Bill Conner: We Need a ‘Single, Comprehensive National Cybersecurity Strategy’

/0 Comments/in , /by

Some call him vocal. Others say he has passion.

But no matter your preferred adjective, there’s no mistaking Bill Conner’s unwavering commitment toward improving cybersecurity policy in the U.S.

After witnessing a year of high-profile breaches and a number of well-intentioned strategies, Conner penned a new opinion piece for The Hill, “Two cybersecurity policies, one clear new objective,” which outlines next steps for policymakers.

Conner, SonicWall’s president and CEO, applauds their direction. But he also feels some parts are disjointed and there should be better focus on integrating the government’s newest pair of policies: the National Institute of Standards and Technology (NIST) Small Business Cybersecurity Act and the National Cyber Strategy of the United States of America.

“What we have learned from the numerous breaches in the public and private sectors is that the foundation of the internet is a digital supply chain that must be defended from end to end …”

Bill Conner
SonicWall President & CEO

“What we have learned from the numerous breaches in the public and private sectors is that the foundation of the internet is a digital supply chain that must be defended from end to end; the smallest player has proven to be an effective entry point for mischief,” Conner outlined on The Hill.

The digital supply chain isn’t discussed enough. Business isn’t conducted in disparate networks or environments. Organizations big and small are virtually linked through contracts, partnerships, agreements and an untold number of networks. This means that cybercriminals can attack smaller organizations to gain lateral access to their true targets — often large enterprises or government agencies.

“To deliver robust, cost-effective cybersecurity strategies for small- and medium-sized businesses (SMB), enterprises and government agencies, we must align both sets of guidelines to create a single, comprehensive national cybersecurity strategy,” said Conner, who co-chaired the Corporate Governance Task Force of the U.S. Department of Homeland Security National Cybersecurity Partnership, helped unveil the INTERPOL Global Smart eID Card and addressed the United Nations on global challenges in cybercrime.

To move toward that objective, Conner prescribed three key transformations for the U.S. government, which are outlined in his featured commentary on The Hill.

Why SMBs Continue to Drive Growth in Managed Security Demand

/0 Comments/in /by

by Charles Ho
SonicWall Outside Regional Sales Director

Large enterprises, like Facebook and Under Armor, continue to spend millions of dollars protecting their businesses from cyberattacks but still end up in the headlines — and not in a good way.

This hasn’t changed much since the first mega-breaches in 2013 and 2014. While they’ve incurred substantial fines or have lost significant reputation, most of these large enterprises have stayed in business.

This is not the case when we look at small- and medium-sized businesses (SMB), where a staggering 60 percent fail within six months of a cyberattack. When you take into consideration that 32 percent of SMBs were hit by at least one malware attack, this means one in five small businesses are closing down.

The disproportion will continue to grow as the gap in security protection between large enterprises and SMBs widens.

Governments around the world have already started taking action, from the recently signed NIST Small Business Cybersecurity Act in the U.S., to the Notifiable Data Breaches (NDB) scheme in Australia, to GDPR in the EU. However, the responsibility of staying protected ultimately sits with these SMBs.

SMB Cyber Security Requires Measured Strategy, Self-Awareness

SMBs must make a decision of protecting themselves or outsourcing the problem to a managed security service provider (MSSP). The solution is much more complex than simply installing antivirus or a firewall, so I’m going to oversimplify and break it into two pieces:

  • Procuring and implementing security technology and controls
  • Operating the technology and responding to cyberattacks that bypass security controls

The first component, the cost to the customer, is roughly the same whether they implement and manage cyber security themselves or outsource it to a partner. Although, a partner can make the process smoother and the technology easier to consume.

But let’s take a closer look at the second piece, which is the amount of effort needed for an average customer to respond to today’s threat landscape. First, let’s make some assumptions around the environment, both internally and externally:

  • The technology you’ve implemented is 100 percent effective against known cyber attacks
  • The combination of different security technology and controls gives you 99.9 percent effectiveness against unknown attacks. (While many may claim, there is no silver bullet in security.)
  • Last year, more than 350,000 new variants of malware were found daily
  • You’re exposed to 1 percent of threats seen globally – unlike advanced persistent threats (APT), the majority of threats like ransomware and cryptojacking take a “spray-and-pray” approach.

Quantifying SMB Cyber Security Effectiveness

Based on these assumptions, each SMB, on average, faces a handful of cyberattacks not blocked by any layer of protection. These attacks, ultimately, need to be investigated and mitigated via human interaction.

Depending on the scope of these incidents, it can take a matter of hours or days to remediate the problem. However, let’s assume each incident takes four hours for an analyst to resolve. This means that each SMB requires more than 1.5 dedicated headcount — to deal with this problem each day.

Here lies the fundamental problem to Scenario 1 listed above. SMBs can neither afford to hire dedicated security personnel, nor is there sufficient expertise in the workforce to fill that gap.

The result? A dire need for managed security services (MSS), especially for SMBs. If you’re already an MSP and have a set of loyal customers, extending your portfolio to include cyber security is simply a no-brainer. Leverage your existing managed service infrastructure and expertise to take advantage of one of the fastest-growing market opportunities: managed security.

This story originally appeared on MSSP Alert and was republished with permission.

Argus Ransomware actively spreading in the wild.

/in /by

The SonicWall Capture Labs Threat Research Team observed reports of a new variant family of Argus Ransomware [Argus.RSM] actively spreading in the wild.

Argus encrypts the victims files with a strong encryption algorithm until the victim pays a fee to get them back.

Contents of the Argus Ransomware.

Infection Cycle:

The Ransomware adds the following files to the system:

  • Malware.exe
    • %Userprofile \audiodg.exe [Executable Dropper ]
    • %App.path%\ [File Name]. ARGUS
    • %Userprofile\Desktop %\ ARGUS-DECRYPT.html
      • Instruction for recovery

Once the computer is compromised, the Ransomware runs the following commands:

 

The Ransomware performs process injection techniques into Csrss.exe process to hide its own codes into a legitimate process.

 

The Ransomware encrypts all the files and appends . Argus extension onto each encrypted file’s filename.

 

After encrypting all personal documents the Ransomware shows the following webpage containing a message reporting that the computer has been encrypted and to contact its developer for unlock instructions.

 

SonicWall Capture Labs provides protection against this threat via the following signature:

  • GAV: Argus.RSM (Trojan)

 

Cyber Security News & Trends – 11-16-18

/0 Comments/in /by

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

SonicWall Secures Hybrid Clouds by Simplifying, Enhancing Deployment for Enterprises, SMBs – SonicWall Press Release

  • This week SonicWall announced a major expansion of their Capture Cloud Platform including secure SD-WAN, Zero-Touch Deployment, and personalized cyber threat intelligence.

Congress Passes Bill Creating Cybersecurity Agency at DHS – Security Week

  • SonicWall CEO Bill Conner talks to Security Week with his thoughts on why the Cybersecurity and Infrastructure Security Agency (CISA) Act is paramount for securing critical digital infrastructure.

Free SD-WAN Capability Highlights New SonicWall Capture Cloud Platform Announcements – Channel Buzz (Canada)

  • SonicWall’s Lawrence Pingree talks to Channel Buzz about SonicWall’s recent product expansion announcement and how he sees SonicWall’s position now compared to 12 months ago.

13 Tech Experts Share What Facebook Should Do Post-Data Breach

  • Bill Conner, CEO of SonicWall, is featured as a member of the Forbes Tech Council highlighting why good policy is important for a company like Facebook if they want to be able to recover from a data breach.

Cyber Security News

Researchers Discover Seven New Meltdown and Spectre Attacks – ZDNet

  • A team of researchers have found that new variants of Meltdown and Spectre are being released. SonicWall confirmed that Capture ATP cloud sandbox with Real-Time Deep Memory Inspection will stop them.

Nordstrom Blames Breach of Employee Data on Contractor – BankInfoSecurity

  • US department store Nordstrom suffered from an internal breach of employee data in October and have pinned the problem on a contractor.

Scare Force: Pakistan Military Hit by Operation Shaheen Malware – The Register (UK)

  • The Pakistan Air Force and Government have been hit with a concentrated phishing and malware campaign according to new research by Cylance.

Mozilla: Firefox Will Start Alerting You to Recently Breached Sites – ZDNet

  • Firefox Monitor, previously a separate website, is being expanded and integrated into the Firefox web browser and will inform users with an alert if a website being visited has had a breach reported in the previous 12 months.

2018 on Track to Be One of the Worst Ever for Data Breaches – Dark Reading

  • A new report says that 2018 is currently only behind 2005 when it comes to data breaches, with up to 3.6 billion records compromised so far.

Ahead of Black Friday, Rash of Malware Families Takes Aim at Holiday Shoppers – Threat Post

  • As many as fourteen types of malware are found to be readying themselves to take advantage of unsuspecting online shoppers.

A Leaky Database of SMS Text Messages Exposed Password Resets and Two-Factor Codes – Tech Crunch

  • An exposed server was found with tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more all easily accessible.

In Case You Missed It

Monitor & Optimize Your Cybersecurity Posture with Real-Time Risk Metering

/0 Comments/in /by

Modern organizations understand the criticality of having the best possible cyber defense to defend against malicious actions of skillful cybercriminals. Most firms today employ various cybersecurity tools designed to help prevent inevitable attacks from wreaking havoc and causing data loss.

“The increase in internet-connected devices and cloud application usage exacerbates the situation as threat vectors expand beyond the traditional corporate perimeter.”

Yet, why do CIOs and CISOs, and their security teams, still caution about the state of their organization’s security posture?

Simply, it’s because new scams, vulnerabilities, exploits, malware and hacking techniques used in cyberattacks represent an ongoing risk. The increase in internet-connected devices and cloud application usage exacerbates the situation as threat vectors expand beyond the traditional corporate perimeter.

Typical threat vectors include the network, web, cloud, applications, endpoints, mobile devices, databases and even the Internet of Everything (IoE) — all are possible defenseless launch pads bad actors use to attack their victims.

Thus, the pressing concerns we often hear from our customers, with regards to their security operations, are about understanding their risk profile and responding to risks. However, the lack of visibility and awareness of daily security situations makes it nearly impossible to determine the proper responses.

A data breach happens quickly. During such a security incident, figuring out where risks exist, the current reality of their security posture and, ultimately, what security actions are necessary are top security priorities. Security-conscious organizations need an easy and reliable way to:

  • Analyze and measure their security posture in real time
  • Perform ‘what-if’ analysis on various defense layers
  • Identify defensive actions needed to remove present risks

Manage Cyber Risks via SonicWall Risk Meters

To solve these three core security challenges, SonicWall introduces Risk Meters, a powerful risk management service that provides personalized threat information and risk scoring adapted to individual situations.

A new capability of the Capture Security Center, Risk Meters help reveal weaknesses in current defensive layers and guides immediate and necessary defensive actions for a specific environment.

Risk Meters provides real-time display of live attacks, coupled with detailed graphs and charts, that capture malicious activities at the specific defense layer that could result in compromised networks, systems and data residing on-premises or in the cloud.

Capture Security Center Risk Meters
Restrict the focus on incoming attacks in a specific environment
Display live attacks in real-time
Categorize attackers’ malicious actions at the specific defense layer
Update computed risk score and threat level based on live threat data relative to existing defense capabilities
Underscore current security gaps where preventable threats get through due to missing defenses
Promote immediate defensive actions in response to prevent all incoming threats

How Risk Meters Work

Available in January 2019, the Risk Meters service categorizes attackers’ actions, underscores current security gaps where preventable threats get through due to missing defenses, and presents appropriate responses to neutralize incoming threats. The solution can be tailored to a specific environment by compiling and accurately parsing threat information exclusive to an environment.

Additionally, Risk Meters continuously update computed risk score and threat level based on live threat data relative to existing defense capabilities. These logical scores may be used to guide security planning, policy and budgeting decisions.

Risk Meters enable precise defensive measures that optimize network, cloud, web and endpoint defenses, and shrinks the threat surface and susceptibility to cyberattacks.

Such measures include turning on SSL/TLS inspection, application visibility, sandboxing services, processor and memory scanning, and/or next-generation antivirus (NGAV). These, in turn, enable organizations to catch the most evasive malware hiding inside encrypted traffic, ransomware and never-before-seen malware variants.

With actionable threat data at your fingertips, Risk Meters empowers you to shrink the threat surface and susceptibility to cyberattacks, guide security planning, policy and budgeting decisions, and bolster your security posture.

Measure Your Organization’s Cyber Risk Score

The SonicWall Capture Security Center Risk Meters service will be available in January 2019 to deliver personalized threat information and risk-scoring that reveals gaps in defensive layers, fosters decisive security planning and facilitates actions needed for an optimal cyber defense.

LEARN MORE

Choosing a Firewall with PoE Integration

/0 Comments/in /by

If you’ve ever hung holiday lights on your house, you know what a chore it can be to run the wiring. Unless you have a lot of power outlets scattered around your property, you likely have one long string of lights attached to a power source.

The entire process is time-consuming and often a little frustrating. Although, the end result can be spectacular and festive.

In some ways, setting up network devices for an office, campus or retail location provides a similar experience. Printers, access points, security cameras, IP phones, point of sale (POS) terminals and other devices need power and a connection to a switch or firewall/router.

Typically, this means placing each device near an outlet and running cables through walls and plenum spaces. I did this for my home network with one of my sons. We ran power cords and Ethernet cables through book cases and under the floor. But was there a better way?

What is PoE?

Hanging the holiday lights was a great learning experience for him and we got to use some power tools. However, the ideal solution would have involved fewer cables and cords — something a firewall with power over Ethernet (PoE) can provide.

If you have a mid-size or larger network, there’s a good chance you have a PoE switch to provide power to your PoE-enabled devices. It’s a good solution, although there is a cost to purchase the switch.

If you have a smaller network, with only a few devices that need power and you don’t want to spend the money to buy a PoE switch, a firewall with built-in power over Ethernet is your answer. Fortunately, SonicWall can help.

Using Firewalls with PoE Integration

Designed for small organizations and distributed enterprises with remote and branch offices, the SonicWall TZ600P and TZ300P integrate support for PoE and PoE+ devices. These Unified Threat Management (UTM) firewalls help reduce both the cost and complexity associated with PoE injectors and switches by providing power directly to connected PoE-enabled devices, such as wireless access points, POS terminals, printers, cameras and other IP devices.

Instead of two cables, there’s one. And you don’t need to place the device near an outlet, which helps when you’re designing your office or store layout. Plus, you don’t need to spend your budget on a PoE switch. Both firewalls support the IEEE 802.3af (PoE) and more powerful 802.3at (PoE+) standards, which newer devices require.

SonicWall TZ600P and TZ300P deliver integrated PoE to help remove wire clutter and deployment complexity.

PoE/PoE+ support is just one of the many features included with TZ series firewalls. In addition, the TZ600P and TZ300P consolidate a host of essential security and networking features. For example, small organizations, including retail shops, can utilize high-speed 802.11ac wireless for internal and customer/guest connectivity while segmenting traffic for each group using virtual LANs.

Larger distributed enterprises can take advantage of these same capabilities while connecting locations using site-to-site VPN. There’s also Secure SD-WAN, SonicWall’s implementation of software-defined networking in a wide area network. Secure SD-WAN helps distributed organizations reduce the cost and complexity of building a secure private network using expensive MPLS technology.

Bringing up new sites is simplified using Zero-Touch Deployment, which removes the need for onsite personnel to provision the firewall. If you do have multiple sites to manage, the SonicWall Capture Security Center enables single-pane-of-glass management for SonicWall devices via the cloud.

Of course, the big benefit is security. This year alone, we’ve seen more high-profile network breaches across multiple industries. The TZ600P and TZ300P help stop breaches and other cyberattacks, including ransomware, cryptojacking and more.

SonicWall firewalls were validated for their high security effectiveness and overall value by NSS Labs again in 2018, so you can feel confident your data and your customers’ information are secure from cybercriminals. Learn more about how TZ series firewalls can fit into your small or distributed enterprise network.

Microsoft Security Bulletin Coverage for November 2018

/in /by

SonicWall Capture Labs Threat Research Team has analyzed and addressed Microsoft’s security advisories for the month of November 2018. A list of issues reported, along with SonicWall coverage information are as follows:

CVE-2018-8256 Microsoft PowerShell Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2018-8407 MSRPC Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2018-8408 Windows Kernel Information Disclosure Vulnerability
ASPY 5317 : Malformed-File exe.MP.44
CVE-2018-8415 Microsoft PowerShell Tampering Vulnerability
There are no known exploits in the wild.
CVE-2018-8416 .NET Core Tampering Vulnerability
There are no known exploits in the wild.
CVE-2018-8417 Microsoft JScript Security Feature Bypass Vulnerability
IPS 13877 : Microsoft JScript Security Feature Bypass Vulnerability (NOV 18)
CVE-2018-8450 Windows Search Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2018-8454 Windows Audio Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2018-8471 Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2018-8476 Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
IPS 13879 :Windows Deployment Services TFTP Server Vulnerability (NOV 18)
CVE-2018-8485 DirectX Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2018-8522 Microsoft Outlook Remote Code Execution Vulnerability
ASPY 5318 : Malformed-File rwz.MP
CVE-2018-8524 Microsoft Outlook Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2018-8539 Microsoft Word Remote Code Execution Vulnerability
ASY 5319 : Malformed-File doc.MP.46
CVE-2018-8541 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2018-8542 Chakra Scripting Engine Memory Corruption Vulnerability
IPS 13884 : Chakra Scripting Engine Memory Corruption Vulnerability (NOV 18) 5
CVE-2018-8543 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2018-8544 Windows VBScript Engine Remote Code Execution Vulnerability
IPS 9436 : Microsoft Scripting Object Use-After-Free (MS13-099)
CVE-2018-8545 Microsoft Edge Information Disclosure Vulnerability
IPS 13883 : Microsoft Edge Information Disclosure Vulnerability (NOV 18)
CVE-2018-8546 Microsoft Skype for Business Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2018-8547 Active Directory Federation Services XSS Vulnerability
There are no known exploits in the wild.
CVE-2018-8549 Windows Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2018-8550 Windows COM Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2018-8551 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2018-8552 Windows Scripting Engine Memory Corruption Vulnerability
IPS 13878 : Windows Scripting Engine Memory Corruption Vulnerability (NOV 18)
CVE-2018-8553 Microsoft Graphics Components Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2018-8554 DirectX Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2018-8555 Chakra Scripting Engine Memory Corruption Vulnerability
IPS 13880 : Chakra Scripting Engine Memory Corruption Vulnerability (NOV 18) 2
CVE-2018-8556 Chakra Scripting Engine Memory Corruption Vulnerability
IPS 13881 : Chakra Scripting Engine Memory Corruption Vulnerability (NOV 18) 3
CVE-2018-8557 Chakra Scripting Engine Memory Corruption Vulnerability
IPS 13882 : Chakra Scripting Engine Memory Corruption Vulnerability (NOV 18) 4
CVE-2018-8558 Microsoft Outlook Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2018-8561 DirectX Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2018-8562 Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2018-8563 DirectX Information Disclosure Vulnerability
IPS 13885 : DirectX Information Disclosure Vulnerability (NOV 18)
CVE-2018-8564 Microsoft Edge Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2018-8565 Win32k Information Disclosure Vulnerability
ASPY 5316 : Malformed-File exe.MP.43
CVE-2018-8566 BitLocker Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2018-8567 Microsoft Edge Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2018-8568 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2018-8570 Internet Explorer Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2018-8572 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2018-8573 Microsoft Word Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2018-8574 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2018-8575 Microsoft Project Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2018-8576 Microsoft Outlook Remote Code Execution Vulnerability
ASPY 5318: Malformed-File rwz.MP
CVE-2018-8577 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2018-8578 Microsoft SharePoint Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2018-8579 Microsoft Outlook Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2018-8581 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2018-8582 Microsoft Outlook Remote Code Execution Vulnerability
ASPY 5318 : Malformed-File rwz.MP
CVE-2018-8584 Windows ALPC Elevation of Privilege Vulnerability
IPS 5313 : Malformed-File exe.MP.42
CVE-2018-8588 Chakra Scripting Engine Memory Corruption Vulnerability
IPS 13876 : Chakra Scripting Engine Memory Corruption Vulnerability (NOV 18) 1
CVE-2018-8589 Windows Win32k Elevation of Privilege Vulnerability
ASPY 5312 : Malformed-File exe.MP.41
CVE-2018-8592 Windows Elevation Of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2018-8600 Azure App Service Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2018-8602 Team Foundation Server Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2018-8605 Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2018-8606 Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2018-8607 Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2018-8608 Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2018-8609 Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability
There are no known exploits in the wild.

Adobe Coverage

APSB18-40
CVE-2018-15979 Acrobat Reader Information Disclosure Vulnerability
ASPY 5314:Malformed-File pdf.MP.323
APSB18-39
CVE-2018-15978  Flash Player Out-of-bounds Read
ASPY 5315 :Malformed-File swf.MP.596

What is Secure SD-WAN and How Can It Save Me Money?

/0 Comments/in /by

No matter your type of organization — large or small, public or private — cutting expenses is always a key initiative. After all, reducing your OpEx looks good on the books and enables the company to invest in other meaningful initiatives.

One cost every organization faces is internet connectivity. Access to the internet is essential for communications, website hosting, sharing files, serving up apps and a host of other activities. But it can be expensive, especially if your organization has multiple offices, branches or stores.

Today’s broadband users, whether employees or customers, define their experience by performance rather than availability. We don’t just expect to have access to apps and videos, we demand that they perform in real time. Any delay is met with complaints and a call for more bandwidth, which increases expenses.

How to Securely Connect, Network Remote Locations

When you have a distributed network with branch or remote locations, they need to be securely connected with each other and the corporate headquarters. This can be done using several techniques. One common method is multiprotocol label switching (MPLS). Using MPLS, organizations can create a private wide-area network (WAN) to securely send data between locations via the shortest path available without going through the public internet.

“Integrated security features with SD-WAN are table stakes for most enterprises adopting the technology.”

Mike Fratto
Analyst
451

MPLS supports multiple connection types, including T1 and frame relay. The problem? These connections have to support an increasing number of connected devices and bandwidth-intensive applications that demand higher speeds, which means they’re expensive. That’s why many distributed organizations are moving to SD-WAN (software-defined wide-area network).

“For SD-WAN to be a viable alternative to private WANs, enterprises need to ensure they have the same level of inspection and enforcement at the branch and remote sites as they have at the data center,” said Mike Fratto, analyst at 451, in SonicWall’s official launch announcement. “Integrated security features with SD-WAN are table stakes for most enterprises adopting the technology.”

Reduce Costs with Secure SD-WAN

To help organizations reduce their costs while still receiving secure and consistent performance for business-critical applications, SonicWall offers Secure SD-WAN. A feature of SonicOS 6.5.3, the operating system for SonicWall TZ and NSa firewalls, Secure SD-WAN technology enables distributed organizations to build, operate and manage secure, high-performance networks using readily-available, low-cost public internet services, such as DSL, cable and 3G/4G.

An alternative to more expensive WAN connection technologies, including MPLS, Secure SD-WAN enables virtually any organization — retailers, banks, manufacturers and others — to connect sites spread over great distances for the purpose of sharing data, applications and services. Features such as intelligent failover and load balancing help ensure consistent performance and availability of critical business and SaaS applications.

And, unlike solutions from pure-play SD-WAN providers, Secure SD-WAN doesn’t require you to purchase additional hardware or licenses.

Secure SD-WAN: Safe, Fast & Reliable

Reducing expenses is always a priority for every organization. What else is? Here are some other key issues Secure SD-WAN helps distributed enterprises solve:

  1. Protect your network from cyber criminals. Both encrypted and unencrypted traffic run through a SonicWall next-generation firewall to be scanned for threats, such as malware and ransomware, ensuring maximum threat detection and prevention. If you have a separate SD-WAN-only solution, you’ll need to make sure you also have a way to protect data from modern cyberattacks, such as encrypted threats and ransomware.
  2. Achieve consistent, optimized application performance. Realize faster, more consistent performance for SaaS and business-critical applications, such as VoIP, video and unified communications, through capabilities such as deterministic application performance, which steers the apps over less-congested links to overcome jitter, latency, packet loss and other unfavorable network conditions.
  3. Enhance agility. Using SonicWall Zero-Touch Deployment, bringing up new sites is greatly simplified. Provisioning hardware remotely removes the need to have onsite IT personnel perform the task. In addition, IT administrators can manage the entire network, including devices at SD-WAN-enabled branch/remote locations, through a single pane of glass using Capture Security Center, SonicWall’s cloud-based management and analytics platform.

Learn more about how SonicWall can help your distributed enterprise reduce costs and complexity while enhancing security by switching from expensive MPLS to Secure SD-WAN.

SonicWall’s Multi-Cloud Offering Extends to Hyper-V Private Clouds with Flexible Licensing

/0 Comments/in /by

Technology and data usage are changing at a rapid pace. Finding a way to store, manage and distribute data is a major challenge. Plus, the need for compute and storage grows at unprecedented rates. You need to buy racks, then hire staff to configure, maintain and monitor appliances.

It’s a no-brainer that cloud adoption is becoming inevitable.

According to a recent study by RightScale, more than 81 percent of enterprises have a multi-cloud strategy in place. Of this group, 51 percent have embraced hybrid cloud environments, while 21 percent use multiple public clouds and 10 percent have various private cloud strategies.

Cloud adoption drives business growth by increasing agility and innovation, while reducing cost. According to Gartner, by 2020 a “No-Cloud” policy will be as rare as a “No-Internet” policy is today. So, you can imagine the importance of secure cloud adoption. It is the future.

Private Cloud Security from SonicWall

In line with this, SonicWall continues to expand its cloud offering with added support of the Microsoft Hyper-V platform on SonicWall Network Security virtual (NSv) firewall series, along with new flexible licensing options. SonicWall also recently announced support for AWS* and Azure platforms.

Hyper-V support is available across the full suite of NSv firewalls. The flexible licensing model introduces a non-perpetual method of licensing your firewalls. Securing data wherever it resides should be consistent and seamless, providing you increased flexibility and an improved security posture.

Do I Need Virtual Firewalls?

While securing the cloud is a must, it is not an easy task. Gartner predicts that through 2020, 95 percent of cloud security failures will be the customer’s fault. And according to Research and Markets, the cloud data center market is expected to reach $67.5 billion by 2023.

With the widespread adoption of virtualization, it becomes increasingly critical to secure workloads and data across your multi-cloud deployment. Virtual firewalls can be deployed quickly, driving productivity and innovation. By being virtual, there is a huge benefit of shifting from CapEx to OpEx models.

Virtual firewalls, like NSv, address some of the critical needs of public cloud security. Below are some of the key benefits of leveraging NSv to protect your public cloud infrastructure and resources.

  • Gain complete visibility into virtual environment for threat prevention
  • Implement proper security zoning and ensure appropriate placement of policies
  • Defend against zero-day vulnerabilities with SonicWall Capture ATP
  • Prevent service disruptions in the virtual ecosystem
  • Gain centralized control and visibility with single-pane-of-glass management via Capture Security Center
  • Leverage agility and scalability without performance impact
  • Maintain security governance, compliance and risk management

Plus, as the threat landscape evolves and takes advantage of various vulnerabilities in the cloud and virtual workloads, it is essential to secure cloud infrastructure. Some of the common type of attacks include cross-virtual machine attacks and side-channel attacks, like PortSmash and Foreshadow.

Virtual firewalls can be used to defend against information threats and protect against unauthorized takeover of virtual machines (VMs). It can provide security at every level of the virtual environment, providing granular security posture control.

What Cloud Platforms do SonicWall Virtual Firewalls Support?

With NSv virtual firewalls you can leverage next-gen firewall capabilities across your multi-cloud deployments. Platform support currently extends to ESXi, Azure, AWS* and Hyper-V*.

How Can I Purchase NSv?

Previously, NSv was available only via perpetual licensing. To solve the challenge of relying just on perpetual model licensing and provide flexibility to our customers, SonicWall introduces non-perpetual licensing for NSv. This is an additional offering to the current SonicWall perpetual licensing model.

SonicWall licensing models provide customers the flexibility to choose perpetual licensing or non-perpetual licensing based on their requirements.

Non-Perpetual Licensing Model

Non-perpetual licensing is ideal for those who require a short-term solution and agile deployments. It’s a single bundle for firewall software, security and support services, making it simple to purchase these appliances. Once the period ends, all services expire at the same time. Customers are notified via MySonicWall before service expiration.

The non-perpetual licensing model is available via the three options: IPS/App Control Subscription, TotalSecure Subscription and TotalSecure Advanced Subscription, which is available over a one-year period.

Service Offering Type Bundled Service
IPS/App Control Subscription NSv Software + IPS + App Control + Support
TotalSecure Subscription NSv Software + CGSS + Support + CSC
TotalSecure Advanced Subscription NSv Software + AGSS + Support + CSC

Perpetual Licensing Model

Perpetual licensing is SonicWall’s traditional licensing model where firewall services do not expire, while security and support services do. Perpetual licensing is suitable to customers that require long-term solutions.

Virtual Firewall Promo: NSa/NSsp with NSv

The SonicWall NSv promo enables organizations to extend the next-gen security of their private data center to the public cloud and ensure end-to-end security of their multi-cloud environment.

Organizations can test drive SonicWall virtual firewalls at no additional cost or commitment to see if it fits their needs and requirements.

  • Test drive an NSv with a TotalSecure subscription for one year at no additional cost
  • Get an NSv TotalSecure subscription with Comprehensive Gateway Security Service (CGSS), Capture Security Center and 24×7 support
  • Requires eligible SonicWall NSa or NSsp firewall with an active AGSS/CGSS subscription
  • Deploy NSv firewalls across public and private cloud platforms, including ESXi, Azure, AWS* and Hyper-V*
GET THE PROMO DETAILS

To take advantage of the SonicWall NSv virtual firewall promo, please contact your dedicated SonicWall SecureFirst partner or reach out to SonicWall online.

What to Look for in a Next-Gen Virtual Firewall

To best capitalize on virtualization trends, IT must operationalize the complete virtualization of computing, networking, storage and security in a systematic way. A new approach is required to select an appropriate and effective next-generation virtual firewall solution. Download our exclusive brief to explore fundamental capabilities, core solution requirements and best practices.

GET THE BRIEF

* Hyper-V and AWS availability pending.

Security for Multi-Cloud Strategies: How SonicWall Safely Guides Organizations to a Virtualized, Cloud-Connected World

/0 Comments/in /by

Not every organization adopts new technology with the same gumption and fervor. Some are measured and patient. Others are early and agile. And this dichotomy holds true for embracing cloud initiatives.

That’s why SonicWall’s goal is to make the journey to the cloud secure, fast, efficient and cost-effective for enterprises and SMBs across a wide range of industries and verticals. To usher organizations toward a secure, cloud-powered existence, the SonicWall Capture Cloud Platform protects your multi-cloud infrastructures by helping you:

  1. Build, operate and manage secure, high-performance networks using hybrid cloud strategies.
  2. Secure public, private and hybrid clouds with affordable, easy-to-use virtual appliances and solutions.
  3. Use personalized, real-time cyber threat intelligence and risk scoring to identify potential security vulnerabilities.

On paper, that’s logical and pragmatic. In reality, that requires real products, services and solutions. As such, SonicWall is introducing a range of new products and enhancements, which includes:

  • Secure SD-WAN — A new capability of SonicOS 6.5.3 and available on SonicWall next-generation firewalls, SonicWall Secure SD-WAN enables distributed organizations to safely deploy and connect branch and remote sites for sharing data, applications and services.
  • Zero-Touch Deployment — Another feature of SonicOS, SonicWall Zero-Touch Deployment allows organizations to quickly and securely launch new SD-WAN-connected locations without requiring on-site personnel to configure hardware.
  • NSv Firewalls — SonicWall NSv virtually extends next-generation firewall capabilities to cloud deployments, which now include Azure and AWS.* Cloud security capabilities include application control, IPS, TLS/SSL decryption and inspection, advanced threat protection (ATP), VPN and network segmentation.
  • Capture Security Center Risk Meters — The new Risk Meters service empowers organizations with data-driven analysis about evolving cyber threat vectors (e.g., network, web, cloud, applications, endpoints, mobile devices, databases) that expand beyond the traditional corporate perimeter.
  • TZ300P & TZ600P Firewalls — New SonicWall TZ300P and TZ600P unified threat management (UTM) firewalls reduce the costs and complexity associated with PoE injectors and switches by providing power directly to connected PoE-enabled devices (i.e., fewer cables because no dedicated power source required), such as wireless access points, point-of-sale (POS) terminals, printers, cameras and other IP devices.

Evolving the SonicWall Capture Cloud Platform

The SonicWall Capture Cloud Platform tightly integrates security, management, analytics and real-time threat intelligence across the company’s full portfolio of network, email, mobile and cloud security products.

The platform provides intelligence, management and analytics to supplement SonicWall’s complete portfolio of cybersecurity hardware, virtual appliances and endpoint clients for an efficient, easy-to-use and connected customer experience.

SonicWall’s mission remains as steadfast as ever: deliver automated, real-time breach detection and protection for enterprises and SMBs. This is the next phase of that unwavering commitment.

Each new product or solution will be featured via in-depth blog coverage this week. To inquire about a specific product, please contact SonicWall or reach out to your dedicated SonicWall SecureFirst partner.

* Availability in the AWS Marketplace pending.