Easier Wi-Fi Planning, Security & Management from the Cloud

/0 Comments/in , /by

Wi-Fi access is ubiquitous, but it’s not always easy to plan, deploy, secure and manage, especially for distributed businesses and enterprises.

SonicWall believes there’s an easier approach. Our product teams have revamped our Wi-Fi management solutions with innovation at its foundation. Top-of-mind during the entire process, our focus was on evolving our Wi-Fi technology in four key areas: security, performance, simplicity and intuitiveness.

On paper, those sound obvious. But we wanted to be sure the execution matched the vision — to remove all the complexity without impacting the end-user experience. The outcome of this effort is four new SonicWall wireless solutions:

Intuitive wireless management for the next era

One of the constant nightmares for network admins is an unmanageable network. As your network expands, policies change and threats increase, it is often difficult to keep pace.

Discovering an outage only after it has happened — or malware after it has creeped into your network — is disastrous. SonicWall arms you with the right tool to gain insights into your network to keep pace with changing network requirements.

SonicWall WiFi Cloud Manager is an intuitive, scalable and centralized Wi-Fi network management system suitable for networks of any size. With simplified management, wireless analytics is richer and easily accessible from anywhere with an internet connection. The cloud-based management solution is designed to be user-friendly and resilient while simplifying access, control and troubleshooting capabilities.

With a fresh UI, WiFi Cloud Manager can be accessed via SonicWall Capture Security Center to deliver powerful features and simplified onboarding via the cloud from a single pane of glass. Centralized visibility and control over SonicWall’s wired and wireless networking hardware reduces complexity and the need for costly overlay management systems. It also can be deployed across multiple regions for greater network visibility into disturbed enterprises.

For network admins on the go, SonicWall introduces SonicWiFi mobile app to set up and monitor your network. Easily onboard your APs and setup mesh with this app. It is available on iOS and Android.

Advanced wireless security — with or without a firewall

Organizations, big and small, need secure wireless solutions for extending connectivity to employees, customers and guests. The new SonicWave 200 series wireless access points deliver enterprise-level performance and security with the range and reliability of 802.11ac Wave 2 technology at an affordable price.

Built on industry-leading next-gen security, these APs features a dedicated third radio for security scanning. In fact, advanced security features like Content Filtering Service (CFS) and the Capture Advanced Threat Protection (ATP) sandbox service can be performed on the AP itself, enabling organizations to mitigate cyberattacks even where firewalls aren’t deployed.

SonicWave 200 access points are available in three options, including 231c for indoor, 231o for outdoor and 224w for wall-mount requirements.

Manage dozens or even thousands of SonicWave wireless access points from anywhere you have an internet connection via the cloud or through the firewalls, providing you ultimate flexibility.

The SonicWall WiFi Cloud Manager provides you a single-pane-of-glass view of your entire wireless network. SonicWave access points also support SonicWall Zero-Touch Deployment, which allows the access points to be automatically identified and registered. SonicWiFi mobile app also lets you set up, manage and keep track of your network.

SonicWave access points leverage mesh technology to negate complexity from wireless expansion, especially at remote or distributed locations. Mesh networks are easy to set up, effortless to expand, and require fewer cables and less manpower to deploy, reducing installation costs. The new push-and-snap mounting bracket further adds to the ease of installation.

Easily plan, deploy your wireless networks

IT administrators often hear complaints about unreliable Wi-Fi connectivity leading to poor user experiences. This is mostly because Wi-Fi networks are not designed correctly to begin with. AP placements could be wrong, there may be radio frequency barriers or there simply isn’t enough capacity and coverage.

SonicWall WiFi Planner is a simple, easy-to-use, advanced wireless site survey tool that enables you to optimally design and deploy a wireless network for enhanced wireless user experience.

This tool lets you customize your settings per your surroundings and requirements to obtain maximum coverage with the fewest number of access points. You can prevent interference in your deployment on a best-effort basis through auto-channel assignment.

With a cloud-based UI, you also have the flexibility to collaborate with global teams. It is ideal for new access point deployments or to ensure excellent coverage in your wireless network. Available at no added cost, SonicWall WiFi Planner is accessible through WiFi Cloud Manager.

Together, these products deliver a powerful wireless solution, paving way for the next era of wireless security. Welcome to the future of wireless security.

Advanced Endpoint Detection & Response (EDR) Comes to Capture Client 2.0

/0 Comments/in , /by

Endpoint protection has evolved well past simple antivirus (AV) monitoring. Today’s endpoints require consistent and proactive investigation and mitigation of suspicious files or behavior.

With the release of SonicWall Capture Client 2.0, organizations gain active control of endpoint health with advanced Endpoint Detection and Response (EDR) capabilities.

With EDR capabilities in place, SonicWall Capture Client empowers administrators to track threat origins and intended destinations, kill or quarantine as necessary, and “roll back” endpoints to a last-known good state in cases of infection or compromise.

Capture Client now also enables organizations to mitigate malware and clean endpoints without manually pulling them offline to conduct forensic analysis and/or reimage the device — as is typically required with legacy AV solutions.

Protect Endpoints from Employee Mishaps with Web Threat Protection

For years, SonicWall’s Content Filtering options have been used by schools, small and medium businesses, and enterprises to either block people from malicious web content (e.g., phishing sites) or productivity-killing sites (e.g., social media), as well as manage the bandwidth an application receives.

A portion of this technology, called Web Threat Protection, is now in Capture Client 2.0. This feature utilizes the Content Filtering Service to block access to millions of known malicious URLs, domains and IP addresses. This helps prevent phishing email attacks, malicious downloads (e.g., ransomware) or other online threats.

Web Threat Protection gives admins another layer of security and helps avoid the cleanup of infections and/or the need to “roll back” the PC to a last known healthy state.

Shrink Attack Surface Area with Endpoint Device Control

Did you know in a recent Google social experiment that 45 percent of “lost” USB keys were plugged into devices by the people who found them?

Dropping infected USB drives in a work area (e.g., coffee shop, company parking lot, lobby) has always been respected as a very effective attack on companies. In fact, many retail outlets have point-of-sale (POS) systems with exposed USB ports that make it easier to infect networks from many locations.

To better prevent infected devices like USBs from connecting to endpoints, Capture Client Device Control can lock out unknown or suspicious devices. Admins have the ability to block endpoint access to unknown devices until they are approved, or whitelist clean devices, like printers and removable storage, to narrow the threat plane.

Endpoint Protection Licensing Better for Partners, Customers

SonicWall has done more than just improve the stability and functionality of the client. We’ve also spent the past year working with a global network of partners and customers to create better business practices behind the client.

Due to increased demand, we are proud to announce that our competitive conversion SKUs will live as an indefinite program that certified SonicWall Partners can use. This will enable customers to get three years of coverage for the price of two when switching from a competitive product.

SonicWall is also doing away with pack SKUs that people formerly ordered (and still supported) in favor of banded SKUs coming in March 2019. These ordering bands allow a partner to order the exact number of licenses required, at the appropriate discount, for their volume. These bands start at five seats and offer eight sets of volume discounts that go up to 10,000 or more seats.

Tech Brief: Roll Back the Impact of Ransomware

Capture Client Advanced enables quick, automated recovery without having to manually restore from backups or create new system images. Download the full tech brief to explore how Capture Client rollback helps optimize business continuity, reduce financial impact and shorten the mean time to repair.

GET THE TECH BRIEF

Modern SaaS Security: How to Secure Email, Data, User Access in the Age of Cloud Apps

/0 Comments/in /by

SaaS applications have changed the way employees and organizations operate, how an application is purchased and provisioned, and how employees access and use the apps.

Today, IT departments are no longer a part of this process. As a result, security gaps arise due to the lack of sufficient control and visibility for which applications are hosting corporate data.

With the ease at which SaaS applications can be rolled out — and the benefits of increased productivity and agility — it is easy to forget that the organization is responsible for securing data and managing access for SaaS applications.

Cloud Security | Shared Responsibility Model for SaaS
Data Security & Compliance Customer

Responsibility
User & Device Access
Application Security Cloud Service
Provider Responsibility
Network Security
Infrastructure Security

To adopt SaaS applications in a secure manner, proactive organizations use SonicWall Cloud App Security 2.0.

What is Cloud App Security 2.0?

SonicWall Cloud App Security offers comprehensive next-generation security for your users and data within SaaS applications, including email, messaging, file-sharing and file storage.

Cloud App Security seamlessly integrates with sanctioned SaaS applications using native APIs. This approach provides email security and Cloud Access Security Broker (CASB) functionalities, which are required to protect the current SaaS landscape. This includes:

  • Visibility. Identify all cloud services (both sanctioned and unsanctioned) used by an organization’s employees. This includes visibility of east-west traffic (cloud-to-cloud) as users can authenticate to unsanctioned apps using sanctioned IT, such as Microsoft Office 365.
  • Next-Gen Email Security. As email becomes the most popular SaaS app used, protecting the popular threat vector is key for SaaS security. The secure email solution includes attachment sandboxing, time-of-click URL analysis and Business Email Compromise (BEC) protection.
  • Advanced Threat Protection. Prevent malware propagation through cloud apps, such as OneDrive, Box and Dropbox, with real-time scanning for known threats. The integrated Capture Advanced Threat Protection (ATP) sandbox service mitigates both known and never-before-seen cyberattacks.
  • Data Security. Enforce data-centric security policies by offering granular access controls and preventing upload of sensitive or confidential files. The solution incorporates role-based policy tools, data classification, and data loss prevention (DLP) technologies to monitor user activity and block or limit access.
  • Compliance. Collect an extensive audit trail of every action, including real-time and historical events, and provide simple DLP templates to enforce policy controls and regulatory compliance in real time.

SonicWall Cloud App Security

slide2
slide3
slide4
slide5
slide6

When deployed with a SonicWall next-generation firewall (NGFW), Cloud App Security offers shadow IT visibility and control at no extra cost. SonicWall Cloud App Security ensures the safe adoption of cloud applications — all without impacting employee productivity and at a low total cost of ownership (TCO).

Security for Cloud Email Services & Platforms

Drawbacks of a Secure Email Gateway

Typically, when organizations move their email to the cloud, they either rely exclusively on the email provider’s built-in security or supplement it with a traditional secure email gateway. This approach is inefficient because the gateway:

  • Introduces a point of failure
  • Does not provide visibility or control over email beyond the gateway
  • Does not protect against new email threats, such as account takeover attacks
  • Does not protect against other apps in the cloud office suites

SonicWall Cloud App Security includes email security designed for cloud email platforms, such as Office 365 and G Suite.

The solution delivers virtual in-line protection using real-time APIs to intercept and stop malicious email from reaching your employees’ inboxes. This approach enables Cloud App Security to:

  • Preserve the native cloud experience
  • Provide comprehensive visibility and granular control
  • Protect against Business Email Compromise (BEC) and account takeover attacks
  • Secure the entire suite of apps in your cloud office platforms

Secure Your Entire Cloud Office Suite, Including Office 365 or G Suite

When organizations move to cloud office solutions, such as Microsoft Office 365 and Google G Suite, a whole suite of productivity tools become available. SonicWall Cloud App Security protects entire productivity suites.

Data Security for Sanctioned SaaS

SonicWall Cloud App Security does not sit in the traffic path of user-to-cloud or cloud-to-cloud. Instead, the solution analyzes all cloud service traffic (e.g., log events, user activities, data files and objects, configuration state, etc.) and enforces the necessary security policies through direct integrations with native APIs of the cloud service.

This enables the solution to provide coverage for that app, regardless of the user’s device or network. The solution provides easy deployment, granular control and zero impact on the user experience.

Only API-based solutions can inspect data-at-rest within SaaS apps since inline, proxy-based solutions inspect only the data uploaded to the cloud from behind a firewall. Since many organizations already have a large volume of data stored in the cloud, APIs are used to enforce policies on this data.

Other capabilities — only possible when connecting directly to an app via API — include the ability to scan security configuration settings within the app and suggest changes that bolster security, as well as the ability to scan the sharing permissions on files and folders to assess the risk of third-party and external access to corporate data.

Cloud App Security provides deep visibility, advanced threat protection using Capture ATP sandbox and data loss prevention for SaaS applications, such as cloud-based email, alongside file sharing and cloud storage apps like Google G Suite and Microsoft Office 365.

Cloud App Security Made Simple, Affordable

  • Zero Friction. Out-of-band scanning does not result in any change in user experience, such as adding latency or breakage of application behavior. In addition, the solution can be deployed within hours without any downtime and administrative overhead
  • Universal Coverage. API-based scanning not only covers the “north-south” (user-to-cloud) traffic, but also provides coverage for “east-west” (cloud-to-cloud) traffic. As cloud adoption increases in organization, cloud-to-cloud traffic becomes the significant portion of cloud usage.
  • Ability to Introspect Traffic. Inline security solutions can only apply changes in security policies for the new traffic coming forward. However, the APIs allow you to retrospectively apply the policies for all data-at-rest, including all new traffic.

SonicWall’s Platform Approach to Cloud Security

To protect SaaS applications, SonicWall Cloud App Security leverages the SonicWall Capture Cloud Platform, which combines the global security intelligence of the Capture Threat Network and the advanced threat prevention of the multi-engine Capture ATP sandbox. The cloud-native solution is delivered through Capture Security Center

SonicWall extends automated, real-time breach detection and prevention capabilities into SaaS environments, helping organizations safely leverage cloud applications to enhance employee productivity and enable collaboration.

SonicWall Cloud App Security ensures the safe adoption of cloud applications without impacting employee productivity and at a low total cost of ownership.

Five Reasons to Visit SonicWall at RSA Conference 2019

/0 Comments/in /by

RSA Conference 2019 is fast approaching, coming up March 4-8 at the Moscone Center in San Francisco.

RSA has a reputation. It is considered by many to be the cybersecurity event of the year and the best opportunity you’ll find to network with over 40,000 other security professionals. In an apparent attempt to out-do themselves this year, organizers have gone with a simple but powerful theme: to put it simply, Better.

Whether that means better technology, better data and analysis, or even better swag and giveaways, SonicWall has you covered. We will be in the North Expo Hall at booth No. 5559 offering insightful demos, fun theater presentations and amazing giveaways.

Expo Hours

Moscone Center | North Expo Hall Booth 5559
Monday, March 4 5:00 PM – 7:00 PM
Tuesday, March 5 10:00 AM – 6:00 PM
Wednesday, March 6 10:00 AM – 6:00 PM
Thursday, March 7 10:00 AM – 3:00 PM

Check out our top five reasons why SonicWall needs to be on your ‘must visit’ list this year at RSA Conference 2019.

1. It’s free

This year, it’s on us! Simply register with code XSU9SONICWALL to receive a complimentary Expo Plus Pass.

As an Expo Plus Pass registrant, you will receive admittance to the Expo Halls (Tuesday – Thursday), including Briefing Center sessions and the Wednesday afternoon pub crawl.

You will also receive the following benefits:

  • Admittance to Keynotes Wednesday-Friday (West and South Stage)
  • Admittance to select sessions Monday-Thursday
  • Admittance to the Innovation Sandbox on Monday Afternoon
  • Admittance to the Welcome Reception on Monday
  • Admittance to RSAC Early Stage Expo Wednesday & Thursday
  • Admittance to RSAC Sandbox Wednesday & Thursday

2. We’ve got new swag

This year we have something for everyone. Feeling practical? We are stocked up on the ever-popular SonicWall portable battery packs. If you ask nicely, we may even give you one with a full charge to keep you powered throughout your day.

If you’re a seasoned RSA veteran and have seen it all before, maybe you’re looking for something a little different? We think our new SonicWall-branded wireless Retro headphones from our friends at JLab Audio are just what you need.

We’ve got ‘SOCs in a Box’ with a nifty new design based on the new SonicWall Security Center and SonicWall Risk Meters — a collector’s item for sure. Come visit our booth and make sure you’re leaving RSA this year with some original swag.

3. We’ve got the experts

During RSA 2019, you can visit our team of experts at the SonicWall booth who are ready to show you some of our newest products and solutions. To name a few:

  • Capture Security Center – Come see our open, scalable cloud security management software in action. It offers the ultimate in visibility, agility and capacity to govern all SonicWall security operations and services with greater clarity, precision and speed — all from a single pane of glass.
  • SonicWall Risk Meters – Check out personalized threat information and risk scoring service. It adapts to individual situations to reveal gaps in defensive layers.
  • SonicWall Network Security Virtual (NSv) Series – Watch us run live traffic through our newest virtual firewall.

4. Featured presentation

Dmitriy Ayrapetov, SonicWall Executive Director of Product Management, will be providing an in-depth look at the latest global security intelligence gathered by the SonicWall Capture Labs threat research team in his presentation, Leverage the Latest Threat Intelligence to Stay Ahead of Cyber Threats.”

Discover how SonicWall can help you expose security gaps and take decisive actions that keep you ahead of threats before they become tomorrow’s headlines.

  • Date: Tuesday, March 5 at 11:45 a.m.
  • Location: North Expo Hall Briefing Center

5. Big prizes and fun contests

As well as our branded swag, we are offering an amazing grand prize this year: a brand new Apple Watch Series 4.

We will announce one lucky winner Thursday, March 7, at 12 p.m. PST.

You will have plenty of opportunities to enter for our grand giveaway. Come talk to us at our booth for more details. But for now, we want to give you a massive hint to help better your chances of being our grand prize winner: all will be revealed on social media.

Watch our social media accounts very closely throughout the entire week of RSA!

We look forward to seeing you at RSA. Don’t forget, we’re in the North Expo Hall at booth No. 5559.

Eight New Ways the SonicWall Capture Cloud Platform Protects Businesses

/0 Comments/in /by

Two years ago, the SonicWall Capture Cloud Platform was a vision — one that boldly represented the future of how our company would better empower, enable and protect our global customers.

And now that it’s a reality, we’re evolving it yet again — in new areas with even more capabilities. Based on invaluable feedback from end-users, internal business owners and partners, the goal of this launch was to focus on these five areas where SonicWall could:

  • Help organizations better protect business cloud applications, like Office 365 and G Suite
  • Deliver more cost-effective network security options for a wider range of enterprises, small and medium businesses, and government agencies
  • Empower administrators with more advanced endpoint protection capabilities
  • Streamline wireless security, management, visibility and planning
  • Simplify wireless security and expansion with a mobile app, mesh networking and zero-touch deployment capabilities

Today, we announced new solutions that better protect networks, cloud applications, endpoints and all respective data. In all, this effort includes eight new products or solution enhancements to the Capture Cloud Platform.

  • Cloud App Security 2.0 — Available for Office 365 and G Suite, Cloud App Security provides advanced threat protection to stop targeted phishing attacks, zero-day threats and email fraud, such as business email compromise (BEC) and account takeovers (ATO). It also helps identify and mitigate malicious PDFs and Microsoft Office files stored in cloud solutions like Office 365, G Suite and Dropbox.
  • SonicWall SOHO 250 & TZ350 Firewalls — This pair of new next-generation firewalls (NGFW) consolidate security, networking and performance for a low total cost of ownership (TCO). They help organizations reduce costs and save time through integrated features, such as secure SD-WAN, auto-provision VPN and Zero-Touch Deployment.
  • SonicWall WiFi Cloud Manager — This scalable, centralized Wi-Fi network management system simplifies wireless access, control and troubleshooting capabilities across networks of any size or location through a ‘single pane of glass.’ SonicWall also is introducing the SonicWiFi mobile app, available on iOS and Android, to help you monitor your network, easily onboard wireless access points and set up wireless mesh networks.
  • SonicWall WiFi Planner — An intuitive, easy-to-use Wi-Fi surveying tool, SonicWall WiFi Planner helps you design and deploy secure wireless networks that enhance the user experience and ensure workforce productivity. Make sound Wi-Fi coverage decisions that account for different types of office spaces, floor plans, building materials, power requirements, signal strength, channel width and radio bands.
  • SonicWall SonicWave 200 Series Wireless Access Points — Enhance wireless user experiences by delivering gigabit performance, range and the reliability of 802.11ac Wave 2 wireless technology in a solution that is secure and extremely affordable. Activate advanced security services, including the Content Filtering Service (CFS) and Capture Advanced Threat Protection (ATP) sandbox service, directly from SonicWave access points — even where firewalls aren’t deployed.
  • Capture Client 2.0 — With advanced Endpoint Detection and Response (EDR) capabilities, the latest version of SonicWall Capture Client lets administrators track threat origins and intended destinations, kill or quarantine as necessary, and roll back endpoints to a last-known good state in case of infection.
  • Email Security 10.0 — Our enhanced secure email solution now provides multi-layered protection, including attachment sandboxing and time-of-click URL protection against advanced threats like targeted phishing attacks, ransomware, business email compromise (BEC) and email fraud.
  • SonicOS 6.5.4 — The latest version of our powerful operating system supports new SonicWall hardware platforms and includes major improvements in authentication, network security and wireless capabilities, such as the ability to increase DPI-SSL connections across all platforms and more comprehensive logging and reporting required by government organizations.

To learn more about each new product or enhancement, review our press release, contact a SonicWall security expert, or stay tuned to the blog this week as our security experts do deep-dives into each major product update.

More business. Less fear. That’s SonicWall’s commitment to you.

Securely Connect Remote Locations, Networks with Cost-Effective Firewalls

/0 Comments/in /by

Firewalls, travel and sandwiches don’t always go hand in hand, but a recent trip to Arizona paired them perfectly. Whenever I visit the southwest part of the U.S., I see more construction and a little less desert.

On this particular trip, I started to think about the new businesses sprouting up around the valley. Some were the smaller independent variety, but others were clearly part of a larger chain.

When I stop for lunch at a restaurant, I’m conditioned to look around for the wireless access point; I know this is nerdy, but it’s there somewhere. I start thinking about how the particular location secures its network for its employees and customers who want to hop on the Wi-Fi to save their data or enjoy faster speeds.

Companies, like the franchise I visited, that expand their footprint incur costs for the time and expense of getting each new site up and running. In addition to the site and equipment needed to sell their core products (or, in this case, sandwiches), there’s also the networking aspect.

Each site has to be able to securely connect to their internet service provider (ISP) as well as to the corporate headquarters. Having the right firewall is crucial. But so is a solution that enables the parent company to bring up new sites quickly and easily — wherever they’re located.

Firewalls for SMBs, Remote Locations: Introducing SOHO 250 & TZ350

The SonicWall TZ series of Unified Threat Management (UTM) firewalls is a perfect fit for both small and home offices, as well as distributed networks with remote sites. We’ve just expanded our lineup to include two new models: SOHO 250 and TZ350.

Similar to other TZ series firewalls, the new models consolidate all the security and networking capabilities a new site requires. They’re also really fast when it comes to processing packets moving across the network.

With multiple high-speed processors optimized for performance, these firewalls are built to deliver exceptionally fast deep packet inspection (DPI) throughput of both unencrypted and encrypted traffic.

For example, the SOHO 250 delivers a 50 percent increase in threat prevention throughput over the current SOHO, while the TZ350 provides a 25 percent increase over the TZ300, which is a workhouse in its own right.

Both include a wireless controller and optional integrated wireless connectivity. For extended wireless coverage, you can attach one of our SonicWave 4×4 or 2×2 802.11ac Wave 2 access points.

Zero-Touch Deployment for Firewalls

Of course, speed and security don’t get a new franchise up and running, especially if your new site is thousands of miles away from corporate.

You could send someone to each location to install and configure the firewalls locally, but that’s costly and time-consuming. Ideally, you would ship a new firewall to each site, have someone in the store or office plug it in, connect it to the internet and have a pre-defined configuration pushed to the device and it’s up and running.

Sounds too good to be true, right? Well, that’s what happens with SonicWall Zero-Touch Deployment.

With SonicWall Secure SD-WAN and Zero-Touch Deployment, cloud-based deployment of remote firewalls is as simple as register, connect, power up and manage.

Available in the Capture Security Center, SonicWall’s cloud-based central management console, Zero-Touch Deployment simplifies the deployment and configuration of firewalls at remote sites.

Just register the new SOHO 250 or TZ350 firewalls, ship them to the new site, have someone power it up and connect the device to the internet. It’s now operational and manageable.

The configuration and policies you created can then be pushed to the firewall through Capture Security Center, which also enables cloud-based central management of the firewalls and wireless access points.

SonicOS 6.5.4: New Features & Enhancements

SOHO 250 and TZ350 series firewalls run SonicOS 6.5.4, the latest release of SonicWall’s operating system for our next-generation firewalls. SonicOS 6.5.4 includes over 25 new features and enhancements covering networking, security, wireless, authentication, logging and auditing, and more.

A key feature in SonicOS for organizations with remote and branch sites is Secure SD-WAN. Connecting sites to share business-critical cloud applications can be costly. Instead of relying on more expensive legacy WAN technologies like MPLS, organizations use Secure SD-WAN to connect sites through publicly available lower-cost internet services, such as broadband, cable and 3G/4G. They can then deliver SaaS-based applications to each location securely and reliably at a much lower price.

Whether your site is a small or home office, or it’s a franchise that’s part of a larger organization, SonicWall has a TZ series firewall that fits your needs and your budget.

SonicWall Recognized on CRN’s 2019 Security 100 List

/0 Comments/in /by

CRN has named SonicWall one of the 20 Coolest Network Security Vendors on its annual Security 100 list. This list recognizes the coolest security vendors in each of these five categories: Endpoint Security; Identity Management and Data Protection; Network Security; SIEM, Risk and Threat Intelligence; and Web, Email and Application Security.

The companies on CRN’s Security 100 list have demonstrated innovation and creativity in product development as well as a strong commitment to delivering those offerings through a vibrant channel of solution providers. CRN is a brand of The Channel Company.

“CRN’s 2019 Security 100 list identifies top technology companies that are meeting high levels of demand with the most innovative security solutions on the market, enabling businesses to grow uninterrupted,” said Bob Skelley, CEO of The Channel Company. “The core elements of today’s businesses all depend upon secure, reliable cybersecurity solutions.”

In addition to recognizing security technology vendors for outstanding products and services, the Security 100 list serves as a respected guide for solution providers trying to navigate the IT security market. The list helps prospective channel partners to identify the vendors that can best help them improve or expand their security offerings.

This announcement comes at a time of forward momentum for SonicWall. In addition to growing our global sales team, we have increased our marketing investment and continue to strategically focus on providing innovative products and services to enterprise, SMB and government customers.

The Security 100 list will be featured in the February 2019 issue of CRN and online at www.crn.com/security100.

Critical vulnerability in WinRAR exposed

/in /by

A remote code execution vulnerability has been reported in WinRAR, exposing 500 million users to a possible attack. The vulnerability is due to improper handling of the relative path of a file in an ACE archive, which leads to directory traversal. A remote attacker could exploit this vulnerability by enticing a target user to open a maliciously crafted ACE file. Successful exploitation of the vulnerability could lead to arbitrary code execution in the context of the user.

WinRAR:

WinRAR from RARLAB is a popular file-archiving utility for Windows, which can create and allow viewing of archives in RAR data archive compression format. It can also unpack files of multiple third party formats, such as ZIP, ACE, CAB, and so on.

CVE-2018-20250:

A path traversal vulnerability is reported in a third party dynamic link library, unacev2.dll. WinRAR makes use of this library for unpacking ACE archive files. ACE archive specifies an input file path into which files gets extracted. While unpacking ACE files, input file path gets validated. However, the current validation can be bypassed by tweaking the file path, allowing path traversal attacks. An attacker can craft a ACE archive file, disguised as a RAR file, that when opened by WinRAR, exploits a path traversal vulnerability in unacev2.dll to trick the archiving tool  into extracting files to an arbitrary path or to a computer’s startup folder (files that reside in the Startup folders get executed on every startup). 

Fix
Upgrade to the latest WinRAR version to resolve the issue
WinRAR prior to 5.70 beta 1 are affected by this vulnerability

SonicWall Threat Research Lab provides protection against this exploit with the following signatures:

SPY: 5408 Malformed-File ace.TL.1
SPY: 5411 File-Format ace

Cyber Security News & Trends – 02-22-19

/0 Comments/in /by

This week, ATM hacking is so easy cybercriminals turn it into a game, the flaws in blockchain are investigated, and the British Labour Party lockdown their data.

SonicWall Spotlight

January 2019 Cyber Threat Data: New Year, New Malware Attack Variants – SonicWall Blog

  • SonicWall’s threat blog for January 2019 finds that while overall malware attacks are dropping, the variants of malware are growing with twice as many new threats diagnosed compared to the same time last year.

Cyber Security News

Once Hailed as Unhackable, Blockchains Are Now Getting Hacked – MIT Technology Review

  • MIT Technology review traces how all blockchain technology payments like Bitcoin are vulnerable to “51% Attacks” due to the inherent structure of blockchain. Renting enough mining power to attack bitcoin would cost more than $260,000 per hour but, with lesser-known blockchain currencies, this figure drops dramatically.

Russian Hackers Targeted European Research Groups, Microsoft Says – New York Times

  • Microsoft reports that the hacker group Fancy Bear, often associated with Russian intelligence, are targeting European think tanks and NGOs in the lead up to the 2019 European Parliament election. Russian officials deny any links to the group.

Data-Spewing Spectre Chip Flaws Can’t Be Killed by Software Alone, Google Boffins Conclude – The Register (UK)

  • Although Intel announced hardware fixes for some of the Spectre vulnerabilities in 2018, Google researchers have concluded that the proposed solution of simply fixing the remaining issues with software is not a viable option.

ATM Hacking Has Gotten so Easy, the Malware’s a Game – Wired

  • ATM hacking is usually seen as easily preventable if basic cybersecurity protocols are followed. However, many ATMs worldwide simply never receive updates. As a result, theft from ATMs has become so easy that some hackers have turned their hacking malware into a game.

Ransomware Attacks Classified as a Felony Under Proposed Maryland Bill – Health IT Security

  • Proposed legislation in Maryland wants to lower the financial threshold for a ransomware attack to be considered as a felony from $10,000 to $1,000 USD.

POS Firm Says Hackers Planted Malware on Customer Networks – ZDNet

  • A Point of Sale (POS) company based in Minnesota announced that a security breach in January 2019 led to almost 140 of its customers being affected by malware. Full details are not available, but it is likely that any card details used on the POS systems while the malware was active were compromised.

When Cyberattacks Pack a Physical Punch – Threat Post

  • “Physical” cyberattacks, where hardware is compromised or physical infrastructure like a burglar alarm is attacked, now count for more than one in ten data breaches. Threat Post investigates the shrinking gap between cyber and physical security.

Data Breach Rumours Abound as UK Labour Party Locks Down Access to Member Databases – The Register (UK)

  • The UK Labour Party announced this week that its databases would be unavailable after confirmed access by “individuals who are not, or are no longer, authorised to do so.” It is likely this refers to the recently launched Independent Group of breakaway MPs who made headlines leaving the party this past week.

In Case You Missed It

Protected Ransomware actively spreading in the wild.

/in /by

The SonicWall Capture Labs Threat Research Team observed reports of a new variant family of Protected Ransomware [Protected.RSM] actively spreading in the wild.

This time hackers claim that they tried to save your personal files from other hacker by encrypting them!

The Protected Ransomware encrypts the victims files with a strong encryption algorithm until the victim pays a fee to get them back.

Contents of the Protected ransomware

Infection Cycle:

The Ransomware adds the following files to the system:

  • Malware.exe
    • %App.path%\ RESTORE_FILES.txt
    • %App.path%\ [File Name].protected
    • %Userprofile\Desktop %\ RESTORE_FILES.txt
      • Instruction for recovery

Once the computer is compromised, the Ransomware runs the following commands:

The Ransomware encrypts all the files and appends the [.Protected]  extension onto each encrypted file’s filename.

After encrypting all personal documents the Ransomware shows the following txt file containing a message reporting that the computer has been encrypted and to contact its developer for unlock instructions.

SonicWall Capture Labs provides protection against this threat via the following signature:

  • GAV: Protected.RSM (Trojan)