Posts

SonicWall Wins Gold and Silver in Best in Biz Awards 2018

SonicWall has been named a multiple winner in the 8th annual Best in Biz Awards, the only independent business awards program judged each year by prominent editors and reporters from top-tier publications in North America.

Best in Biz Awards 2018 honors were conferred in 70 award categories across five focus areas: company; department or team; executive; product; and CSR, media, PR and other categories. SonicWall received Best in Biz honors in in two categories, as a gold winner for the Most Innovative Product of the Year and a silver winner for the Support Department of the Year.

With the addition of the Best in Biz Awards, SonicWall has won 44 industry honors so far in 2018.

SonicWall’s Capture Cloud Platform took the gold award in the Most Innovative Product of the Year – SMB category. The Capture Cloud Platform combines the global security intelligence of the Capture Threat Network with the cloud-based management, reporting and analytics of the Capture Security Center and the advanced threat prevention of the multi-engine Capture ATP sandbox. This approach enables our complete portfolio of high-performance hardware, virtual appliances and clients to harness the power of the cloud.

SonicWall’s Global Support team, under the leadership of SVP and Chief Customer Success Officer Keith Trottier, was recognized with a silver award in the Support Department of the Year category. SonicWall is proud to provide dedicated, follow-the-sun service and support with global contact centers that are staffed 24/7 with technical support and customer service teams.

“All of the entries in the Service categories in this year’s Best in Biz Awards take the meaning of ‘service’ seriously – whether it is targeting individuals, companies or employees,” said Mari Edlin, Healthcare Innovation News, judging her third Best in Biz Awards competition. “Submissions represented an entirely new service, while others added an innovative touch to their other offerings, enhancing already existing, similar products. Hats off to everyone for keeping good service alive!”

Since 2011, winners in Best in Biz Awards have been determined based on scoring from independent judging panels deliberately composed each year of prominent editors and reporters from some of the most respected newspapers, TV outlets, and business, consumer, technology and trade publications in North America. Structured in this unique way, Best in Biz Awards is able to best leverage its distinguished judges’ unparalleled expertise, experience and objectivity to determine award winners from among the hundreds of entries. This year’s judging panel included writers and contributors to such publications as Associated Press, Barron’s, Consumer Affairs, eWeek, Forbes, Healthcare Innovation News, Inc., Investment Advisor Magazine, MediaPost, New York Post, New York Times, Ottawa Citizen and Wired.

For a full list of winners in Best in Biz Awards 2018, visit: http://www.bestinbizawards.com/2018-winners

About Best in Biz Awards

Since 2011, Best in Biz Awards has made its mark as the only independent business awards program judged each year by a who’s who of prominent reporters and editors selected from top-tier publications from North America and around the world. Over the years, Best in Biz Awards judges have ranged from Associated Press to the Wall Street Journal and winners have spanned the spectrum, from blue-chip companies that form the bedrock of the world economy to local companies and some of the most innovative start-ups. Best in Biz Awards honors are conferred in two separate programs: North America and International, and in 70 categories, including company, team, executive, product, and CSR, media, PR and other categories. For more information, visit: http://www.bestinbizawards.com.

SonicWall & ConnectWise Simplify Security Management for MSPs

When it comes to running a well-organized managed security service business, managed security providers (MSP) demand effective, repeatable processes and continuous operation optimization as a key part of their business strategy.

Evaluating and deciding on a wide-range of important operational capabilities are important to developing and delivering the right services — at the right time and for the right cost. These include choosing the right:

  • Technology partner
  • Staff
  • Data center architecture
  • Contractual terms
  • Service-level delivery
  • Go-to-market strategies
  • Back-office automation tools that power the business

To enable this strategy, MSPs face a myriad of business, economic and technical decisions associated with the infrastructure they’re going to develop and business management software they’re going to employ. Establishing a high-valued managed security service requires a solution that integrates modern security with rich management, monitoring and reporting capabilities with leading professional services automation (PSA) software.

“Establishing a high-valued managed security service requires a solution that integrates modern security with rich management, monitoring and reporting capabilities with leading professional services automation (PSA) software.”

This integration should give MSPs visibility and control of their multi-vendor solution environment and help them streamline business operations and reduce operating costs.

To properly empower MSPs, SonicWall introduces Global Management System (GMS) 8.7, bringing greater visibility, manageability and serviceability of network security solutions via integration with industry-leading professional services automation (PSA) tool ConnectWise Manage® software.

With more than 27,000 SecureFirst global channel partners, the GMS-ConnectWise integration is driven by the collective inputs from many years of partner collaborations. The benefits to MSPs are increased visibility into their customers’ data, improved productivity and better overall efficiency.

The combined solution gives MSPs single-portal experience for automated service ticketing and asset synchronization. MSPs can easily and quickly perform and administer these important operational tasks natively within the ConnectWise Manage portal based on set priority and/or severity level.

So, how does this improve MSP operations? Consider the four ways GMS 8.7 and the ConnectWise integration can simplify security management for your customers.

Company Mapping

MSP partners can share selected clients’ profiles between SonicWall GMS and ConnectWise Manage and map all managed SonicWall firewall assets associated with each client within the ConnectWise portal for management and monitoring.

Auto Asset Synchronization Integration

Automatically update the SonicWall security appliances mapped to a client’s account in the ConnectWise Automate portal for asset tracking and usage. Give visibility to client names and device details, such as model, serial, version, active subscription, enrolled dates, service expirations, IP/MAC address and more.

Asset Synchronization

MSPs also gain visibility into asset inventory inside ConnectWise for easier device management. Whenever a new unit is added, a configuration is created for that unit through ConnectWise and the same is stored in GMS. Reversely, whenever a unit is deleted, the configuration created in ConnectWise is deleted and the same is removed from GMS.

Auto Ticketing Service Integration

Create GMS-generated alerts automatically in the ConnectWise Manage ticketing system. Track, document and communicate all open tickets during the correction process until they are resolved and automatically closed.

Ticketing is mapped between the systems. When they are created in GMS, GMS synchronizes to reflect changes to both systems.

Automated Ticketing

ConnectWise can also send status alerts to the stakeholders using various communication tools until a service ticket is acknowledge or closed. These include email, text messages (SMS), phone calls and even iOS & Android push notifications.

With SonicWall, MSPs are partnering with a technology partner with deep expertise in security technology, operations and processes. Because a vast number of SonicWall partners rely on the ConnectWise Manage for their business-management platform, the GMS-ConnectWise integration is the first of many future product integrations to continue servicing our MSP business requirements.

12 Smart Reasons to Upgrade to SonicWall Secure Mobile Access (SMA)

The modern mobile or remote workforce is one businesses’ most valuable resources. Ensuring users have fast and secure anytime, anywhere access to applications, services and networks is a business-critical function.

For many years, the SonicWall Secure Remote Access (SRA) solution was the workhorse for distributed or remote personnel across the world. But technology moves fast. Today’s business environment has more users, applications and services than ever before. Satisfying this need requires a secure, high-performance remote access solution.

That’s why SonicWall introduced Secure Mobile Access (SMA), a unified secure access gateway that enables organization to provide anytime, anywhere and any device access to any application. More memory. More users. More throughput.

The solution’s granular access control policy engine, context-aware device authorization, application-level VPN and advanced authentication with single sign-on enables organizations to move to the cloud with ease, and embrace BYOD and mobility in a hybrid IT environment.

Explore the top 12 reasons organizations are upgrading to SonicWall SMA to deliver the speed, security and user experiences their mobile workforces require.

Shrink Budgets by Going Virtual

Virtualizing your infrastructure provides many benefits, while significantly improving performance needed for today’s secure mobility. Improvements include enhanced scalability and flexibility, reduction in downtime, minimized upfront investment and lower maintenance costs.

Why upgrade: SMA 8200v is a powerful virtual appliance with a quad-core processor and 8 Gb RAM. It delivers high-performance secure remote access — all at a fraction of the cost of a physical appliance.

Go Faster

Having both more and faster processing cores enables SMA to encrypt data-in-motion and with lower latency. The end result is a faster, high-performance experience for end users.

Why upgrade: The SMA series has quad core processors that run at up to 1.8 times the speed of those on the SRA series (single core on EX6000 and dual core on EX7000).

Increase Your Throughput

While speed is important, the ultimate goal is to deliver a seamless user experience. By increasing throughput, you promote better productivity with fast and secure access to mission-critical cloud and on-premises applications.

Why upgrade: SMA appliances have up to 15 times the SSL-VPN throughput of the SRA EX series (1.58 Gbps/400 Mbps/3.75 Gbps vs. 106 Mbps/550Mbps).

Serve More Concurrent Users

The mobile workforce has matured quickly in the past decade. Businesses are serving more remote users than ever before — and usually at the same time. Having a higher number of concurrent user sessions provides greater scalability by enabling more simultaneous user sessions to be active and tracked by firewalls.

Why upgrade: The SMA series offer more scalability from a single appliance for larger numbers of concurrent user sessions compared to the SRA series.

Get More High-Speed Ports

Today’s applications and cloud services are bandwidth hogs. Whether users are accessing sales data from a SaaS application or streaming a video presentation, organizations need the throughout to support bandwidth-intensive applications and high-speed data transfers.

Why upgrade: SMA 8200v supports 2 10-GbE ports and SMA 7200 includes 2 10-GbE ports out-of-the box.

Keep Features, Firmware Current

One of the most important best practices to defend against cyberattack or unknown threats is to always keep patches current. This habit also ensures you’re getting the latest feature updates to take advantage of new capabilities that help reduce costs while embracing trends such as BYOD, mobility and cloud.

Why upgrade: Every SMA firmware version is packed with new features. For example, SMA OS 12.1 is the current recommended firmware that provides advanced features, such as:

  • Federated Single Sign-On (SSO)
  • Face ID AUTH Support
  • Centralized Access Portal for Hybrid IT
  • File-Scanning via SonicWall Capture ATP Sandbox Service

Retain Support, Warrant for Hardware

Delivering secure remote access is a critical IT function that reduces attack surface for cybercriminals. It is imperative that the solution is always fully supported and has a best-in-class warranty — should the need arise.

Why upgrade: The SRA series are approaching End of Life (EOL) and the appliances will not be supported beyond November 2019.

Centralize Management & Reporting

Management and technology oversight are significant cost centers for businesses. By centralizing management and reporting, and automating routine tasks, organizations can drastically reduce administrative overhead. That’s time better spent on core business or security objectives.

Why upgrade: SonicWall Central Management Server (CMS) provides organizations with a single administrative user interface for reporting and management of all SMA appliances. This even includes SSL certificate management and policy roll-outs.

Enhance Resilience & Availability

Downtime happens. But organizations do their best to ensure business continuity and scalability, not to mention service-level agreements are being met. Service providers vastly improve Quality of Service (QoS) and workforce productivity by being in proactive in this area.

Why upgrade: Appliances managed by CMS can be configured as Active/Active or Active/Standby high-availability (HA) clusters for redundancy, availability and reliability. The solution includes Global Traffic Optimizer (GTO) for intelligent load-balancing and universal session persistence in case of failovers.

Store Critical Information with Onboard Memory

While much storage today is outsourced to clouds or servers, having large onboard modules is still a key capability. It allows for the local storage of logs, reports, file transfer inspection, firmware backups and restores, and more.

Why upgrade: The SMA 6200 and 7200 offer storage modules that have 12.5 times the capacity of the SRA series (2 x 500 GB vs. 80 GB).

Reduce Costs by Maximizing Global Usage

Organizations with appliances that are globally distributed can benefit from the fluctuating demands for user licenses due to time differences from off‐work/night hours.

Why upgrade: User licenses no longer need to be applied to individual SMA appliances. With central user licensing, CMS reallocates licenses to managed SMA appliances based on usage.

About SonicWall SMA

SMA is an advanced access security gateway that offers secure access to network and cloud resources from any device. SMA provides centralized, granular, policy-based enforcement of remote and mobile access to any corporate resource delivered using a hardened Linux-based appliance. Available as hardened physical appliances or powerful virtual appliances, SMA fits seamlessly into any existing IT infrastructure.

SonicWall Firewalls Honored, Named A 2018 Gartner Peer Insights Customers’ Choice for Unified Threat Management (UTM), Worldwide

The SonicWall mission — defending organizations in a fast-moving cyber arms race — is only possible because of the commitment and loyalty of our partners and customers.

Gartner peerinsights customers' choice 2018For what we believe is that reason, SonicWall is pleased to have been recognized as a 2018 Gartner Peer Insights Customers’ Choice for Unified Threat Management (UTM), Worldwide.

“The Gartner Peer Insights Customers’ Choice is a recognition of vendors in this market by verified end-user professionals, taking into account both the number of reviews and the overall user ratings,” Gartner said in the official announcement.

To ensure fair evaluation, Gartner maintains rigorous criteria for recognizing vendors with a high customer satisfaction rate. For this distinction, a vendor must have a minimum of 50 published reviews with an average overall rating of 4.2 stars or higher. SonicWall received 122 reviews and a 4.3 rating for Unified Threat Management firewalls as of September 24, 2018. Here are a few snippets from SonicWall reviews provided by real-world customers that contributed to the distinction:

  • “Predominantly, the system is fantastic for our business model and has fantastic capabilities to address site level security.” — Network & Security Manager, Finance
  • “Excellent firewall for a small to medium size business.” — System Administrator
  • “SonicWall is our go-to for security hardware products.” — Project Manager, Services Industry
  • “The ease of use is where the SonicWall OS stands out. As long as you’re familiar with firewall concepts, you’ll be up and running in no time with the TZ [firewall] series. Support is strong and knowledgeable. I felt very comfortable having them hands-on in our production firewall.” — Sr. Network Engineer, Services Industry

Peer Insights is an online platform of ratings and reviews of IT software and services that are written and read by IT professionals and technology decision-makers. The goal is to help IT leaders make more insightful purchase decisions and help technology providers improve their products by receiving objective, unbiased feedback from their customers. Gartner Peer Insights includes more than 70,000 verified reviews in more than 200 markets.

SonicWall Named ‘Challenger’ in Gartner Magic Quadrant for Unified Threat Management

Complementing the Peer Insights Customers’ Choice selection, SonicWall was also named a ‘Challenger’ in the 2018 Gartner Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls).

Supported by new products and capabilities, including Capture Security CenterCapture Client endpoint protection and SonicWall NSv virtual firewalls, SonicWall continues a consistent trajectory to the upper right. Gartner highlighted the SonicWall Capture Advanced Threat Protection (ATP) sandbox service, along with the innovative Real-Time Deep Memory InspectionTM technology, as a key market differentiator.

In support of the Peer Insights Customers’ Choice selection, the Gartner MQ found that that “channel partners and surveyed customers demonstrate high satisfaction with hardware throughput, quality and ease of configuration.”

The Gartner Peer Insights Customers’ Choice logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

SonicWall NSa Series Wins Cybersecurity Breakthrough Award as Best Firewall Solution

The CyberSecurity Breakthrough Awards named the SonicWall NSa the best next-generation firewall solution of 2018. The CyberSecurity Breakthrough Awards is an independent organization that recognizes the top companies, technologies and products in the global information security market. SonicWall has won 42 industry honors so far in 2018.

This year alone, SonicWall introduced seven new next-generation NSa firewall models: NSa 3650, 4650, 5650 6650, 9250, 9450 and 9650. The NSa series works in conjunction with the SonicWall Capture Cloud Platform as part of an end-to-end security solution that delivers integrated cloud-scale management to protect networks, email, endpoints, mobile and remote users.

CyberSecurity Breakthrough judges are experienced senior-level cybersecurity professionals who have personally worked within the information security space, including journalists, analysts and technology executives with experience in a range of information security positions and perspectives. From successful technology startups to veteran industry leaders, the panel of judges brings a balanced perspective of evaluation for the award nominations.

The judges have earned a reputation for fairness and credibility, and are committed to determining the break through nominations for each award category, which includes:

In 2017, SonicWall was named the Cybersecurity Breakthrough Overall Cybersecurity Company of the Year. More than 2,000 nominations from over 12 different countries throughout the world competed for the honor.

How Everyone Can Implement SSL Decryption & Inspection

Since 2011, when Google announced it was switching to Hypertext Transfer Protocol Secure (HTTPS) by default, there has been a rapid increase in Secure Sockets Layer (SSL) sessions.

Initially, SSL sessions were reserved for only important traffic, where personal, financial or sensitive data was transferred. Now, it seems we can’t receive news or perform a simple search without an encrypted session.

In 2014 and 2015, SSL sessions accounted for about 52 percent of internet traffic. As cloud adoption grew, so did the SSL sessions. By 2017, SSL accounted for 68 percent of all internet traffic. Currently, SonicWall has seen encrypted traffic at almost 70 percent of the total traffic on the internet.

Secure sessions demonstrate that internet users are understanding and embracing session security and privacy. Unfortunately, as SSL sessions have increased, so have encrypted attacks. So far in 2018, SonicWall has seen a 275 percent increase of encrypted attacks since 2017. You find more numbers in the mid-year update of the 2018 SonicWall Cyber Threat Report.

What is DPI-SSL?

The modern cyber threat landscape requires a defense-in-depth posture, which includes SSL decryption capabilities to help organizations proactively use deep packet inspection of SSL (DPI-SSL) to block encrypted attacks.

However, even firewall vendors that claim to offer SSL decryption and inspection may not have the processing power to handle the volume of SSL traffic moving across a network today.

DPI-SSL extends SonicWall’s Deep Packet Inspection technology to inspect encrypted HTTPS and SSL/TLS traffic. The traffic is decrypted transparently, scanned for threats, re-encrypted and sent along to its destination if no threats or vulnerabilities are found.

Available on all SonicWall next-generation firewalls (Generation 6 or newer), DPI-SSL technology provides additional security, application control, and data leakage prevention for analyzing encrypted HTTPS and other SSL-based traffic.

It is important to have a secure and simple setup that minimizes configuration overhead and complexity. There are two primary paths for implementing DPI-SSL.

Option 1: Remote Implementation

Enabling DPI-SSL can sometimes be complex. Diverse sites and programs use certificates differently, some of which may be affected by DPI-SSL capabilities.

To confirm you have DPI-SSL implemented properly, leverage the SonicWall DPI-SSL Remote Implementation Service to ensure seamless and effective implementation of SonicWall DPI-SSL services.

The Remote Implementation Service for SonicWall DPI-SSL deploys and integrates the product into your environment within 10 business days. This service is delivered by Advanced Services Partners who have completed training and demonstrated expertise in DPI-SSL implementation and configuration.

Option 2: Leverage Easy-to-Use Guidance

For those considering in-house implementation, SonicWall also provides a number of knowledge base (KB) articles and resources that walk you through the DPI-SSL implementation process. Some of the most popular include:

These KBs, and others found within SonicWall’s support section or through the DPI-SSL Remote Implementation Service, ensure every type of user or organization has the resources  to properly activate DPI-SSL within their infrastructure to mitigate encrypted cyberattacks.

For additional guidance, watch “Initial DPI-SSL Configuration,” a popular SonicWall Firewall Series Tutorial.

DPI-SSL Adoption

Thankfully, SonicWall is witnessing gradual adoption of DPI-SSL add-on services. To best protect your environment, pair DPI-SSL capabilities with the Capture Advanced Threat Protection (ATP) cloud sandbox, Gateway Antivirus, Content Filtering and Intrusion Protection Services (IPS). All available in the SonicWall Advanced Gateway Security Suite, which delivers everything you need to protect your network from advanced cyberattacks.

Combine these services with a trusted and secure end-point protection software, such as SonicWall Capture Client, and you can provide a robust security posture that can protect devices — even when they are not behind your firewall.

4 Ways to Protect Your Virtualized Infrastructure

Adopting a virtualized infrastructure is well established as a cost- and space-savings model, but there are additional benefits as well. Whether you are using virtual servers deployed in the cloud or on-premises, there are proven best practices to help you maintain the security posture that operate and protect virtual environments.

While physical appliances remain as powerful workforces, they sometimes require certain network traffic configurations to ensure they can properly protect and integrate with virtual environments

Virtual firewalls, like the SonicWall NSv, are the No. 1 type of virtual appliance being deployed across environments. Securing an environment requires looking at all types of access and uses, such as remote access, communications and management.

SonicWall network security solutions operate and protect virtual environments in four categories:

  • Security: Network Security Virtual Firewall protects virtual environments at an intra-VLAN level.
  • Email: Email Security solution protects organizations against spam, viruses, phishing, ransomware and malware that enter through email. The solution can integrate seamlessly with Microsoft Office 365 and other on-premise and cloud email providers.
  • Remote Access: Secure Mobile Access provides anytime, anywhere access for any device to securely access an organization’s internal resources while the Web Application Firewall gives organizations the necessary controls around their forward-facing offerings.
  • Management: NSv deployments may be centrally managed using the on-premise SonicWall Global Management System (GMS) and the SonicWall Capture Security Center, an open, scalable cloud security management, monitoring, reporting and analytics software delivered as a cost-effective service offering. Capture Security Center gives the ultimate in visibility, agility and capacity to govern the entire SonicWall virtual and physical firewall ecosystem with greater clarity, precision, and speed — all from a single pane of glass.

SonicWall works diligently to ensure customers have access to best-in-class professional services delivered by Authorized Services Partners. These security solutions are optimized within virtual environments.

As Infrastructure as a Service (Iaas) offerings and cloud-based providers continue to grow, implementing trusted SonicWall platforms to protect, secure and manage your environment will allow you to grow and be more mobile through SonicWall’s virtualized product offerings.

Request a demo or trial of these products from your local partner or reach out to the Partner Enabled Services team to help you secure your virtualized environment through SonicWall Partner Enabled Services.

Foreshadow Vulnerability (L1TF) Introduces New Risks to Intel Processors

A group of 10 threat researchers have disclosed a trio of new Spectre-based vulnerabilities that affect Intel chipsets. Named Foreshadow, the threats leverage a CPU design feature called speculative execution to defeat security controls used by Intel SGX (Software Guard eXtensions) processors.

“At its core, Foreshadow abuses a speculative execution bug in modern Intel processors, on top of which we develop a novel exploitation methodology to reliably leak plaintext enclave secrets from the CPU cache,” the research team published in its 18-page report Aug. 14.

The vulnerabilities are categorized as L1 Terminal Faults (L1TF). Intel published an overview, impact and mitigation guidance, and issued CVEs for each attack:

The research team found that Foreshadow abuses the same processor vulnerability as the Meltdown exploit, in which an attacker can leverage results of unauthorized memory accesses in transient out-of-order instructions before they are rolled back.

Conversely, Foreshadow uses a different attack model. Its goal is to “compromise state-of-the-art intra-address space enclave protection domains that are not covered by recently deployed kernel page table isolation defenses.”

“Once again, relentless researchers are demonstrating that cybercriminals can use the very architecture of processor chips to gain access to sensitive and often highly valued information,” said SonicWall President and CEO Bill Conner. “Like its predecessors Meltdown and Spectre, Foreshadow is attacking processor, memory and cache functions to extract sought after information. Once gained, side-channels can then be used to ‘pick locks’ within highly secured personal computers or even third-party clouds undetected.”

 

Does SonicWall protect customers from Foreshadow?

Yes. If a customer has the Capture Advanced Threat Protection (ATP) sandbox service activated, they are protected from current and future file-based Foreshadow exploits, as well as other chip-based exploits, via SonicWall’s patent-pended Real-Time Deep Memory Inspection (RTDMITM) technology.

“Fortunately, prior to Meltdown and Spectre being made public in January 2018, the SonicWall team was already developing Real-Time Deep Memory Inspection (RTDMITM) technology, which proactively protects customers against these very types of processor-based exploits, as well as PDF and Office exploits never before seen,” said Conner.

RTDMI is capable of detecting Foreshadow because RTDMI detection operates at the CPU instruction level and has full visibility into the code as the attack is taking place. This allows RTDMI to detect specific instruction permutations that lead to an attack.

“The guessed-at branch can cause data to be loaded into the cache, for example (or, conversely, it can push other data out of the cache),” explained Ars Technica technology editor Peter Bright. “These microarchitectural disturbances can be detected and measured — loading data from memory is quicker if it’s already in the cache.”

To be successful, cache timing must be “measured” by the attack or it can’t know what is or is not cached. This required measurement is detected by RTDMI and the attack is mitigated.

In addition, RTDMI can also detect this attack via its “Meltdown-style” exploit detection logic since user-level process will try to access privileged address space during attack execution.

Notice

SonicWall customers with the Capture Advanced Threat Protection (ATP) sandbox service activated are NOT vulnerable to file-based Foreshadow processor exploits.

How does Foreshadow impact my business, data or applications?

According to Intel’s official L1TF guidance, each variety of L1TF could potentially allow unauthorized disclosure of information residing in the SGX enclaves, areas of memory protected by the processor.

While no current real-world exploits are known, it’s imperative that organizations running virtual or cloud infrastructure, as well as those with sensitive workloads, apply microcode updates released by Intel (linked below) immediately. Meanwhile, SonicWall Capture Labs will continue to monitor the malware landscape in case these proofs of concept are weaponized.

“This class of attack is something that will not dissipate,” said Conner. “Instead, attackers will only seek to benefit from the plethora of malware strains available to them that they can formulate like malware cocktails to divert outdated technologies, security standards and tactics. SonicWall will continue to innovate and develop our threat detection and prevention arsenal so our customers can mitigate even the most historical of threats.”

What is speculative execution?

Speculative execution takes place when processors execute specific instructions ahead of time (as an optimization technique) before it is known that these instructions actually need to be executed. In conjunction with various branch-prediction algorithms, speculative execution enables significant improvement in processor performance.

What is L1 Terminal Fault?

Intel refers to a specific flaw that enables this class of speculative execution side-channel vulnerabilities as “L1 Terminal Fault” (L1TF). The flaw lies in permissions checking code terminating too soon when certain parts of the memory are (maliciously) marked in a certain manner.  For more information, please see Intel’s official definition and explanation of the L1TF vulnerability.

Are chips from other vendors at risk?

According to the research team, only Intel chips are affected by Foreshadow at this time.

What is Real-Time Deep Memory Inspection (RTDMI)?

RTDMI technology identifies and mitigates the most insidious cyber threats, including memory-based attacks. RTDMI proactively detects and blocks unknown mass-market malware — including malicious PDFs and attacks leveraging Microsoft Office documents — via deep memory inspection in real time.

“Our Capture Labs team has performed malware reverse-engineering and utilized machine learning for more than 20 years,” said Conner. “This research led to the development of RTDMI, which arms organizations to eliminate some of the biggest security challenges of all magnitudes, which now includes Foreshadow, as well as Meltdown and Spectre.”

RTDMI is a core multi-technology detection capability included in the SonicWall Capture ATP sandbox service. RTDMI identifies and blocks malware that may not exhibit any detectable malicious behavior or hides its weaponry via encryption.

To learn more, download the complimentary RTDMI solution brief.

How do I protect against Foreshadow vulnerability?

Please consult Intel’s official guidance and FAQ. To defend your organization against future processor-based attacks, including Foreshadow, Spectre and Meltdown, deploy a SonicWall next-generation firewall with an active Capture ATP sandbox license.

For small- and medium-sized businesses (SMB), also follow upcoming guidance provided via the new NIST Small Business Cybersecurity Act, which was signed into law on Aug. 14. The new policy “requires the Commerce Department’s National Institute of Standards and Technology to develop and disseminate resources for small businesses to help reduce their cybersecurity risks.”

NIST also offers a cybersecurity framework to help organizations of all sizes leverage best practices to better safeguard their networks, data and applications from cyberattacks.

Stop Memory-Based Attacks with Capture ATP

To mitigate file-based processor vulnerabilities like Meltdown, Spectre and Foreshadow, activate the Capture Advanced Threat Protection service with RTDMI. The multi-engine cloud sandbox proactively detects and blocks unknown mass-market malware and memory-based exploits like Foreshadow.

Upgrade Your SonicWall Next-Generation Firewall with ‘3 & Free’ Program

Some good things should never end.

One of the most successful promotions in company history, SonicWall’s ‘3 & Free’ incentive is now a permanent component of our Customer Loyalty program.

In an escalated cyber threat landscape, it’s more important than ever to ensure your organization’s networks, data and applications are protected against today’s most malicious cyberattacks, including the most recent Foreshadow processor exploits. In fact, in July 2018 alone, the average SonicWall customer faced:

  • 2,164 malware attacks (28 percent increase from July 2017)
  • 81 ransomware attacks (43 percent increase)
  • 143 encrypted threats
  • 13 phishing attacks each day
  • 1,413 new malware variants discovered each day by SonicWall Capture Advanced Threat Protection (ATP) sandbox with Real-Time Deep Memory InspectionTM

When you upgrade your SonicWall hardware you gain the latest in next-generation firewall (NGFW) technology and access to the SonicWall Capture Advanced Threat Protection (ATP) service. It’s a cloud-based, multi-engine sandbox that stops both known and unknown cyberattacks from critically impacting your business.

What is the SonicWall ‘3 & Free’ Program?


Once a limited-time promotion, the SonicWall ‘3 & Free’ is now a mainstay offering to loyal SonicWall customers. It’s an easy, cost-effective way for customers to upgrade to the very latest SonicWall next-generation firewall appliance for free.

Eligible customers may receive a complimentary NGFW appliance by purchasing a bundle that includes a three-year subscription of the SonicWall Advanced Gateway Security Suite from their authorized SonicWall SecureFirst partner.

This security suite includes everything you need to stay protected against today’s modern attacks, including ransomware, encrypted threats, zero-day attacks and processor-based exploits. It offers:

  • Capture Advanced Threat Protection (ATP) sandbox
  • Gateway Anti-Virus and Anti-Spyware
  • Intrusion Prevention Service
  • Application Control
  • Content Filtering Service
  • 24×7 Support

SonicWall’s exclusive security subscription service also includes SonicWall Real-Time Deep Memory Inspection (RTDMI). A patent-pending technology, RTDMI™ enables Capture ATP to detect and block malware that does not exhibit any malicious behavior or hides weaponry via encryption. This protects your organization from zero-day attacks, malicious PDFs and Microsoft Office files, and even chip-based Spectre, Foreshadow and Meltdown exploits.

Upgrade Your SonicWall Firewall

Ready to upgrade? Take advantage of our ‘3 & Free’ program to get the latest in SonicWall next-generation firewall technology — for free. To upgrade, contact your dedicated SecureFirst Partner or begin your upgrade process via the button below.

What Is SonicWall Partner Enabled Services?

The technology industry is one of the fastest-moving business sectors today. To protect privacy, data, applications and assets, security infrastructures must operate at the same speed. Advanced cyber threats require new products and functionalities, but IT departments are often lost in the sea of information they have to absorb to stay current.

And that’s where technology partners are needed most.

To ensure SonicWall Partners are fully equipped to address this need, the SecureFirst Partner Enabled Services (PES) program offers partners expert training and guidance so they can effectively deploy and support SonicWall’s latest security offerings.

Partners enrolled in the program have grown their revenue in excess of 15 percent year over year. All Partner Enabled Services courses are completely free and accessible through the SonicWall University platform. The only requirement is to be part of the SonicWall SecureFirst Partner program.

There are three different Authorizations within the program, with different layers of complexity:

  • Implementation Services Authorization: Designed for SecureFirst Partners looking to provide basic implementation services for state-of-the-art SonicWall firewalls.
  • Solution Services Authorization: Enables SecureFirst Gold and Platinum Partners to perform assessments of firewall configurations through a Security Health Check service, which provides a report outlining suggestions to maximize the security of their customer’s network.
  • Architecture Services Authorization: Equips SecureFirst Gold and Platinum Partners to implement more complex or larger-scale SonicWall products. For example, Authorized Architecture Services Partners are trained to implement DPI-SSL with the help of our automated certificate-deployment tool, which drastically reduces deployment time. Partners are also enabled to conduct remote implementation services for SonicWall NSv virtual firewalls.

After completing the required training, partners become SonicWall Authorized Service Partners. Authorized Services Partners can display the SecureFirst Authorized Services Partner go on their website and leverage marketing materials to give prospects and customers added piece of mind knowing that their security team has a high level of expertise with SonicWall solutions.