Posts

How SonicWall Adheres to GDPR Requirements

On May 25, the General Data Protection Regulation (GDPR) will officially go into effect. Like with any major legal reform, questions arise about timing, application, ramifications and more. With the GDPR mandate’s focus on privacy and related data, questions have increased tenfold.

SonicWall is working hard to ensure compliance with GDPR requirements. SonicWall takes information security seriously and has implemented policies and procedures for safeguarding personal data that is stored, processed and/or transferred by SonicWall.

These policies and procedures include, without limitation, physical and logical access restrictions, data classification, access rights, credentialing programs, record retention, data privacy, information security and the treatment of personal data and sensitive personal data throughout its lifecycle.

To help clarify how SonicWall products and services are impacted by GDPR policies, please review the following.

What is the GDPR?

The GDPR is legislation enacted by the European Union (EU) to protect all EU citizens from privacy and data breaches. The GDPR applies to companies and organizations located in the EU, as well as to companies outside the EU that collect, use, transmit or store personal data of EU citizens, regardless of where the activities take place. At a high level, GDPR:

  • Takes effect on May 25, 2018
  • Applies generally to organizations located in the EU, as well as those outside the EU that handle the personal data of EU citizens
  • Applies specifically to data controllers and data processers; with a controller being a company that determines the purposes and means of processing personal data, while a processor is responsible for processing personal data on behalf of a controller
  • Is designed to protect the personal data of EU citizens, which is defined as any information about an identifiable person
  • Requires organizations to give individuals access to and control over their data, and to take reasonable measures to protect it

Does the GDPR apply to SonicWall products?

Yes, but only to a very limited extent. SonicWall products help customers enable security in their networks (and to thus better comply with the GDPR), but SonicWall generally does not have access to, nor does it collect or use, the personal data of individuals.

The GDPR, therefore, does not apply to SonicWall products in most cases. Our customers’ use of our products by itself does not subject SonicWall to GDPR.

However, if SonicWall hosts a solution that is sold to a customer and the hosted solution allows a customer to access or use personal data in that hosted environment, then SonicWall may be subject to certain aspects of the GDPR. In those cases, SonicWall must ensure that adequate security is in place to protect that hosted environment.

In summary:

  • SonicWall typically does not collect, store or transmit the personal data of natural individuals in the EU
  • The GDPR does not apply to SonicWall firewall hardware appliances without a subscription to the SonicWall Capture Advanced Threat Protection sandbox service
  • GDPR may apply to the SonicWall Capture Cloud Platform to the extent it enables end-user designated personnel to access their network data in an environment hosted by SonicWall
  • Where GDPR applies, it requires SonicWall to have adequate network security for its hosted environment
  • SonicWall expects to be compliant with the GDPR by May 25, 2018, to the extent it applies to the company’s range of security solutions and services
  • SonicWall is undertaking a comprehensive third-party audit to confirm the compliance of its products and solutions

GDPR and SonicWall hosted solutions

Presently, SonicWall directly maintains a majority of the systems used for our hosted solutions versus outsourcing this activity to a third party.

In the limited circumstances that SonicWall leverages third-party services, SonicWall works to ensure that it and its third-party provider have the appropriate safeguards in place to protect personal data as required by GDPR. SonicWall uses a number of technological and operational approaches in its physical security program to mitigate security risks to the extent reasonably practicable.

Our team is working to determine that appropriate measures are in place to prevent unauthorized persons from gaining access to systems within which data is processed and continually monitor any changes to the physical infrastructure, business and known threats.

We are also considering best practice measures used by others in the industry while balancing its approach toward security by considering elements of control that include architecture, operations and systems.

SonicWall customers are given the opportunity to choose the location of their primary data center where their information will be hosted. However, limited data may be transferred to other SonicWall locations for the purpose of providing services to our customers.

Can SonicWall help companies become GDPR-compliant?

SonicWall acts as a provider of network security and content-based security solutions, and security of data is a key aspect in achieving data privacy principles.

We assist companies to secure their data in a smarter way. In the wake of burgeoning legislation and increased hacker intelligence, it is vital for organizations to encrypt their traffic and files, whether these are stored online or offline.

Using high-performance Deep Packet Inspection, SonicWall can spot malware and other nefarious traffic and behavior from among encrypted files, further safeguarding an organization.

SonicWall provides industry-leading machine learning technology to detect and block zero-day malware. We address advanced cyber threats, “malware cocktails” and related ransomware no matter if they are encrypted or clear, in email, on the web or in file exchange, regardless of the device in use. Our expertise in automated breach prevention means we don’t just spot malware, we prevent attacks from becoming successful.

To learn more about how GDPR applies to SonicWall products and services, please review the official SonicWall Privacy Statement.

A New Cyber Security Certification: SonicWall Network Security Administrator Course

SonicWall has spent the last 12 months deeply focused on training and enablement for our partners, customers and employees. Based on student feedback and market requirements, the company’s Education Services Organization is introducing the SonicWall Network Security Administrator (SNSA) course; a completely new training course and certification exam that will replace the Network Security Basic Administration (NSBA) class.

The SNSA training curriculum is designed to teach students specific SonicWall network security technology. The course will provide students with the skills to successfully implement and configure SonicWall firewall appliances and security services.

Improvements included with SNSA:

  • Two days of instructor-led classroom training, with 80 percent hands-on labs and 20 percent lecture
  • Six hours of online learning modules, which may be completed before or after the classroom portion
  • Based on the recently released SonicOS 6.5 firmware
  • Generic network security theory is removed and provided in supplemental training material

Consistent SonicWall training across the globe

To support the launch of the SNSA course, SonicWall Education Services is also launching a new Authorized Training Partner (ATP) strategy to enhance consistency in the delivery of training content and guidance. This new strategy encompasses:

  • Coverage provided by three global strategic training partners, augmented by key regional partners
  • Global fulfillment of materials and virtual labs via a single strategic training partner
  • Price adaptation to fit local-market currencies and demand
  • SonicWall global ATP managers to ensure content, delivery and lab experience are consistent worldwide
  • Proctoring service to ensure certification authenticity for both students and sponsoring partners

What happened to Network Security Basic Administration (NSBA)?

For the last 10 years, SonicWall offered a series of technical certification courses to its partners, customers and employees. The core certification training was focused on foundational understanding of network security, particularly basic administration found in the SonicWall Network Security Basic Administration (NSBA) course.

With a focus on training network security administrators, NSBA provided students with a broad overview of network security technology and the skills needed to configure and administer a basic SonicWall firewall appliance.

While this course satisfied initial learning objectives, student feedback indicated the content was not sufficient to meet the needs of deeper skillsets (e.g., installation, management and troubleshooting). Students left the course feeling they needed additional in-depth technical training and expertise.

In addition, due to a widespread number of ATPs around the world, student experience varied by geography and instructor. The changes to the course and the improvement of the ATP strategy ensure SonicWall will deliver best-in-class technical training to its partners and customers.

For individuals who completed the NSBA exam and hold a current CSSA certification, SonicWall will continue to acknowledge these important certifications through March 2020. Students wishing to re-certify an expiring CSSA certification will, however, be required to complete the new SNSA course and certification.

To enroll in the new SNSA program, students may access the newly launched external SonicWall University site.

SonicWall Security Certification Courses

SonicWall offers other training and certification courses to support the needs of our partners, customers and employees. These include:

Network Security Advanced Administration (NSAA) Course

Designed to further enhance an individual’s network security technical skills, the NSAA course is available to students who have achieved either the CSSA or the SNSA certification.

This two-day, instructor-led course provides students with the latest information on application control, bandwidth management, troubleshooting and advanced networking. Completion of this course prepares students to complete the Certified SonicWall Security Professional (CSSP) certification exam.

Secure Mobile Access Basic Administration (SMABA) Course

The SMABA course provides students with the technical skills necessary to administer and manage SonicWall Secure Mobile Access (SMA) appliances.

The SMABA course covers the use of Appliance Management Control to provide secure access — to any application from any network — based on secure authentication and authorization policies. Completion of this course prepares students for the Certified SonicWall Security Administration (CSSA-SMABA) certification exam.

Secure Mobile Access Advanced Administration (SMAAA) Course

Recommended for engineers or administrators of SonicWall SMA devices installed in larger networks, the SMAAA course provides students with in-depth technical training covering deployment options, authentication and authorization policies and troubleshooting.

Completion of this course prepares students for the Certified SonicWall Security Professional (CSSP-SMAAA) certification exam.

SonicWall CEO Bill Conner Joins Cyber Security Panel on Capitol Hill

Cybercrime is a lucrative and booming industry, with recent reports estimating $600 billion in damages to businesses. With the introduction of innovative cyber security technologies and new cyber attack variants, the race is on for private and public organizations to arm themselves for a battle that is being waged in a dynamic threat landscape.

Bill Conner Portrait

On March 6, cyber security experts and policymakers will come together in a panel discussion to address the current threat landscape and its impact on the U.S. economy. Featuring Congressman Lamar Smith, SonicWall CEO Bill Conner and the Honorable Secretary Michael Chertoff, the panel will foster dialogues that focus on the preventative measures organizations should take to thwart cyber attacks, as well as the joint efforts of government and law enforcement agencies combatting modern-day cyber attacks, cybercriminals and threat actors.

Preceding the event, Conner and Chertoff penned an opinion piece, “SEC, Congress take steps toward cyber accountability and transparency,” on The Hill.

Michael Chertoff Portrait

“Cyber risk affects virtually every kind of enterprise. It is not a matter of if, but when,” they wrote on The Hill. “Companies should start with the presumption that they will be attacked and have a comprehensive incident response plan in place. An incident response plan should include a consumer notification process especially when sensitive data such as Social Security numbers and financial information is corrupted.”

Event: Cybersecurity Panel Discussion – 2018 SonicWall Cyber Threat Report
Date: Tuesday, March 6, 12:30 p.m. EST
Location: Committee Room 2325, Rayburn House Office Building, Washington D.C.
Panel:

  • Chairman Lamar Smith, Congressman, 21st Congressional District of Texas
  • Honorable Secretary Michael Chertoff, former head of the U.S. Department of Homeland Security
  • Bill Conner, President and CEO, SonicWall
  • Michael Crean, CEO, Solutions Granted

The panel also will leverage and discuss the findings and intelligence from the 2018 SonicWall Cyber Threat Report, which provides key advances for the security industry and cybercriminals; exclusive data on the 2017 threat landscape; cyber security predictions for 2018; cyber security guidelines and best practices.

Get the 2018 SonicWall Cyber Threat Report

The cyber arms race is a challenge we face together. And it’s the core reason we’re committed to passing our findings, intelligence, analysis and research to the global public via the SonicWall 2018 Cyber Threat Report.

SonicWall’s Steve Pataky, Chris Auger Named to CRN’s 2018 Channel Chiefs List

Today CRN, a brand of The Channel Company, named two SonicWall executives, Chris Auger and Steve Pataky, to its exclusive 2018 list of Channel Chiefs.

CRN’s editorial staff chose the executives on this elite annual list on the basis of their professional accomplishments, industry reputation and dedication to the channel partner community. Each of the 2018 Channel Chiefs have distinguished themselves by building strong partner programs and evangelizing the importance of channel partnerships.

Robert Falerta, Executive Chairman of The Channel Company, shares insight into how the list was finalized:

“The executives on CRN’s 2018 Channel Chiefs list stand out for their exceptional leadership, vision and commitment to the channel. These individuals deserve special recognition for their development and support of robust partner programs, innovative business strategy and significant contribution to the overall health of a vigorously growing channel. We applaud each Channel Chief’s impressive record of accomplishments and look forward to their future successes.”


Since Pataky and his team launched the SecureFirst Partner Program in November 2016, SonicWall has seen record partner growth numbers with an increase of 500 percent since May 2017 with more than 21,000 registered partners, 7,700 of which are new to SonicWall. In 2017, Pataky oversaw the launch of the Partner Enabled Services Program, which equips partners to deliver specialized security services including design, implementation, configuration and training to optimize customers’ SonicWall investments. Through the program, partners are vetted, granted status as a SonicWall Authorized Services Partner and given access to exclusive training, tools, sales, marketing and technical resources.

In addition to being named on the 2018 Channel Chiefs list, Steve Pataky has the additional honor of being named on CRN’s exclusive 50 Most Influential Channel Chiefs list.

Steve Pataky
SVP, Chief Revenue Officer


Chris Auger

Chris Auger joined SonicWall in December 2015 and has been instrumental in reestablishing SonicWall as a 100 percent channel company. Just four months after launching SecureFirst, Auger’s team launched SonicWall University to equip partners with the sales and technical skills needed to provide industry leading cybersecurity expertise. SonicWall University is a key component of SecureFirst, with curriculum based on intelligence gathered from SonicWall Capture Labs and threat researchers who analyze real-time data analytics derived from more than 1 million sensors worldwide.

Chris Auger
Vice President, Sales, Americas


The 2018 CRN Channel Chiefs list, including the 50 Most Influential Channel Chiefs, is featured online at www.crn.com/channelchiefs and will appear in the February 2018 issue of CRN.

SonicWall and our Channel Partners Team to Deliver New High-Value Security Professional Services to Fight the Bad Guys

I can only imagine the pressure that comes with the job of being responsible for a company’s network security.  These individuals are not only entrusted with protecting company and customer data, but the reputation of the company and its brand.  In the case of smaller businesses, the stakes are particularly high, where a network breach and data loss can threaten the very existence of the company. According to the Ponemon Institute Cost of a Data Breach 2017, the average cost of a breach for the average total cost of a data breach is $3.62M, and over 60 percent of SMBs cease to exist 6 months following a data security breach. Add to these grim statistics the incredible rise in malware, ransomware and other advanced threats in a constantly evolving cyber threat landscape and you have the plot of a very scary true (cyber) crime movie – the good guys vs. the bad guys.

Network security vendors like SonicWall and the channel partners who integrate our products in to security solutions for their customers are most often the first line of defense to help organizations defend against the bad guys. These organizations rely on SonicWall to deliver highly efficient security products that can stop today’s known and unknown threats. And they rely on our channel partners as their trusted advisors to deliver their security solution. With so much at stake, it is critical that the right SonicWall products are designed in the security solution. And just as critical that the solution is implemented properly and optimized for the customer’s environment and business requirements. Even the best security products, if not properly spec’d and implemented, can leave an organization vulnerable. To address this reality, SonicWall has announced the launch of a new lineup of valuable professional security services to help customers and channels design, implement and operate SonicWall security solutions that keep the bad guys at bay and defend against their relentless cyber attacks.

Organized around three areas of competency, the security professional service offerings were jointly developed and blueprinted by SonicWall and a group of channel partners (the good guys) with deep security services expertise. Each service incorporates the real-world services experience of these partners, essential knowledge gained through hundreds of services engagements.

The services include:

  • Implementation Services – compliance audit prep, remote and onsite implementation services for SonicWall products
  • Solution Services – security health checks,  wireless security deployments, campus network and distributed network solutions.
  • Architecture Services – more complex or large-scale solutions and customer environments, such as DPI-SSL deployment or SuperMassive next-gen firewall implementations.

It makes so much sense to have these types of services surround the SonicWall product portfolio, as a means to ensure our customer have the best possible protection. As SonicWall’s Channel Chief, I’m equally proud of the new services as I am of the way in which they are delivered.

This is where our new Partner Enabled Services Program comes in. Just launched, the program identifies and showcases SonicWall SecureFirst channel partners who have a security focused professional services practice and enables them to deliver the new services. These partners are vetted, granted status as a SonicWall Advanced Authorized Services Partner and given access to exclusive training, tools, sales, marketing and technical resources. All of the services are branded and sku’d by SonicWall, so the entire SonicWall channel can resell them. Once sold, the services are delivered by the Advanced Services Partners.

This breakthrough approach to delivering professional security services is only possible due to the collaboration and trust that exists within the incredible SonicWall channel partner ecosystem – one that has developed over the last 25 years. SonicWall channel partners genuinely trust each other to engage respectfully with their customers to deliver high-grade professional security services and, in doing so, they deliver the most effective security solution and drive incremental opportunity for their business. With this program, SonicWall’s broad channel, our Authorized Services Partners, and most importantly, our customers, can join forces to fight the bad guys and win the war against cyber attacks. Score one for the good guys!

Feedback from our channel on this approach to services offer creation and delivery has been fantastic.

“This year marks 20 years of our relationship with SonicWall and we are excited about deepening our engagement with SonicWall and showcasing our SonicWall based services expertise through the Partner Enabled Services Program. The Exertis team is highly skilled in SonicWall distributed architecture deployments, proven time and again to be the real leader when customer security is at stake,” Jason Hill, Security Sales Director of Exertis in United Kingdom, a leading SonicWall distributor in Europe..

“As a dedicated SonicWall Platinum Partner with a mature services practice, we are delighted to see SonicWall making such significant investments in driving partner growth in security services.  Our team of security experts have a passion for security and phenomenal service,” said Timothy Martinez, President of Western NRG Total Internet Security, based in Camarillo California. “With more than 15 years of SonicWall implementations, we go to battle for our customers in the cyber arms race. The Partner Enabled Services Program is an excellent opportunity to grow our services further with SonicWall.”

“Our unwavering commitment is to protect and empower our customers against today’s most damaging cyber attacks,” said Michael Crean, CEO of Solutions Granted, a SonicWall SecureFirst Platinum partner in Virginia. “In our case, as one of SonicWall’s longest-term Managed Security Services Providers, this requires additional services and expertise to ensure we’re delivering the value and guidance our customers require to be secure. SonicWall understands our needs and, yet again, delivers the structure, resources, training and incentives to enhance customer loyalty, satisfaction and market recognition.”

Customers interested in the new security professional services should contact their SonicWall channel partner.  For interested SecureFirst Partners, we have a webinar planned for Nov. 30 at 8:30 am PT: Grow your Services Business with the New Partner Enabled Services Program.

SonicOS 6.5, the Biggest Update in Company History, Delivers Powerful Security, Networking and Usability Capabilities

Keeping organizations running safely, while improving business and user productivity in today’s accelerating threat environment, continues to be a non-trivial task for IT leaders. At the current pace of cyber attacks, we understand all too well that the effects of recent events, such as the Equifax, WannaCry and NotPetya attacks, have demonstrated their capacity to change the global business environment from normal to total hysteria in the blink of an eye.

When news breaks on new data breaches, we see a surge in conversations with our SonicWall partner and customer communities about security and risk assessments. These engagements reinforce our development commitment to ensure every new product release delivers more tools and capabilities to protect their networks and data, and subsequently avoid the unnecessary breach.

Delivering on that commitment, I am thrilled to introduce SonicWall’s biggest firewall feature release in its history. SonicWall SonicOS 6.5 is packed with powerful security, networking and usability capabilities, and meets the security operation requirements of organizations of various sizes and use cases. SonicOS 6.5 focuses on empowering IT leaders and their security teams to:

  • Elevate their breach detection and prevention capacity
  • Manage and enforce security controls across the entire organization
  • Bring the latest in wireless speed, performance and security for cloud and mobile users
  • Scale firewall networking, connectivity and performance for uncompromised, uninterrupted network services

SonicOS 6.5 delivers the following customer-focused outcomes as part of SonicWall’s expanding Automated Real-Time Breach Detection and Prevention Platform.

1. Bolster breach prevention capabilities for wired, wireless and cloud-enabled network environments

  • SonicOS 6.5 includes 60-plus new features, nearly half of which focus on enabling the latest Wi-Fi standard, 802.11ac Wave 2, to deliver matching network security performance, connectivity and security between wired and wireless networks.
  • The combination of SonicWall firewalls and the new SonicWave 802.11ac Wave 2 series of wireless access points gives customers the assurance that their users have uninterrupted, secure and fast access to business services and resources over wired and wireless connections.
  • Built-in features, like Wireless Deployment Tools, greatly aid in planning and building a robust wireless infrastructure, while Band Steering, Airtime Fairness and others improve the overall wireless service quality and performance to give users a safe, productive wireless experience. This helps eliminate dropped connections and slowness anytime, anywhere and in any environment within the workplace. Moreover, Dynamic VLAN assignment segments wireless users based on their roles and group associations to prevent advanced threats from spreading.
  • SonicOS 6.5 expands the threat API capabilities to help customers establish a path toward security automation. Through greater firewall collaboration with third-party security ecosystem, the firewall can automatically pull external intelligence sources for threat detection and protection, and security policies enforcement. For example, our Dynamic Botnet List feature enables customers to program their firewalls to download private third-party lists that contain desired security information, such as malicious IP and URL addresses, that they want the firewall to block for additional threat coverage.
  • For distributed organizations that have offices operating on different network domains, the new multi-domain security management capability in SonicOS 6.5 helps them manage and enforce discrete security policies across those domains. Based on service levels, risk tolerance, compliance and/or legal requirements, administrators can apply identical security controls to all domains or specific policy to a single domain or group of domains. This flexibility helps reduce the attack surface, eliminate security gaps, isolate risks and prevent any lateral movement of backdoor, network-based attacks, such as WannCry and NotPetya.

2. Increase scalability and connectivity of the firewall system

  • Advances in Layer 2/3 network and connectivity help customers optimize system availability and performance, and scale the firewall to deliver uncompromised, uninterrupted threat protection for every connected network domain. Supported on all SonicWall next-generation firewall (NGFW) models, including the newest NSA 2650, SonicOS 6.5 also supports daisy-chaining and management of Dell X-Series switches, Virtual Wire Mode, Dynamic LAG using LACP and Equal Cost Multi-Path (ECMP).
  • Using multi-domain security management in conjunction with virtual wire mode gives customers the ability to micro-segment and manage their virtual networks. These also provide independent security management, policies, controls and scanning to each virtual network with its separate security zone.

3. Improve ease of use and firewall management

  • SonicOS 6.5 introduces a completely redesigned user interface (UI) for a fresh, productive user experience (UX). This new UI gives users an executive dashboard loaded with security, user and traffic information. It also offers an organized, familiar and easily-understood menu-driven security management console. The dashboard presents a consolidated view of the live firewall security environment. This view includes a threat index, security events and data, network performance and connectivity, and application and bandwidth usage. The intuitive UI lets users complete security tasks faster, and with greater ease, from a single-pane-of-glass.

SonicWall Delivers More Speed, Security Across Entire Portfolio

New SonicWall NSA 2650 Firewall, and SonicWave Access Points Take Security, Speed and Analytics to Elite Levels

Defending your business is job No. 1. But with so many vectors and end points, it’s an arduous challenge to identify and mitigate known and unknown threats across multiple locations, networks and endpoints — particularly as the need for wireless and mobile access scales to untold heights.

It’s this amalgamation of technology that makes SonicWall’s latest announcement so intriguing. It’s not another product. It’s not just a new service. It’s not only a refined dashboard and interface.

The innovation here is keenly focused on integrating each of these advanced “ingredients” into a powerful platform that helps businesses automate real-time breach detection and prevention while exceeding speed and performance expectations.

An ‘Absolutely Superb’ Firewall

If you missed the announcement, “SonicWall Turbocharges Innovation with Unprecedented Delivery of New Wireless, Mobile and Wired Network Security Products,” this platform approach is central to how SonicWall proactively defends its end customers.

In fact, we allowed customers to beta test the new products in real-world situations. The feedback was resounding, particularly for the new SonicWall NSA 2650 firewall and our range of new SonicWall SonicWave access points, which deliver elite speeds via the 802.11ac Wave 2 standard.

“The new NSA 2650 is an absolutely superb product,” said Dr. Michael Breen, Dean of Arts at Mary Immaculate College. “In my opinion, the speed and level of security is unparalleled in its class. It gives us the throughput to conduct deep packet inspection (DPI) of encrypted traffic without costing us any loss of performance.”

The NSA 2650 firewall enables threat prevention over 2.5 gigabit Ethernet wired and 802.11ac Wave 2 wireless networks, supports twice the number of DPI connections and offers 12,000 DPI SSL connections, an increase of 12X.

“Protecting sensitive information and preventing security breaches is paramount,” said Breen. “Our network contains highly private student information and we must conform to EU GDPR (European Union General Data Protection Regulation) protocols. We see over a thousand suspect probes at our gateway every week from eastern Europe. We need to lock down access to only authorized users. We’re also concerned with threats hidden in an increasingly high proportion of encrypted traffic.”

SonicOS Goes Modern

There’s nothing like a fresh UI. Our teams have worked tirelessly to re-envision everything about our popular operating system, SonicOS. Featuring more than 50 improvements and enhancements — not to mention a modern look and feel — SonicOS 6.5 is the biggest customer-driven release in company history.

“SonicWall products have always been very good, but the new SonicOS 6.5 is a giant step forward,” said Greg Thomas, owner of ComLogic, a SonicWall partner. “SonicWall is clearly visionary, not just in protection, but in analytics and usability as well. The new UI is fresh, relevant and easy to use.”

The most apparent change you’ll notice is the slimmed navigation, which now places emphasis on three of the most important functionalities: Monitor, Investigate and Manage.

“The biggest thing you’ll notice is that we’ve moved the navigation around,” said SonicWall senior UX and product design lead Tara Kelly. “We’ve done this to separate all the tasks that you need to do in three macro categories. This takes what used to be a giant menu on the left-hand side and breaks them down into smaller, bite-sized tasks.”

SonicOS offers all the standard features and capabilities you’d expect in easy, convenient locations. This includes everything from logs, reports and tools to upgrades, connectivity breakouts, systems setups and security configurations.

We will have more on SonicOS 6.5 in the future, including detailed overviews and walkthroughs.

Real-Time Analytics for Firewalls & Access Points

Each and every administrator, architect, analyst and cyber security pro wants to make better decisions faster. We want to be confident, smarter and decisive. Unfortunately, we don’t always have actionable data when we need it. In many cases, we have too much data that’s unorganized and unusable.

The new SonicWall Cloud Analytics application will help solve this everyday challenge. The intelligence-drive engine features real-time data presented in a structured, meaningful, actionable and easily consumable manner. You’ll be able to monitor, record, analyze and report security data for deep forensic analysis across multiple SonicWall firewalls and SonicWave wireless access points.

Our goal is to truly empower security teams, analysts, auditors, boards, C-suites and stakeholders to discover, interpret, prioritize and take appropriate defensive actions against both known and unknown cyberattacks or threats. Smarter decisions faster.

An extension of the recently introduced SonicWall Cloud Global Management System (GMS), SonicWall Cloud Analytics provides extensive drill-down investigative and forensic capabilities for deep security data analysis, including traffic, applications, threats, and user behavior and activities.

SonicWall SonicWave Is New Standard for Wireless Speed

As the number of applications and data-heavy services grow, so do speed demands. Based on the high-performance Wave 2 802.11ac standard, the new SonicWave access points couple speed, reliability, range, consistency and security into a single, cost-effective appliance.

Wave 2 represents the evolution from the Wave 1 802.11ac standard, which is fairly common in both enterprise and consumer environments. It operates on the 5 Ghz band and can deliver speeds up to 1.3 Gbps.

In contrast, Wave 2 supports multiple users, multiple inputs and multiple outputs (MU-MIMO) and is able to deliver speeds that exceed 3 Gbps. For this reason, the new SonicWave access points feature 4×4 MU-MIMO technology for best-in-class Wi-Fi performance, range and reliability.

“The new SonicWave access points blew me away,” says Spencomp Solutions security specialist Dominic Valois. “The new SonicWave line presents us with a great offering for our customers. With Wave 2 support and 2.5 GbE ports, we can provide larger business sites and campuses with better streaming and bandwidth for hundreds of wireless devices.”

The sentiment from Valois was echoed by Greg Thomas, the owner of ComLogic, a SonicWall partner based in Denver, Colo.

“The 2.5 GbE ports on both the NSA 2650 and SonicWave access points can handle the increasing congestion,” said Thomas. “You can easily position the SonicWave access points for best cellular reception, either for failover or percentage of use.”

Protecting the Mobile Workforce

When employees are on the road, they require secure access to the same systems and applications they trust when on Wi-Fi or wired networks in the office. Not only must access be available anywhere, anytime and on any device, speed and security cannot be compromised.

This truth was the precipitous behind the new SonicWall Secure Mobile Access (SMA) 12.1, which helps enable access to business-critical internal and external apps for employees and partners.

For remote users, vendors and third-party contractors, SMA 12.1 provides policy- enforced secure access to email, file servers and corporate applications using federated single sign-on (SSO) to both cloud and on-premise resources from authenticated devices.

In addition to SSL encryption of sensitive user sessions, SMA provides an additional layer of security by scanning all remote file uploads with the SonicWall Capture Advanced Threat Protection (ATP) service. This helps ensure remote users have the same level of protection from zero-day threats when they are on the road as they have in the office.

Go Faster, Go Safer

If you’d like to learn more about the new security products and services that deliver unprecedented speed and security, please explore the dedicated product pages and resources:

Ready to make the jump to one of the new products or services? SonicWall is ready to help. If you don’t have a SonicWall partner, or are unsure, please contact SonicWall directly. We always welcome new members to the SonicWall family.

SonicWall Expands Scalability of its Next-Generation Firewall Platforms and DPI SSL to Address Encrypted Threats

Day after day, the number of users is growing on the web, and so is the number of connections. At the same time, so is the number of cyberattacks hidden by encryption. SonicWall continues to tackle the encrypted threat problem by expanding the number of SSL/TLS connections that it can inspect for ransomware.

Today, a typical web browser keeps 3-5 connections open per tab, even if the window is not the active browser tab. The number of connections can easily increase to 15 or 20 if the tab runs an online app like Microsoft SharePoint, Office web apps, or Google Docs. In addition, actions such as loading or refreshing the browser page may temporarily spike another 10-50 connections to retrieve various parts of the page. A good example this scenario is an advertisement heavy webpage that can really add connections if the user has not installed an ad blocker plugin. Also keep in mind that many ad banners in web pages embed a code to auto-refresh every few seconds, even if the current tab is inactive or minimized. That said, it makes a lot of difference how many browser tabs your users typically keep open continuously during the day and how refresh-intensive those pages are.

We can make some assumptions on the average number of connections for different types of users.  For example, light web users may use an average of 30-50 connections, with peak connection count of 120-250.  On the other hand, heavy consumers may use twice that, for up to 500 simultaneous connections.

If a client is using BitTorrent on a regular basis that alone will allocate at least 500 connections for that user (with the possibility to consume 2,000+ connections). For a mainstream organization it is safe to assume that on average 80% of the users are considered as light consumers, whereas the remaining 20 percent are heavy consumers. The above numbers will provide a ballpark of a few hundred thousand connections for a company of 1,000 employees – 3 to 5 times higher than the number of connections for the same organization a decade ago.

With all the changes in browser content delivery and presentation, as well as users’ advanced manipulation of the web and its content, it’s necessary for SonicWall to address the forever increasing demand in the number of connections to satisfy the customer need and provide them with a better user experience. In the recently released SonicOS 6.2.9 for SonicWall next-gen firewalls, our engineering team has increased the number of stateful packet inspection (SPI) and deep packet inspection (DPI) connections to better serve this need.

Below is the new connection count  for Stateful Packet Inspection connections for SonicWall Gen6 Network Security Appliance  (NSA) and SuperMassive Series firewalls in the new SonicOS 6.2.9 when compared to the same count in the previous 6.2.7.1:

SPI Connection Chart

In addition, the number of DPI connections has increased up to 150 percent on some platforms. Below is a comparison of the new connection count in SonicOS 6.2.9 against SonicOS 6.2.7.1.
DPI Connection Chart

Finally, for security-savvy network administrators we have provided a lever to increase the maximum number of DPI-SSL connections by foregoing a number of DPI connections. Below is a comparison of the default and maximum number of DPI-SSL connection by taking advantage of this lever.

Increase Max DPI SSL Connections Chart

We also enhanced our award winning Capture ATP, a cloud sandbox service by improving the user experience of the“Block Until Verdict” feature, which prevents suspicious files from entering the network until the sandboxing technology finishes evaluation.

In addition, SonicOS 6.2.9 enables Active/Active clustering (on NSA 3600 and NSA 4600 firewalls), as well as enhanced HTTP/HTTPS redirection.

Whether your organization is a startup of 50 users or an enterprise of few thousand employees, SonicWall is always considering its customers’ needs and strives to better serve you by constantly improving our feature set and offerings.

For all of the feature updates in SonicOS 6.2.9, please see the latest SonicOS 6.2.9 data sheet (s). Upgrade today.

NSS Labs Affirms SonicWall Excellence in Security Value Map

On June 6, 2017, NSS Labs published its annual 2017 Next-Generation Firewall (NGFW) Test Report and Security Value MapTM (SVM). For the first time in five years, NSS Labs did not place SonicWall in its “Recommended” quadrant of the SVM. In response, SonicWall immediately resolved the identified issues, automatically updated our firewalls worldwide, and was then publicly retested by NSS Labs to place in its upper right quadrant.

The results of this public retest mean that, SonicWall has excelled in the industry’s most comprehensive, real-world testing of NGFWs once again. With its updated 2017 findings, NSS Labs verifies that the SonicWall NSA 6600:

  • Blocked 99.76% of real-time, real-world live exploits
  • Tested 100 percent effective in countering all advanced HTTP evasion, obfuscation and fragmentation techniques
  • Earned 100 percent in stability and reliability, firewall, application control and identity awareness tests

Rapid response

It is perfectly normal in these types of cyber war games to uncover security gaps. It took NSS Labs five years and seven iterations of its test methodology to introduce a new evasion technique that uncovered a security gap in the SonicWall device.  In the initial tests, the SonicWall NSA 6600 running SonicOS version 6.2 had failed a number of HTTP evasion test cases.  After analyzing the evidence provided by NSS Labs, SonicWall immediately mitigated the identified issues with an automatic worldwide update to our security services on our installed base of next-generation firewalls.

Affirmation from NSS Labs

Only one vendor has been able to maintain the NSS Labs Recommended rating for all five years since the NGFW report first published.  In fact, for four years straight, SonicWall was one of only two vendors to be recommended each year, and in last year’s test, we earned a 100% score in the evasions category.

With SonicWall’s updates, NSS Labs retested the NSA 6600 using the same HTTP evasion techniques with a modified exploit. NSS Labs verified that SonicWall was no longer susceptible to the previously cited HTTP evasion techniques. The NSA 6600 now consistently blocks tested HTTP evasion techniques. NSS Labs noted this in both its SVM and its individual SonicWall SVM test report.

As the graph below shows, the SonicWall NSA 6600 now is strongly positioned in the upper right quadrant.  The blue dot (Figure 1) shows the new SonicWall positioning and demonstrates that the SonicWall NSA 6600 is one of the highest-rated, best-valued NGFWs in the industry, with scores of 97.8% Security Effectiveness and a low TCO of $10 per Protected Mbps.  Another critical data point is that in this retest, the SonicWall NSA 6600 scored 100 percent of evasions in the HTTP evasion test. (Figure 2).

NSS Labs

SonicWall recognizes and values NSS Labs long-standing reputation as an unbiased third party product test and validation organization. We endorse NSS Labs’ test methodology and trust its results. NSS Labs tests have produced extremely useful test results that challenge security vendors to be continuously vigilant. The value of this type of service is maximized when the tests uncover security gaps in security devices before real adversaries do.

Flexible, automated, self-healing security

More importantly, the flexibility of our solution allowed us to automatically provide protections for the evasions NSS Labs discovered to all of our worldwide firewalls, with no need for firmware updates. This flexibility is unique in the market, and a core strength of SonicWall’s automated real-time breach detection and prevention solution, consisting of our next-generation firewalls, intrusion prevention, gateway anti-malware, Capture Advanced Threat Protection, email security and secure remote access products.

In fact, our Capture Labs team provided remediation for the newly discovered NSS issues within 24 hours! This means our customers don’t need to wait for days or even months until new, fully tested firmware is available. Remember, in cases like this, any network is vulnerable until the solution patch is applied.

Staying ahead of the pack

It is important to note that in this year’s NSS Labs SVM, eight of the ten vendors were actually susceptible to the new HTTP evasion test cases. Of the eight, only SonicWall and one other vendor were able to remediate the evasions in an automated fashion.  Tellingly, several vendors placed in the “Recommended” quadrant had still not provided remediation at all. This is why an automated, self-healing solution is absolutely required in today’s extremely fast-paced and complicated cyber threat landscape.

We encourage you to read the full NSS Labs SonicWall Secure Value Map report to learn more.

Petya 2.0? Or PetWrap? Or NotPetya? Is This the New Normal in Cyber Security?

Updated July 6, 2017, 11:51 AM PT

When the latest massive global cyber attack first hit on June 27, the security community observed that the payload behavior closely matched Petya ransomware, which emerged back in 2016, so we initially called this a variant. However, SonicWall Capture Labs researchers confirmed that this is definitely not Petya ransomware. In fact, it masquerades as ransomware but there is no boot sector decryption capability, so in reality this is a wiper-like attack which is generally used as a cyber weapon for targeted system destruction. At this point, the malware is being referred to as  NotPetya, ExPetr, Nyetya, PetWrap or GoldenEye.

Like WannaCry, this latest attack propagates using EternalBlue, one of the exploits that was leaked from the NSA back in April, which has led to comparisons between the two. The origins are still in dispute, but our position is that regardless of whether it is a cyber crime or a state sanctioned attack, the capacity to inflict not only financial but also brand and operational damage to organizations around the world is enormous.

What we see is that the cyber arms race continues to evolve. If I were to boil this down to its essence, cyber criminals are combining exploits and attacks in creative ways that are not necessarily brand new, but can be tweaked and combined in new ways to create very effective attacks. Like mixing cocktails, the ingredients are all well known, but the exact mix is completely new.

SonicWall Capture Labs confirmed in a SonicAlert issued on June 27 that customers had been protected from this cyber attack through both our intrusion prevention service as well as the SonicWall Capture network sandbox prior to the attack. Gateway AV signatures were also added after we analyzed the payload to detect and protect against the modified ransomware. Stay tuned for more updates from SonicWall as this situation unfolds.

What the attack looks like:

Petya Lock Screen

Petya Payment Screen

Information for SonicWall customers

SonicWall provides protection from this latest attack in a variety of ways for customers with both next-generation firewalls and email security solutions. Here is a breakdown of the protection details.

SonicWall Intrusion Prevention Service – prevents propagation of known malware

  • Existing protection against the NSA EternalBlue exploit of the SMB1 protocol, originally deployed to our firewalls in April 2017, continues to be effective at blocking the malware propagation.
  • No new signatures necessary.

SonicWall Gateway Anti-Virus Service blocks known malware at the gateway

  • We released new signatures to cover the modified payload on June 27. The following have been pushed to all firewalls.
    • GAV: GoldenEye.A_5 (Trojan)
    • GAV: WisdomEyes.A_2 (Trojan)
    • GAV: GoldenEye.A_4 (Trojan)
    • GAV: Petya.A_8 (Trojan)
    • GAV: Petya.AA (Trojan)

SonicWall Capture ATP Network Sandbox Service

  • Detects unknown zero-day malware
  • Capture customers had protection at time zero since the multi-engine sandbox detected the modified Petya payload.
  • Any customers using our Block until Verdict feature was protected in the case that the attack came in through a method other than EternalBlue.

SonicWall Email Security

The best defense against modern malware attacks includes:

  • SonicWall next-generation firewalls with gateway anti-virus and intrusion prevention services
  • SonicWall Capture ATP, our multi-engine cloud sandbox that is designed to address the 1% of new attacks that have not been seen before
  • SonicWall’s Deep Learning Algorithm, which learns from over 1,000,000 sensors deployed around the globe, with the ability to push out real-time updates within minutes. Deep learning is helping us with the speed of detection and identification as well as the ability to create protection and push to the Capture Threat Network.
  • Because more than 50% of malware is encrypted, as a best practice, always deploy SonicWall Deep Packet Inspection of all SSL/TLS (DPI SSL) traffic. This will enable your SonicWall security services to identify and block all known ransomware attacks.
  • SonicWall Email Security which uses malware signatures to block email-borne threats that are often used to deliver malware. It is estimated that 65% of all ransomware attacks happen through phishing emails, so this also needs to be a major focus when giving security awareness training.
  • Customers should activate SonicWall Content Filtering Service to block communication with malicious URLs and domains, which work similar to the way botnet filtering disrupts C&C communication.
  • Apply the latest Windows patches provided by Microsoft, especially the MS17-0170 patch.
  • Block incoming requests to ports 135, 139, and 445 on your Windows firewall. Also disable SMBv1 on Windows machines.
  • Train your users to shut off their computer if they suspect a malware infection.
  • And it is always a good idea to maintain current backups of all critical data to allow recovery in the event of a ransomware event.