-Branch operations globally.

Template Variables

Here’s a typical use case for Template Variables: Say a security operating center (SOC) for a large enterprise retailer wants to quickly build out hundreds of store locations using a single template configuration, eliminating manual configuration at each site. The administrator seeks an easy-to-use tool to automatically assign a unique interface, subnet, gateway IP and static routes to the firewall, all while keeping all other settings and policies consistent across all sites. NSM 2.3’s new Template Variables feature enables them to do precisely this.

When configuring a Template using Template Variables to assign a device-specific value — such as an IP address, subnet and gateway IP, and static route — the admin can make specific firewall parameters requiring a unique value into a variable object within a template configuration. For example, the Template Variables object “testv4Obj” in Figure 1 shows that it can be any octet of the IP address.

For the firewall device named “test,” the second, third and fourth octet are set as variable objects. So, when the Template with Template Variables configuration is committed and deployed, NSM resolves the device-unique value to the associated firewall device. This occurs when the Template gets pushed across multiple devices or device groups.

In this scenario, “test” is assigned an IP address of 10.5.5.10, while “demo_tz670_gen7” is given the value 10.101.1.10. Template Variables preserve the uniqueness of the device-specific value during the commit and deploy process.

Other examples of such parameters are DNS Server IP, Hostname, FDQN, etc. You can also use variables inside access rules in the form of address objects.

Whether you have a single site or hundreds of sites, the Template Variable within the Template configuration workflow makes building out any number of sites super-fast. It does this by auto-provisioning device-specific configurations for each firewall. As a result, distributed enterprises can onboard and secure new branch facilities quickly and easily, eliminating separate manual setups for each device at every location.

SD-WAN Orchestration and Monitoring

The use case for the SD-WAN Orchestration feature is similar to that of Template Variables. A typical scenario is a distributed enterprise SOC that wants to operationalize multiple branches with SD-WAN connectivity to communicate with one another.

The admin wants to — from one place — centrally deploy, provision and manage SD-WAN networks and application routing services across all sites. The goal in a case like this is to ensure business-critical applications never slow down or shut off and that they continually operate at peak performance. The NSM 2.3 SD-WAN Orchestration feature enables the enterprise SOC to do all that.

Using an intuitive, self-guided workflow, administrators can build, operate and manage an enterprise-wide SD-WAN network. This is done by establishing and enforcing application-based traffic and other traffic steering configurations across and between thousands of sites, all with minimal effort.

SD-WAN Monitoring feature lets admins proactively observe the health and performance of their SD-WAN environment, such as interface status, utilization and performance service level. The information allows network infrastructure teams to:

  1. Troubleshoot and resolve issues quickly
  2. Ensure consistent SD-WAN configurations across all sites
  3. Drive the optimal level of WAN and application performance

VPN Orchestration and Monitoring

Setting up and configuring VPNs in a distributed enterprise with multi-location and multi-cloud networks can be burdensome. It may even be problematic for specific deployment scenarios and less experienced administrators. Enterprise SOCs want to make this process easier for their network admins — and they expect a simple and procedural way to set up VPN settings and policies so that any network admin at any skill level can configure everything via a streamlined process. Once VPN tunnels are established across the enterprise, enterprise SOCs also demand visibility into all network traffic going through the VPN tunnels.

The NSM 2.3 VPN Orchestration feature helps admins establish site-to-site connectivity and communication quickly and without errors by using a repeatable, self-guided workflow. This feature enables them to centrally configure VPN settings and policies using a wizard-based, step-by-step setup process.

Additionally, the VPN Monitoring feature gives admins complete visibility into their entire VPN environment’s activities, health and performance. Admins can leverage this information to monitor connection status, data transfers and bandwidth consumed over those VPN tunnels. At the same time, alerts allow admins to proactively maintain the integrity of VPN connections, ensuring continuous connectivity between sites.