Posts

Don’t Be Fooled by the Calm After the WannaCry Chaos: Continuously Toughen Your Security

Some consider WannaCry to be the first-ever, self-propagating ransomware attack to wreak havoc across the globe. The chaos that followed is yet another harsh wake-up for many, in a situation far too familiar.  Only this time, the victims are new, the infection spreads more rapidly, the effects are far-reaching and the headlines are bigger.  I am sure you may be feeling overwhelmed with the ongoing news coverage of the EternalBlue exploit, WannaCry ransomware and Adylkuzz malware this past week.   Let us recap a few important observations to help us avoid a replay of history.

The WannaCry crisis was unlike any previous zero-day vulnerabilities and exploits that caused massive cyber-attacks in previous years. The major difference in this event is that there were early warning signs portending this sort of cyber-attacks through a series of leaks by the Shadow Broker, an unidentified hacking entity responsible for putting stolen U.S. National Security Agency (NSA) hacking secrets in the hands of nefarious actors, both foreign and domestic, looking to do us harm. Since the forthcoming threat was public knowledge and organization had ample time to mitigate the risk, why was WannaCry still able to achieve the level of success that it did? The reasons are quite simple and common with most organizations today.

1. Take care of the basics

Winston Churchill once remarked, “We live in the most thoughtless of ages. Every day headlines and short views.” Although the wisdom in these words was uttered many years ago, it seems as though we have yet to change our ways with respect to repeating poor cyber hygiene patterns. There are data security experts who have suggested that poor cyber-hygiene has caused as much as 80% of security incidents. Whether this figure is accurate or not, it is certain that the WannaCry and Adylkuzz attacks are the latest examples to support this statistic. Because of unpatched Microsoft’s Windows systems, victim organizations have allowed a broadly publicized and easily preventable exploit and ransomware to move into their environments simply because some of the most basic security measures were either not established or followed.

To avoid repeating this sort of mistake, organizations must understand that taking care of the basics means standing between being likely breached and likely avoiding one. Therefore, instituting a zero-tolerance policy to patch every system and device in the environment must never be an option. Putting in place auditable workflows and technology that can programmatically check and perform security updates without the need for manual intervention will help organizations move towards a more proactive defense posture.

2. Security staffing an unsolved problem

What we are seeing right now is a serious talent shortage in the security employment industry. Hiring good, affordable security professionals is a huge concern for many organizations across all industries. When organizations do not have adequate security staff or are unable to fill positions, they do not have the capacity necessary to proactively identify and remediate risk areas at the speed needed to avoid a security event like WannaCry. This common, unsolved problem manifests itself with most organizations, especially during major cyber events.

Many of the most significant issues organizations have in common today include the lack of understanding and visibility of:

  • What and where are the at-risk assets
  • Who and where are the at-risk users
  • What and where are the at-risk systems and devices
  • What are the risks and threats to focus on
  • What a proper security response plan looks like are

3. Lack the right tools in place

We have a situation today where exploit kits and ransomware are leveraging SSL/TLS encrypted traffic predominately for evading detection. A recent Ponemon Institute study reported that 62% of respondents say their organizations do not currently decrypt and inspect web traffic. However, the real concern is the fact that half of those respondents, who disclosed they were victims of a cyberattack in the preceding 12 months, claimed attacks leveraged SSL traffic to evade detection. So why is that?

The reasons provided in the same Ponemon study revealed that for those organizations that are not inspecting encrypted traffic:

  • 47% of the respondents said lack of enabling security tools was the top reason
  • 45% divulged that they do not have sufficient resources
  • 45% said they have overwhelming concerns about performance degradation.

Encrypted attacks threatening mobile devices, endpoint systems and data center resources and applications are on the rise. As we move towards an all-encrypted internet, organizations no longer have a choice whether to establish a security model that can decrypt and inspect encrypted traffic to stop hidden threats.

To learn more, here are two relevant informational pieces written by my colleagues on the WannaCry ransomware event that I highly recommend you to read. They offer additional perspectives and insights that can help you solve these security issues and be readily prepared for the next wave of cyber-attacks.

  1. WannaCry Ransomware Attack – It’s a Tragedy: What’s Next for Your Network? by Rob Krug, Solution Architect, Security
  2. SonicWall Protects Customers from the Latest Massive WannaCry Ransomware Attack by Brook Chelmo, Sr. Product Marketing Manager

When the chaos over WannaCry calms, the big question becomes, will you move on from this historic event with the lessons we’ve learned? Your answer is crucial since it will determine if the next major incident yields a more readied response from your organization.

 

Footnote: Ponemon Study,  Uncovering Hidden Threats within Encrypted Traffic, 2016

Are You Seeing This? Uncovering Encrypted Threats

Night vision goggles. Airport x-ray machines. Secret decoder rings. What do they all have in common? Each helps you find something that is hidden, whether it’s an object or code that someone may not want you to discover. Your organization’s security solution needs to perform in a similar manner by inspecting encrypted traffic. Here’s why.

Over time, HTTPS has replaced HTTP as the means to secure web traffic. Along the way there have been some inflection points that have spurred on this transition such as when Google announced it would enable HTTPS search for all logged-in users who visit google.com. More recently, Google began using HTTPS as a ranking signal. Other vendors including YouTube, Twitter and Facebook have also made the switch. If you read articles on the use of Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption the latest numbers typically indicate that a little over 50% of all web traffic is now encrypted and that percentage is expected to continue growing. At SonicWall, data gathered by our Global Response Intelligence Defense (GRID) Threat Network shows the percentage to be a little higher, around 62%. We found that as web traffic grew throughout 2016, so did SSL/TLS encryption, from 5.3 trillion web connections in 2015 to 7.3 trillion in 2016. Like others, we also expect the use of HTTPS to increase.

On one hand, this is good news for everyone. Securing web sessions, whether the user is making a financial transaction, sending/receiving email or simply surfing the Internet, is a good thing. It’s also good business for organizations such as online retailers who receive sensitive personal and financial information from their customers and need to secure it from hackers. On the other hand, cyber criminals are now hiding their attacks in encrypted web traffic. Threats such as malware, intrusions, and ransomware are able to pass through the network undetected if they’re hidden using encryption. Cyber criminals are also using encryption to receive communications back from infected systems.

Given organizations’ growing trend toward HTTPS and its use by hackers to steal information, it makes sense to have a security solution in place that can decrypt and scan SSL/TLS-encrypted traffic for threats. Not everyone does, however, especially smaller organizations. According to Gartner’s Magic Quadrant for Unified Threat Management (UTM) from August 2016, the research and advisory company estimates that “Less than 10% of SMB organizations decrypt HTTPS on their UTM firewall. This means that 90% of the SMB organizations relying on UTM for web security are blind to the more advanced threats that use HTTPS for transport.”

Let’s add a little more fuel to this. By now most people have heard of the “Internet of Things.” The idea is that we have all manner of devices available that can connect to the Internet and send/receive data. No longer is it just our PC, laptop, smartphone and tablet. It’s our TV, car, refrigerator, watch, security camera. Essentially anything that’s Internet-enabled. The number of connected devices is growing rapidly. Gartner forecasts there will be 8.4 billion connected “things” in use in 2017 and by 2020 that number will grow to 20.4 billion. That’s a lot of things that can be potentially taken over by malware delivered through encrypted traffic.

Here’s the big question every organization needs to ask. “Does our security solution (typically a firewall) have the ability to decrypt SSL/TLS-encrypted web traffic, scan it for threats, use deep packet inspection technology to stop malware, and do it all with little or no performance hit?” If your firewall is three years old or more, the answer is likely no. Legacy firewalls may decrypt the traffic and do some threat detection, but not prevention. Or, it may do everything that’s required, just very slowly which isn’t good either. The firewall shouldn’t be a bottleneck.

In his blog titled, “DPI-SSL: What Keeps You Up at Night?” my colleague Paul Leets states, “We must look into encrypted packets to mitigate those threats.” And he’s right. We need to be able to “see” into encrypted traffic in order to identify threats and eliminate them before they get into the network. And it needs to be done in real time. We call this automated breach prevention and it’s what our lineup of next-generation firewalls delivers. To learn more about automated breach prevention and how SonicWall next-generation firewalls decrypt SSL/TLS-encrypted traffic and scan for and eliminate threats without latency, visit the “Encrypted Threats” page on our website. Secret decoder ring not required.

SonicOS 6.2.7 Delivers More Breach Prevention and Easier Management to Next-Gen Firewalls

There is no end to the danger of cyber-criminal activities, as long as there is an underground marketplace that makes it almost impossible for authorities to intervene and enforce law and order.  We continue to see our adversaries relentlessly going after money by developing and experimenting with different methods and tools against new and existing vulnerabilities, in preparation for the next phase of their business model. To deal with this cybercriminal activity and have greater network security, I am excited to announce SonicOS 6.2.7, which provides enhanced breach prevention, a new threat API, improved scalability and connectivity while simplifying management to ensure small businesses and large distributed enterprises receive a high quality-of-service level, increased on-demand capacity and connectivity and better security.

Here are some of the historical cyber attacks that require deeper network security:

  1. CVE logged nearly 4,000 new vulnerabilities with more than two-thirds of them associated with network attacks.
  2. Ransomware was spotted as far back as 2005, but rarely seen until its recent return to the world stage as the most popular payload for spam, phishing and exploit campaigns, collecting an estimated of $200 million in ransom payout globally so far. The fear of infections and subsequent business disruptions has forced institutions to begin augmenting their existing defense model to address this threat.
  3. According to NSS Labs, the malicious use of encryption is rapidly growing and allowing criminals to use it as an effective evasion technique. When encrypted connections are improperly managed and go uninspected, they become defenseless tunnels for concealing malware downloads and command and control (C&C) communication, spreading infections and most serious of all, extracting massive amounts of data.
  4. In November, the Mirai botnet management framework launched the largest mass-scale distributed denial of service (DDoS) attacks on record, using hundreds of thousands of Linux-based IoT devices that took down a major DNS service provider. IoT-based attack is anticipated to be one of the fastest growing and most prevalent attack vectors in 2017.
  5. A new breed of exploit kits surfaced leveraging cryptographic algorithms to encrypt and obfuscate landing pages and malicious payloads to spread ransomware at scale more effectively.

Moreover, organizations are quickly embracing new technologies such as cloud and virtualization to advance their digital business ambition.  As they embrace these new technology platforms, they find themselves needing to augment their network architecture to meet new data, capacity and connectivity demands.

The biggest question now is what we can do differently in our cyberdefense model to scale performance, secure us from advanced threats and help enable organizations to grow and move securely forward. SonicWall introduces the latest update to its next-generation firewall SonicOS operating system, version 6.2.7.0.  Many of new features in the release are focused on three primary outcomes of the firewall system.

  1. Enhancing breach prevention capabilities
  • Deep packet inspection of SSH (DPI-SSH) to detect and prevent advanced encrypted attacks that leverage SSH, block encrypted malware downloads, cease the spread of infections, and thwart command and control (C&C) communications and data exfiltration
  • Threat API platform designed to receive any and all proprietary, OEM and third-party threat intelligence feeds to combat a wide variety of advanced threats such as zero-day, malicious insiders, compromised credentials, ransomware and APTs
  • Biometric authentication technology on the user mobile device such as fingerprints that cannot be easily duplicated or shared to securely authenticate the user identity for network access.
  • Additional security extensions include granular SSL controls and DPI-SSL of IPv6 encrypted traffic, DNS Proxy to securely control both incoming and outgoing DNS traffic to eliminate any potential DNS cache poisoning, DNS spoofing, and buffer overflow attacks transmitted through DNS commands and more
  1. Improving ease of use and management
  • Auto-provisioning VPN simplify and reduce complex distributed firewall deployments down to a trivial effort by automating the initial site-to-site VPN gateway provisioning while security and connectivity occurs instantly and automatically.  As an added advantage, policy changes are centrally managed and automatically updated on every VPN peer across the WAN environment.
  1. Increasing scalability and connectivity
  • Dell X-Series Switch extensibility enhanced network security flexibility and scalability that adapts to service-level increases and ensures network services and resources are continuously available and protected when capacity grows without having to upgrade the firewall system.

Download the SonicOS 6.2.7 today.

CRN Recognizes SonicWall’s Steve Pataky as 2017 Channel Chief

Steve PatakyI am honored to highlight my esteemed colleague, Steve Pataky, Vice President of Worldwide Sales at SonicWall, who was just named CRN Channel Chief – the Top 50 Most Influential Channel Chiefs of 2017. Steve not only brings with him more than 25 years of experience and an industry reputation for architecting and executing global channel and go-to-market strategies, but also a deep and genuine passion for helping partners succeed. He’s been a recipient of the CRN Channel Chiefs award for several years, and was among the magazine’s 50 Most Influential Channel Chiefs in 2014, 2015 and again this year.

CRN’s 50 Most Influential Channel Chiefs of 2017 are drawn from a larger group of Channel honorees that represent the elite members of the IT channel executives – “leaders who drive the channel agenda and evangelize the importance of the channel partnerships.”

2017 Channel Chief

These are exciting times for SonicWall and our Partners. As the newly independent SonicWall we are proudly declaring that we are once again 100% channel, 100% security, 100% of the time. We are so fortunate to have the most tenured, talented and loyal Partners and I know Steve, along with the entire company, feels a deep and abiding obligation to ensure this next generation of SonicWall always puts our Partners first in our strategies and our priorities.

To that end, Steve and our channel team have launched the SonicWall SecureFirst Partner Program worldwide to our thousands of valued SonicWall Partners. SecureFirst is designed to easily give partners access to our entire security portfolio and reward them for the value they bring to selling and supporting SonicWall solutions. We’re thrilled that SecureFirst is off to a extremely fast start. In the first 90 days:

  • SecureFirst program registrations reached over 9,000 Partners across 90 countries
  • SecureFirst registrations in North America exceeded 5,900 Partners
  • SecureFirst Deal Registrations have spiked 66% in North America since divestiture

We look forward to continue helping our partners work with their customers to successfully navigate the expanding landscape of advanced threats in the cyber security arms race. We’re actively driving an industry-leading product portfolio to help customers detect and prevent breaches delivered in any vehicle, in any package, across any network and on any device. In fact, our continued innovations around the SonicWall real time breach prevention platform recently won four awards at RSA 2017 including SC Magazine Trust Award for Best UTM Security Solution for our SonicWall TZ Firewall Series.

It’s clear that with Steve as our channel chief, backed by the full commitment and resource of SonicWall, we will continue to always put our Partners first, with SecureFirst.

Simple Tips for Network Sanity: Patch Tuesday, Exploit Wednesday and Uninstall Thursday

Today I’d like to talk a little bit about our partnership with Microsoft and patch management. In a previous life I was a network/sysadmin. A brief description of that role was “If it has a blinking light on it, I am responsible for it,” which meant on most days I felt like I was living in the middle of a sci-fi movie, surrounded by demanding technology.

When you live in a hair-on-fire environment like that, keeping up with Microsoft patches can be painful. You can set them to automatically download and install and you should be good, that is unless the patch breaks something or even worse – it breaks everything.

When you have business-critical applications that are legacy or just plain old, patching can break them. If that app in question is the bread and butter of the business, patching can bring down the entire company. On the other hand, not patching for known vulnerabilities can be just as bad, if not worse.

There is an old saying: Patch Tuesday, Exploit Wednesday, and Uninstall Thursday.  Microsoft normally releases patches on the second Tuesday of the month, so Exploit Wednesday is when the cyber criminals have analyzed the details from Tuesday and deliver code to exploit the systems that haven’t been updated. Uninstall Thursday is the day you finally figure out that it was the Tuesday patch that broke your mission-critical system and you need to uninstall it to get things back to normal.

To say it is a Catch-22 would be an understatement. How do you stop the insanity? We, SonicWall, have partnered with Microsoft in a program call MAPP. Microsoft gives us  advance knowledge of what will be patched prior to Tuesday so that we have signatures in place to protect our customers who just can’t patch on Tuesday.

Should you patch on Tuesday? Yes, you should absolutely patch on Tuesday or any other day Microsoft releases a patch. But if there are times you just can’t, we can help protect you until you can. Assisting with patches is one of the many little things we have been doing quietly in the background for years that most people are unaware of. Now you know we have you covered when you are stuck in this Catch-22. The biggest take away is that you should patch. I can’t stress that enough: patch, patch, patch! But if you can’t, know that we are already behind the scenes, helping to keep your network safe.

Visit SonicWall GRID Threat Network for MAPP bulletins.

For the Security Advisories for MAPP, you can click here.

Three Tough Questions You Must Ask About HTTPS to Avoid Cyber Attacks

Preventing your organization from being the victim of an inevitable cyber-attack is paramount so it is important for us to kick off this blog with an important risk question.

Do you know whether or not your organization‘s firewall is inspecting HTTPS traffic traversing its networks?

I have polled this question on numerous webinars I have conducted over the past year. The results consistently showed the majority of organizations have yet to perform HTTPS inspection as part of their defense strategy. With HTTPS on the rise, accounting for nearly two-third of your organization’s internet traffic today, hackers have expanded their craft to use the protocol to obfuscate their attacks and malware from security systems. Your timely response to this new threat could mean the difference between experiencing a material breach versus successfully averting one. Of course, the latter would be desirable. So, should you have the slightest doubt about your organization’s security posture to deal with encrypted threats, I want you to immediately pause and resume reading this post after you have spoken to your IT security leaders. I’d like you to raise your concerns about the potential millions of intrusions and tens of thousands of malware attacks launched against your organization each and every hour – many of which are likely new versions of ransomware delivered inside of HTTPS sessions. If the firewall is not inspecting this traffic, it would not have the ability to understand what is inside that traffic – whether a file is benign or malicious, credit cards being stolen or financial and health records were being shared with an external system. I hope you return to this blog with a sigh of relief that your organization is not among the majority of respondents that do not.

You got the good news that your organization is inspecting HTTPS traffic. The next logical question is:

“Has your organization experienced frequent network service disruptions or downtime as a result of a total collapse of your firewall performance when inspecting HTTPS traffic?”

Inspecting encrypted traffic is not without its set of big challenges. There are two key components of HTTPS inspection that severely impact firewall performance – establishing a secure connection and decrypting and later re-encrypting packets for secured data exchange. Unlike inspecting internet traffic in plain text, encrypted traffic introduces six additional compute processes that must occur before data is sent back and forth between a client’s browser and the web server over an HTTPS connection. Each process is highly complex and compute-intensive. Most firewall designs today don’t provide the right combination of inspection technology and hardware processing power to handle HTTPS traffic efficiently. They often collapses under the load and subsequently disrupt business-critical operations. According to NSS Labs, the performance penalty on a firewall when HTTPS inspection is enabled can be as high as 81 percent. In other words, your firewall performance is degraded to a level that it is no longer usable.

This leads us to the final and most important question:

“How can you scale firewall protection to prevent performance degradation, lag and latency of your network when inspecting HTTPS traffic?”

The right answer begins with the right inspection architecture as the foundation. Most modern firewalls today have deep packet inspection (DPI) capability claiming to solve many of the above security and performance challenges. However, not all firewalls perform equally or as advertised in the real world. In fact, many of them have inherent design inefficiencies that reduce their ability to handle today’s massive shift towards an all-encrypted Internet. You have one of two choices when it comes to inspection technology. These are Reassembly-Free Deep Packet Inspection (RFDPI) and Packet Assembly-based. Each uses different inspection method to scan and analyze data packets as they pass the firewall. You will quickly discover the performance of most firewalls will collapse under heavy HTTPS load. To avoid a post-deployment surprise, my recommendation is to do your due diligence. Thoroughly qualify and measure all firewalls under consideration and select one that meets both your desire level of performance and security effectiveness without hidden limitations. These are fundamental metrics that you want to heavily scrutinize when selecting a firewall to perform HTTPS inspection. Establishing the right firewall foundation will give you the agility to scale your security layer and solve the performance burden of inspecting HTTPS traffic inside your data center operations.

Uncovering evasive threats hiding inside encrypted network traffic is central to the success of your network defense. For more detail information, read our Executive Brief titled, “The Dark Side of Encryption – Why your network security needs to decrypt traffic to stop hidden threats.”

BlackNurse DDoS Attack Can Interrupt your Network; Discover how SonicWall Blocks

Whenever there’s talk of a DDoS (distributed denial-of service) attack, network administrators think of multiple systems flooding a network device from various locations on the internet. However, when it comes to BlackNurse, a new & quite different type of DDoS, a single laptop can launch the attack to bring down the gateway firewall!

Last week the TDC SOC, Security Operations Center of Denmark Telecom, updated its report stating how BlackNurse, as a non-traditional DDoS attack can harm your network. Typically, a normal ping attack is based on an ICMP Type 8 Code 0, whereas BlackNurse is ICMP Type 3 Code 3. The attack will overload the firewall CPU which, as a result, causes an increase in dropped packets.

Unlike traditional ICMP flood attacks, BlackNurse can consume low-bandwidth pipes and disrupt the operations of your organization. Whether your uplink speed is 100Mbps or even 1Gbps, BlackNurse is effective even at bandwidths as low as 15Mbps.

The typical impact observed on firewalls is high CPU loads. In such cases users on the company’s local network will no longer be able to send or receive traffic to and from the internet. That’s because the firewall is busy processing the heavy load of incoming packets from the attack.

Now as a SonicWall firewall owner the first question coming to your mind is: Am I protected against BlackNurse?

The answer is: YES. All you need to do is to guarantee “ICMP Flood Protection” is enabled in Firewall Settings in user interface (see image below). In order to gain more information on configuring ICMP Flood Protection please refer to the SonicOS admin guide.

Screenshot of ICMP Flood Protection screen

According to Akamai’s September 2016 security report DDoS attacks are on the rise with 70 percent year over year. Security of our customers is our top priority, and SonicWall takes every measure to protect your network against all threats, DDoS included.

Please stay informed and updated with our SonicWall Threat Research updates here.

What’s Your E-rate Plan? Three Things to Consider

A few weeks ago one of my sons got a new Chromebook at school. The old one had been around for a few years and was rather outdated in terms of the technology. The new version has a touch screen and can be used as a laptop or tablet. Not exactly new to anyone in the tech world, but for a kid it’s pretty exciting. From the school’s perspective, it was clearly time to replace aging hardware and take advantage of the latest technology innovations for learning. In other words, the school had a plan.

Schools and libraries applying for E-rate funds also need to have a plan. I’m not talking about figuring out who is going to complete and file Form 470 and when it should be submitted. This is about understanding your current network infrastructure and how you will use the funds to build a better, faster version that delivers on new initiatives over the next few years. When you’re building out your plan, here are three things you should consider.

  1. Look ahead three to five years. Considering how fast technology changes, three years will keep you on top of new developments although five years is more practical from a cost perspective. E-rate Category 2 services such as firewalls, routers, switches and access points continue to evolve rapidly with new features and faster speeds. For example, today’s firewalls can block threats such as ransomware that the previous generation can’t, and those legacy firewalls are only a few years old.
  2. Don’t let hardware slow you down. The use of online learning in the classroom continues to grow. So too does the use of bandwidth-intensive apps. When evaluating products that will go into your infrastructure, understand how much of your current capacity is being used. Then buffer that by 20% to 30% to plan for future growth. Just as important, make sure any hardware you look at can handle the increase in bandwidth. Otherwise it can become a bottleneck in the network.
  3. Let someone else manage security for you. Something that schools and libraries may not be aware of is that they can outsource security as a Managed Internal Broadband Service within Category 2. This covers services provided by a third party for the operation, management, and monitoring of eligible broadband internal connections components. The good news with this approach is that you won’t incur any upfront capital expenditures, you typically pay a low monthly subscription fee and you have a predictable annual expense model.

School IT directors are frequently tasked with implementing initiatives that help enhance learning in classrooms and across school districts. Often, however, they have to say “No” due to security risks that opening the network poses. So how can IT become a “Department of YES”? When building your plan, look for E-rate eligible products that support initiatives such as secure access to resources, mobility, moving to the cloud, compliance and others. If the products you’re considering can’t enable these securely, then you don’t want to spend your valuable E-rate dollars on them. To learn more about E-rate and how it can be used to purchase eligible security products for your network, read my earlier blog on the topic.

For some schools building and maintaining a security infrastructure isn’t something they can or want to take on. If that’s case for your school or district, SonicWall Security-as-a-Service may be the answer. We’ll connect you with a SonicWall-certified partner who’s experienced at installing, configuring and managing a network security infrastructure.

To learn more about SonicWall and E-rate, read our white paper titled, “Technical Considerations for K-12 Education Network Security.”

Work/Life Balance: The Firewall Makes a Save (a “Real IT” Story)

It can be tough to balance your personal life with work when your work is in network security. In my last post, I described how difficult it is for us in IT to defend against the kinds of attacks we see day in and day out. Worse, our own lives become less ours when the security systems we depend on to give us breathing room fall short of our reasonable expectations.

We spend all our time maintaining firewalls and intrusion detection systems, and attackers are always out there, trying to circumvent them. And still the data breaches continue, keeping us focused on threats instead of the life-side of the work/life balance.

Usually I blog about the nuts and bolts of network security solutions from the technology perspective. But there’s a work/life perspective, too, and those solutions can have a real impact on it. The impact is negative when the tools we use just add more stress to our efforts to keep our networks safe, and it’s positive when they help us.

What do I mean by negative and positive impacts?

You know those security appliances that need rebooting a few times a week, freeze up with a couple thousand encrypted connections or bottleneck the network with sluggish performance? Those make a pretty negative impact. They keep you at the office (or worse yet, hunched over your phone) long after you should have unplugged from work and plugged into your other life interests.

Positive impacts include firewalls that can update their signatures automatically and keep up with ever-growing pipes. If you can scale out your overall firewall surface by simply adding more units of the same firewall, instead of spending days and weeks experimenting with different equipment, that’s going to help you strike a work-life balance.

In many ways, technology just prolongs the workday and thwarts the work/life balance, but the right technology will actually help you move back into balance. It’s the stuff that’s going to let you enjoy a leisurely meal with friends, work a Sudoku without interruption and arrive on time for your child’s piano recital.

And keep your head in the game when you’re playing soccer.

We’ve written a Real IT story about an admin whose network security woes keep him from focusing on soccer, his passion in life. Our Real IT stories combine our customers’ actual circumstances in this case, a firewall problem and some of the circumstances that we believe surround them in their personal lives. Have a look at the story and let me know if it reminds you of yourself and your own work/life balance.

Securematics Distributes Advantages to Partners as a Sponsor at Peak 2016, Aug. 28-31

Note: This is a guest blog post by Jon Bennett, Senior Director of Sales at Securematics.

As a sponsor of the Peak16 conference – Govern Every Identity and Inspect Every Packet – at the Aria Resort in Las Vegas, we want to tell you about the excellent team at Securematics and invite you to come spend some time getting to know us from Aug.28-31. We are proud to continue our relationship with SonicWall network security, secure mobile access and connected security solutions and look forward to presenting our value added programs to SonicWall’s solution providers.

Securematics has a team devoted to channel partners and our vendors. The channel environment is constantly evolving and our solutions have to evolve, as well. Partners talk about the “known vs. unknowns” in network security, and much like finding vulnerabilities in a network, Securematics is dedicated to finding focused Solutions and new opportunities. By having a presence at PEAK 2016, Securematics will announce our go to market strategies, security solutions, and exclusive programs like our E-Rate Advantage Program. E-Rate Advantage Program has already helped our channel partners to secure more than $5 million in annual contract revenues since it was launched in August 2015. The demands on today’s network security reseller and managed service provider have evolved. Our programs focus on the growing needs of our partners, providing them technical support, custom credit options, and training.

“Our top priority is to provide our channel partners with the insight, training, technology and support needed to meet customers’ needs and grow their businesses more profitably, and we look forward to continuing to help them build on the success they have already achieved through Securematics.” says Brian Vincik, vice president and general manager at Securematics.

Take a peak at a video highlighting channel partners who attend PEAK16 each year and the opportunity  they gain by attending.

If you or your team want to get to know Securematics more, we’ll be here at booth 106 throughout PEAK, and we can’t wait to talk to you. Stop by our booth enter to win a Phantom 3 Drone by DJI. Be sure to follow the conversation @Securematics and @SonicWall with #YesPEAK. You can still register today: http://www.dellpeakperformance.com/.

Thanks and See you soon!

Jon Bennett | Senior Director, Sales
Securematics, Inc.