Posts

What’s New in SonicOS 7.1.1

The SonicOS 7 operating system was already the most secure, versatile and easy-to-use operating system SonicWall has ever produced. But the latest release, SonicOS 7.1.1, offers improved security and performance, a superior customer experience and cloud enablement features.

These features are designed to provide a superior customer experience through ease of use, deployments, policy management and day-to-day operations. Here’s a high-level look at SonicOS 7.1.1 benefits:

Superior Threat Protection:

  • New CFS 5.0 engine ​
  • Advanced DNS filtering​
  • Secure boot
  • Enhanced filesystem security ​
  • Storage enhancements​
  • Virtual TPM​
  • OS hardening with new toolchain
  • Improved console application​
  • Maintenance key for both virtual and hardware firewalls

Enhanced Usability:

  • Firewall-managed Wi-Fi 6 APs​
  • More intuitive user experience​
  • Turnkey integrations with third-party NAC solutions ​
  • Storage enhancements​
  • Automatic firmware updates​
  • No more separate SonicOS and SonicCore upgrades

New Multi-Cloud Deployment:

  • NSv Bootstrapping​
  • Support for virtual TPM on-cloud firewall​
  • Token-based registrations
  • New driver and increased performance for NSv

SonicOS 7.1.1 Common Use Cases:

FeatureUse CaseBusiness Outcome
Wi-Fi 6 unified authentication and securityMSP requires the current SonicWave 621, 641 and 681 access points to be managed by SonicWall firewalls in order to avoid using multiple management solutions (for example, having to use NSM to manage firewalls and WNM to manage SonicWave APs)Ease of management and seamless integration with SonicWall wireless products
NAC integration, offering synergy between SonicWall and Aruba solutions and providing health posture telemetryNeed to apply enhanced user and device context (including role, device health and more) to next-generation firewall rules and policies for protection against unsanctioned traffic

Need to protect users on the network from threats such as phishing, malware and exploits

Need to stop unauthorized users and devices by implementing a single policy of authorization and enforcement for users and IoT devices across wired and wireless networks, up to the application level

Need to enable closed-loop attack detection via next-generation firewall and policy-based response with ClearPass

Enable enterprises and educational segments to integrate with their Aruba solutions and get more value from their Gen 7 firewall with Health Posture
DNS security that enables blocking websites at DNS layer without enabling TLS/SSL decryptionAdmin wishes to maximize performance by blocking bad websites at DNS layer without enabling TLS decryption.

MSP – Actively looking to help their customers avoid malicious domains

ISP – Wanting to safeguard against DoS and DDoS attacks

Enterprises – Wish to protect users without affecting user experience or speed

K-12 – Required to provide safe browsing experiences for students and staff while controlling what domains can be accessed

Government – To safeguard systems from malware and bad actors

Delivering DNS layer protection without the need to enable TLS decryption
Stronger content filtering solution with additional categories and reputation-based filtering​Defining which websites are malicious or undesirable within a web filtering gateway requires the use of static lists of known bad URLs and IP—which can’t keep up with websites and IPs with statuses that switch from benign to malicious and back very quicklyImproved content filtering capabilities for Gen7, resulting in more accurate website/URL rating
Secondary storage enhancements to support PCAP (Packet Captures), TSR (Tech-Support Reports) and LogsLimited primary storage space restricts the ability of diagnostics and troubleshooting on Gen 7 firewalls

Customer must purchase secondary storage to have additional abilities beyond just saving settings and image

Admins require logs, TSR and PCAP storing ability on the firewall

Added secondary storage so customers don’t have to purchase separate secondary storage

Enhanced diagnostics and troubleshooting experience

Enables logging and reporting on local firewall

Policy mode profiles for gateway antivirus and anti-spyware to simplify rule creations from security rule pageEnterprises require ability to have security profile for antivirus and anti-spyware when using policy mode in order to simplify security policy creation at layer 7Simplifies unified policy on enterprise deployments using 15700 and NSv firewalls
Virtual TPM and enhanced securityUsers require not just the OS but also the underlying kernel to be secureImproved security and performance
Automated SonicOS image upgradeMSPs require automatic SonicOS upgrade notifications so they can easily identify and schedule new OS upgradeOffers MSPs and others a more convenient user experience

The SonicOS 7.1.1 release is now available for installation on any SonicWall Gen 7 NGFW. Learn more about what makes Gen 7 our most secure, stable and scalable lineup yet, or reach out to your SonicWall partner or sales rep to upgrade today.

Advanced Endpoint Detection & Response (EDR) Comes to Capture Client 2.0

Endpoint protection has evolved well past simple antivirus (AV) monitoring. Today’s endpoints require consistent and proactive investigation and mitigation of suspicious files or behavior.

With the release of SonicWall Capture Client 2.0, organizations gain active control of endpoint health with advanced Endpoint Detection and Response (EDR) capabilities.

With EDR capabilities in place, SonicWall Capture Client empowers administrators to track threat origins and intended destinations, kill or quarantine as necessary, and “roll back” endpoints to a last-known good state in cases of infection or compromise.

Capture Client now also enables organizations to mitigate malware and clean endpoints without manually pulling them offline to conduct forensic analysis and/or reimage the device — as is typically required with legacy AV solutions.

Protect Endpoints from Employee Mishaps with Web Threat Protection

For years, SonicWall’s Content Filtering options have been used by schools, small and medium businesses, and enterprises to either block people from malicious web content (e.g., phishing sites) or productivity-killing sites (e.g., social media), as well as manage the bandwidth an application receives.

A portion of this technology, called Web Threat Protection, is now in Capture Client 2.0. This feature utilizes the Content Filtering Service to block access to millions of known malicious URLs, domains and IP addresses. This helps prevent phishing email attacks, malicious downloads (e.g., ransomware) or other online threats.

Web Threat Protection gives admins another layer of security and helps avoid the cleanup of infections and/or the need to “roll back” the PC to a last known healthy state.

Shrink Attack Surface Area with Endpoint Device Control

Did you know in a recent Google social experiment that 45 percent of “lost” USB keys were plugged into devices by the people who found them?

Dropping infected USB drives in a work area (e.g., coffee shop, company parking lot, lobby) has always been respected as a very effective attack on companies. In fact, many retail outlets have point-of-sale (POS) systems with exposed USB ports that make it easier to infect networks from many locations.

To better prevent infected devices like USBs from connecting to endpoints, Capture Client Device Control can lock out unknown or suspicious devices. Admins have the ability to block endpoint access to unknown devices until they are approved, or whitelist clean devices, like printers and removable storage, to narrow the threat plane.

Endpoint Protection Licensing Better for Partners, Customers

SonicWall has done more than just improve the stability and functionality of the client. We’ve also spent the past year working with a global network of partners and customers to create better business practices behind the client.

Due to increased demand, we are proud to announce that our competitive conversion SKUs will live as an indefinite program that certified SonicWall Partners can use. This will enable customers to get three years of coverage for the price of two when switching from a competitive product.

SonicWall is also doing away with pack SKUs that people formerly ordered (and still supported) in favor of banded SKUs coming in March 2019. These ordering bands allow a partner to order the exact number of licenses required, at the appropriate discount, for their volume. These bands start at five seats and offer eight sets of volume discounts that go up to 10,000 or more seats.

Tech Brief: Roll Back the Impact of Ransomware

Capture Client Advanced enables quick, automated recovery without having to manually restore from backups or create new system images. Download the full tech brief to explore how Capture Client rollback helps optimize business continuity, reduce financial impact and shorten the mean time to repair.

Catch the Latest Malware with Capture Advanced Threat Protection

Now that Halloween is over and your coworkers are bringing in the extra candy they don’t want, let’s look back at the last quarter’s results from SonicWall Capture Advanced Threat Protection (ATP) network sandbox service. Grab the candy corn and let’s crunch some data. Note: terms in italics below are defined in the glossary at the bottom to help newbies.

63,432 new threats discovered using the network sandbox over the course of three months on customer networks.

30.6% of threats that were found through static filtering. Translation- less than a third of these threats were new to us, but not to someone among the 50+ scanners we compare against.

69.4% of threats that were found through dynamic filtering. Translation- there is nearly a 70% chance SonicWall will find new malware and develop protections against it faster than anyone else.

.16% of all  files sent to the sandbox were malicious. Translation- SonicWall can find the needle in the haystack.

72% of files were processed in under 5 seconds. Translation- Capture ATP is fast!

60% increase in the number of Capture ATP customers that sent files for analysis over the past quarter. Translation – more people supplying potential threat data gives us a wider net to catch the latest threats, making it easier to protect you. Double translation – the community helps to protect the community.

20% of all new malware were found in documents (.docx & .pdf specifically) on many days throughout the quarter. Translation – Attackers put more attention to getting you to open malicious documents. Double Translation – educate your employees to not open suspicious attachments in email or found online.

I hope this helps you understand the importance of using a network sandbox, namely Capture ATP, the winner of CRN’s Network Security Product of the Year 2016 by customer demand. To learn more please review our Tech Brief: SonicWall Capture Threat Assessment or contact us with more information.

PS – I wrote a simple glossary of sandboxing terms for you to reference in case you are new to this. If you want more terms added to this, find me on Twitter and send me a note.

Glossary of terms:

Network Sandbox: An isolated environment where suspicious code can be run to completion to see what it wants to do. If your firewall doesn’t know the file, it will be sent to the sandbox for analysis.

Block until Verdict: A feature of the Capture ATP sandboxing service that blocks a file until a determination of the file can produce a verdict. If it’s malware, the file is dropped and can’t enter the network. If it’s good, a verdict for the hash of the file is stored and, if anyone tries to upload the file to our service, that verdict will be supplied within milliseconds to the user.

Hash (AKA: cryptographic hash): A cryptographic code to identify code (e.g., malware) across the community of researchers. Instead of storing malware and comparing new files against samples, the file is converted to a hash and compared against a database of known good and bad hashes. For example, the phrase “SonicWall Capture ATP stops ransomware” translates into “13d55c187dbd760e8aef8d25754d8aacadc60d8b”.

Once a new file is encountered, hashed, and doesn’t match a known hash, it is sent to the sandbox for analysis.

Static Filtering: A way of filtering out results of a file before taking it to time-consuming dynamic analysis. SonicWall static filtering compares new files against a database of shared malware hashes from over 50 anti-virus scanners.

Dynamic Filtering: The method of processing a file to see what it wants to do. SonicWall’s dynamic processing features three engines in parallel to find the most evasive malware. We use virtualized sandboxing, hypervisor-level analysis, and full-system analysis to uncover the most difficult forms of malware, including Cerber.

California School District Amps Up Content Filtering with SonicWall’s Security-as-a-Service

We know how much value SonicWall network security brings to our customers, and we know how much value our partners add when incorporating our solutions into their solutions for our customers.

The case of Calistoga Unified Regional School District is an excellent example.

Calistoga is in California’s Napa Valley. The district has more than 850 students, divided among an elementary school, junior/senior high school and an alternative-program continuation high school for students between the ages of 16 and 18. Administration offices are in a separate building near the junior/senior high school.

The district felt that its existing content-filtering services were not providing all the functionality it needed. Calistoga couldn’t get the flexibility and granular control over content filtering it needed to define different roles and access permissions for students, faculty and staff.

Like all K-12 school districts, Calistoga’s content filtering is there to protect against inappropriate and malicious web content, as well as to control application access.

“Our No. 1 priority is making sure that the students are protected,” says Jenna Burrows, Calistoga’s Director of Business Services.

Regulatory requirements regarding content filtering are also part of the picture. The Children’s Internet Protection Act (CIPA), is the most directly relevant. Content filtering is also important with regards to the Family Educational Rights and Privacy Act (FERPA), which protects students’ personally identifiable information (PII) from unauthorized disclosure, and is a requirement for districts to be eligible for discounts through the federal E-rate program.

Faced with a clear need to upgrade their content-filtering capabilities, Calistoga turned to their local managed services provider, Napa Valley Networks (NVN). NVN has been a SonicWall partner for more than 15 years. NVN recommended SonicWall’s Content Filtering Service for Calistoga.

But NVN didn’t stop with content filtering. After an initial audit of Calistoga’s network, they uncovered an issue with the district’s gateway. NVN’s Vice President and Chief Technology Officer, Kyle Lumley, says the existing gateway “didn’t give them the control or feature set that they needed.”

NVN’s recommendation for Calistoga was a SonicWall SuperMassive 9800 next-generation firewall with High Availability capability.

All well and good so far. More granular, customizable content filtering and a new gateway to provide better control for the present, as well as being better able to handle future increases in networked devices and utilization.

Then came the 400-pound gorilla. How could Calistoga afford to pay for these improved capabilities? School districts work under very tight financial constraints.

Fortunately, NVN and SonicWall had a solution.

Calistoga leveraged SonicWall’s Security-as-a-Service (SECaaS). Rather than paying a large amount upfront as a capital expenditure, Calistoga pays a much more manageable monthly fee which fits within its operating budget. Burrows says this is a much more reasonable solution for the district.

Additionally, much of the cost is eligible for discounts through the federal E-rate program.

NVN coordinated the transition to the new gateway and Content Filtering Service. All went well, even in the face of tight deadlines. Calistoga’s happy with the results.

Read the Case Study here.

Exertis and SonicWall Pave the Way for KCSiE Guidance and Safer Internet Day

Note: This is a guest blog by Dominic Ryles, Marketing Manager at Exertis Enterprise, SonicWall’s leading distributor in the United Kingdom. Exertis is committed to providing a range of channel focused services designed to enhance your current technical knowledge and expertise in the areas of IT Security, Unified Communications, Integrated Networks and Specialist Software.


The Internet is forever changing education. Opening up a world of opportunities and transforming how students learn. New technologies inspire children and young people to be creative, communicate and learn, but the Internet has a dark side, making them vulnerable with the potential to expose themselves to danger, knowingly or unknowingly.

On the 5th September 2016, the UK Government through the Department of Education (DfE) updated the Keeping Children Safe in Education (KCSiE) guidelines to include a dedicated section for online safety. This means that every school and college will need to consider and review its safeguarding policies and procedures, focusing particularly on how they protect students online. The guidance calls for effective online safeguarding mechanisms with a mandatory requirement for all schools and colleges to have an appropriate filtering and monitoring systems in place, striking a balance between safeguarding and ‘overblocking,’ and being conscious not to create unreasonable restrictions on the use of technology as part of the education process.

When we think of ‘inappropriate material’ on the internet we often think of pornographic images, or even access to illegal sites to download movies and music,  but due to the widespread access to social media and other available platforms, the Internet has become a darker place since it first opened its doors back in 1969. Physical danger from divulging too much personal information, illegal activity such as identity theft and participation in hate or cult websites can lead to cyber bullying, and radicalisation in the modern day school, thus making children and young people vulnerable.

Earlier this year, Exertis, in conjunction with SonicWall, set out on a mission to raise awareness of KCSiE through a series of online and offline activities to the channel. We first put together our comprehensive ‘Appropriate Web Filtering and Monitoring for Schools and Colleges’ guide, which to date has received an overwhelming response from our partner base. The guide provides our reseller partners with all the information they need to understand the statutory changes, and how the SonicWall and Fastvue security solutions can enable educational establishments to become compliant. Towards the latter part of 2016, we registered to support Safer Internet Day (SID) 2017, a day dedicated to raising awareness of online safety for children and young people. Already in its sixth year, Safer Internet Day is run by the UK Safer Internet Centre, a combination of three leading UK organisations: SWGfL, Childnet International and Internet Watch Foundation with one mission – to promote the safe and responsible use of technology for young people. It will be the first year both companies have supported Safer Internet Day and we have been busy raising awareness in our local community. We approached two schools; St Margaret Ward Catholic Academy and The Co-Operative Academy and commissioned them to produce a large canvas painting with the topic ‘What does the internet mean to you?’ Students and teachers from both schools will come together to create two canvas paintings depicting the good and the bad of the internet from their perspective. We have given the schools 4-weeks to complete the art project and will be revisiting both schools on Safer Internet Day, 7th February to meet with the students and teachers behind the project, provide a talk around e-Safety, and with it, hope to raise awareness of children and young becoming safe on the Internet.


About Safer Internet Centre.

The UK Safer Internet Centre are a partnership of three leading organisations: SWGfL, Childnet International and Internet Watch Foundation with one mission – to promote the safe and responsible use of technology for young people. The partnership was appointed by the European Commission as the Safer Internet Centre for the UK in January 2011 and last year reached 2.8 million children. To find out more. Please visit – https://www.saferinternet.org.uk/

About Exertis (UK) Ltd.

Exertis is one of Europe’s largest and fastest growing technology distribution and specialist service providers. We partner with 360 global technology brands and over 28,850 resellers, e-commerce operators and retailers across Europe. Our scale and knowledge, combined with our experience across the technology sector, enables us to continue innovate and deliver market leading services for our partners. To find out more, please visit our website – http://www.exertis.co.uk/

Ransomware Can Cost You Millions; Is Your Network Secure?

Recently it was reported that in April 2016 an employee at Michigan-based utility company BWL opened an email and clicked on a malicious attachment laden with ransomware. The result? It shut down accounting and email systems as well as phone lines, which lead to a costly and laborious week of recovery.

The cost? $2.4 million.

Let That Sink in for a Second.

In a separate case, the $800K ransom heaped upon the City of Detroit by hackers in 2014 served as an anecdotal warning of the potential for this class of malware.  But in the BWL case, only $25K was actually paid to the attackers with 99 percent of the costs related to technology upgrades and people responding to the attack.  To save you on the mental math, the actual ransom was about 1 percent of the total costs. This could be the setting for a modern proverb based on For Want of a Nail.  The silver lining is the improvement of the utility’s security and the overhaul of its IT communication policy.

What Does This Teach Us?

For all the talk of cost of the ransoms levied upon victims, the impact is much greater.  In this example, it cost the organization in lost business, impact to the customer experience, and even more on the human resources side. It also serves as a poster child for ineffective spam management and phishing prevention.  Ultimately this problem is happening around the world and despite the best intentions at stopping ransomware, it still persists.

What Do You Do If You Are Hit?

First of all, don’t panic.  By default, you need to consider not paying the ransom and find a way to restore systems and data without giving in.  Otherwise, it’s like feeding a feral cat; hackers will be found on your doorstep the next day. Simultaneously, you need to restore systems, discover the point of origin, and stop follow-on attacks.  This is where the backup and security stories combine.

In the case of BWL, it took a lot of human resources and two weeks’ worth of time, most likely because the utility was not prepared for this type of attack.  In your case, find the point of origin and restore a backup from before that event.

But What About Stopping Follow on Attacks?

Before the Firewall

I would like to say that out there is a single solution that will solve this but that isn’t completely true.  In short, the answer is education, security and backup.  The first thing to do is to build the human firewall; teach your employees not to click on attachments or links in suspicious emails, especially if you deal with payments.  This is just the first step; a recent Barkly study stated that in their data set, 33 percent of ransomware victims had already undergone security awareness training.

Additionally, think long and hard before hanging “blamable” employees out to dry.  It may be shortsighted to fire or reprimand an employee for unleashing malware unless they were clearly going outside the boundaries of ethical/lawful internet usage (e.g. browsing adult sites, downloading pirated material, etc.). In many cases, ransomware comes through a cleverly crafted phishing email, and given the fact that BWL’s accounting and email systems were taken offline, I’m assuming an accounts payable person opened an attachment from a hacker with an “unpaid invoice.”

When it comes to technology, you need to have a multi-layered approach to eliminate malware as it approaches your environment.  Look at the image below and you can see how SonicWall stops ransomware via web and device traffic.  In the case of watering hole attacks (e.g., downloading malware from a website), SonicWall Content Filtering Service (CFS) blocks millions of known malicious sites to help remove major sources of pulled malware from the equations.  After this, deploy SSL/TLS decryption to help you see all traffic.  Four years ago, the percentage of traffic being encrypted was very low by comparison today.  Forget the advertised malware-catch-rate of a vendor’s firewall and sandbox; if they can’t inspect 50 percent of traffic, it’s like locking and guarding the front door while leaving the backdoor open.

The Firewall and Capture ATP

If you are using SSL decryption, now all of the traffic coming into your organization can be viewed by your firewall.  Hopefully, this is a modern device that can inspect every byte of every packet to look for threats and approve files quickly.  In the case of device traffic, it hits the firewall and should be directed to your mobile access or VPN appliance to decrypt data and control access to only approved device IDs.  This traffic should be sent back to the firewall to begin its journey along with web traffic, through a gauntlet of rapid security measures.

The firewall and VPN appliances are the hardware portion of the equation with the firewall being the keystone of it all.  Firewalls are defined by their services because they do a lot of the work at removing malware from your internet traffic.  Traditionally, gateway security and anti-virus follow the firewall looking for malware based on a set of signatures; meaning this is how you eliminate known malware.  Point in case, SonicWall eliminated nearly 90 million ransomware attempts in the month of May 2016 using this same technology. Malware is used over and over again and may be seen thousands of times within an hour of its release.  Leveraging a cloud-based signature engine will enable you to have better protection against newer threats.

After going through gateway security, many networks leverage a network sandbox, which is an isolated environment to run suspicious code to see what it does.  This is where a lot of unknown malware is discovered and stopped.  Network sandboxes have been around for a few years now but hackers have found ways to design malicious code to evade their detection, which is why some analysts recommend leveraging multiple sandboxes from multiple vendors to see as much as you can.  I recommend using SonicWall Capture Advanced Threat Protection (ATP) multi-engine sandbox that combines virtualized sandboxing, hypervisor level analysis and full-system emulation to help see what potential malware wants to do from the application, to the OS, to the software running on the hardware.  Since ransomware variants are redeveloped throughout their lifecycle, it is important for sandboxes to create cloud-based sharable hashes for every version possible to block follow-on attacks and shorten the lifespan of ransomware. Through this process a lot of malware is scrubbed out from the point of origin to the server.

Endpoints and Backup

Although this setup is highly effective, you will need to maintain a healthy endpoint protection strategy.  Anti-virus for endpoints is still important, but today it is easier to manage than before.  Leverage an enforced anti-virus technology that doesn’t allow employees to access the internet through a web browser without up-to-date endpoint protection.  In these cases, employees are directed to a download page to update their anti-virus software before they can go and click on that suspicious link in email.

Lastly: back up, back up, and back up some more.  Ransomware exists because organizations keep paying the attackers for their data.  If a ransomware attack evades the common sense of people and the fortifications of your security infrastructure, you can simply wipe the device or server clean and refresh from your back up.

Download our solution brief: How to protect against ransomware.

Are School-issued Mobile Devices Safe to Use on Off-campus Networks?

A few weeks ago my eldest son was given a Chromebook by his school which he brought to the house to do his homework. Before the Chromebook, he did his homework on the PC I had set him up with in his room. The nice thing about that is I have a firewall with a content (aka URL or web) filtering policy in place so I have control over the websites he can access since he’s getting to the internet through our home network. But not everyone has a firewall and/or content filtering to protect their kids from inappropriate and potentially harmful web content.

Schools providing K-12 students with mobile devices so that they can access content over the internet has grown over time as administrators, teachers and parents see the benefits of an untethered learning environment. A Project Tomorrow report indicates that almost half of the K-12 teachers surveyed said that their students have regular access to mobile devices in their classroom. Some of those devices are school-issued. However as students enter high school more prefer to use their own personal mobile device in the classroom whether it’s a laptop, Chromebook, tablet or smartphone.

In an earlier blog I wrote about five things K-12 schools should look for in a network security solution. One of those is web filtering. K-12 schools need a URL filtering policy in place that includes technology to protect students from inappropriate or harmful internet content if they want to be eligible for discounts through the government’s E-rate program, also known as the Schools and Libraries program. While most schools have a filtering policy in place to protect students when they’re in the classroom, what happens when they take that device home? Does the mobile device have some way to enforce the policy beyond the school’s network perimeter?

This leads me back to the story about my son’s Chromebook. Without some mechanism in place that blocks access to inappropriate websites when the device is outside the firewall he could take the Chromebook anywhere there is a Wi-Fi connection and have unrestricted internet access. From a parent’s point of view, depending on the student’s age that’s probably not a good thing. From the school’s perspective, administrators don’t want to be viewed as the provider of a tool that enables children to look up inappropriate videos, images or text without some form of control in place.

One solution school IT administrators use to solve the problem is to force all traffic from the device back through the school’s firewall once the device connects to the internet. The nice part about this approach is that the school can use the same policy whether the device is inside or outside the firewall perimeter. There is some downside though. Routing all traffic from every school-issued device regardless of its location back through the school network consumes valuable bandwidth which can be costly.

A unique solution SonicWall offers is our Content Filtering Client. Residing locally on the Windows, Chrome OS or Mac OS X mobile device, the client extends web filtering policy enforcement to devices used outside the firewall perimeter. Administrators can apply the same policy or a different one depending on whether the student is using the device is being used inside or outside the network. The device will also switch over to the inside policy once it reconnects to the school’s network. The combination of the Content Filtering Service and Content Filtering Client provides “inside/outside” web filtering coverage.

If you’re an IT director or administrator with responsibility for implementing network security and content filtering across the school district and would like to learn more about Dell SonicWALL Content Filtering Services and why they are an essential component of your network security strategy, read our technical white paper titled “K-12 network security: A technical deep-dive playbook.”