Posts

Is 802.11ax Going Away? And What is Wi-Fi 6?

The Wi-Fi Alliance has announced a change in the Wi-Fi naming standards. Yep. That’s right. The terms that you are now used to — like 802.11ax, 802.11ac and 802.11n — are being replaced with a much simpler naming scheme: Wi-Fi 6, Wi-Fi 5 and Wi-Fi 4, respectively.

Anything that predates 802.11n isn’t officially getting a name change. This move from Wi-Fi Alliance is aimed at making it simpler for manufacturers and consumers to understand and use the technologies. Along with the new names, they get new logos as well. However, from a regulatory and specification standpoint, the names still retain its techy naming scheme: IEEE 802.11.

“For nearly two decades, Wi-Fi users have had to sort through technical naming conventions to determine if their devices support the latest Wi-Fi,” said Edgar Figueroa, president and CEO of Wi-Fi Alliance, in the official announcement. “Wi-Fi Alliance is excited to introduce Wi-Fi 6, and present a new naming scheme to help industry and Wi-Fi users easily understand the Wi-Fi generation supported by their device or connection.”

New Wi-Fi Naming Standards

  • Wi-Fi 6 identifies devices that support 802.11ax technology
  • Wi-Fi 5 identifies devices that support 802.11ac technology
  • Wi-Fi 4 identifies devices that support 802.11n technology

Source: Wi-Fi Alliance

According to a new study by the Wi-Fi Alliance, the global economic value of Wi-Fi will reach $1.96 trillion this year and increase to $3.5 trillion by 2023. To keep up with the proliferation of Wi-Fi devices, it is essential to introduce technologies to keep pace with the changing tides. One of the most talked about wireless technologies in the recent times is the 802.11ax standard, or Wi-Fi 6.

What is Wi-Fi 6?

Wi-Fi 6 is currently deemed the future of Wi-Fi. Why? This is because it introduces significant wireless enhancements over the current Wi-Fi 5 technology.

With the rise in the number of devices and bandwidth-intensive applications, one of the biggest challenges we face on Wi-Fi networks is poor performance. In addition to having high, system-wide throughput, it is also essential to ensure high performance on a per-client basis, specifically for high-density use cases.

This is where Wi-Fi 6 could greatly improve performance, concurrent connections and business productivity. The significant benefits introduced by Wi-Fi 6 include:

  • Orthogonal Frequency Division Multiple Access (OFDMA) Wi-Fi 6 introduces OFDMA, which is an enhancement over orthogonal frequency-division multiplexing (OFDM), a technology that is used in Wi-Fi 5 and dates back to the 802.11a era. OFDM allows only one transmission at a time. OFDMA, in comparison, divides a channel into resource units to allow multiple communications simultaneously.With Wi-Fi 6, each resource unit can be as low as 2MHz and as high as 160MHz. This enables multiple data transmissions across multiple devices at the same time, improving overall network efficiency and capacity. Doing so allows frequencies to be divided into smaller subcarriers so that traffic can be coordinated to serve more packets from more devices, increasing the network’s capacity.
  • Upstream and Downstream Multi-User Multiple-In Multiple-Out (MU-MIMO)
    With Wi-Fi 5 Wave 2, MU-MIMO was restricted to only downstream communication, whereas Wi-Fi 6 adds support for MU-MIMO in both upstream and downstream communications. Previously, only the wireless access point (AP) could transmit data to clients simultaneously. Now, clients can transmit data simultaneously back to the AP.
  • 1024 Quadrature Amplitude Modulation (QAM)
    Wi-Fi 5 supports 256 QAM, while Wi-Fi 6 can support 1024 QAM. This denser modulation enables a speed burst of more than 35 percent. This boosts Wi-Fi performance and is most effective for users closer to the access point.
  • Target Wake Time (TWT)
    This mechanism enables AP and client devices to coordinate wake times when devices need to be awake. Doing so improves efficiency, reduces contention and enables power-saving by identifying times when the devices will be awake to send or receive data. This is especially useful in the Internet of Things (IoT) space, leading to significant power-savings for battery-powered devices.
  • Enhancement to 5GHz and 2.4GHz Frequency Bands
    Unlike the Wi-Fi 5 standard that introduced enhancement to only the 5GHz band, Wi-Fi 6 introduces enhancement to both 2.4GHz and 5GHz bands. Data speed of up to 9.6 Gbps is possible with Wi-Fi 6. Enhancements offered by Wi-Fi 6 boost average per-client performance by up to four times in comparison with Wi-Fi 5. In addition, Wi-Fi 6 is backwards-compatible with older technologies like Wi-Fi 5 and Wi-Fi 4.

Solving Challenges with the Wi-Fi 6 Wireless Standard

Wi-Fi 6 is designed for IoT and high-density deployments, including stadiums, universities, shopping malls, transportation hubs, where there are large congregations of people.

At this point in time, Wi-Fi 6 technology is still being amended. The finalized draft is expected in late 2019. Until the standard is finalized, it is not advisable to purchase Wi-Fi 6 products.

In addition, there are no real-world clients to benefit from the Wi-Fi 6 enhancements. Let’s face it, even the latest Apple iPhone XS doesn’t even support Wi-Fi 5 Wave 2. The time is right to expand your network on Wi-Fi 5, as it still gaining traction.

SonicWall offers cutting-edge Wi-Fi 5 Wave 2 access points to address the growing needs of Wi-Fi 5 devices. To learn more about how you can securely expand your network, click here.

Executive Brief: Securing the Next Wave of Wireless

Wireless connectivity is ubiquitous in today’s mobile, global economy. Wireless devices range from smartphones and laptops to security cameras and virtual reality headsets. Businesses need to recognize and address their need for high quality, performance and security across wireless networks and endpoints.

3 Ways to Prevent Cryptominers from Stealing Your Processing Power

Visiting a website is no longer what it used to be.

Despite this hilarious Imgur post, there is a different trend you may not have noticed: cryptomining via the browser. Many news and procrastination (e.g., BuzzFeed) websites add dozens of trackers to monetize the experience.

However, some sites may also use your browser to mine cryptocurrencies (e.g., bitcoin, Ethereum or Monero) for their own financial gain. The mining stops once you leave, but there is a popular new form of malware that attempts to turn your device into a full-time cryptocurrency mining bot called a cryptojacker. Cryptojacking’s threat to your endpoint or business is based on three things:

  • The energy it consumes or wastes
  • The damage it can do to a system
  • The loss to productivity due to limited resources.

Unlike ransomware that wants to be found (to ask for payment), a cryptojacker’s job is to run invisibly in the background although your CPU performance graph or device’s fan may indicate something is not normal.

Despite our vigilance and knowledge of the warning signs, a report from the Ponemon Institute stated the average length of time for an organization to discover malware or a data breach in 2017 was 191 days.

Ransomware authors have switched gears over the past two years to use cryptojacking more, because a ransomware strain’s effectiveness and ROI diminish as soon as it ends up on public feeds like VirusTotal. Like anyone else running a highly profitable business, cybercriminals need to constantly find new ways to fulfill their financial targets. Cryptojacking may solve that.

For example, the Apple App Store briefly carried a version of a free app called ‘Calendar 2’ that mined Monero cryptocurrency while open. It reportedly made $2,000 in two days before it was pulled from the App Store.

The Lure of Cryptomining

Cryptomining operations have become increasingly popular, now consuming almost half a percent of the world’s electricity consumption. Despite the wild swings in price, roughly 60 percent of the cost of legitimately mining bitcoin is the energy consumption. In fact, at the time of writing, the price of a bitcoin is worth less than the cost of mining it legitimately.

With such costs and zero risk as compared to buying and maintaining equipment, cybercriminals have strong incentives to generate cryptocurrency with someone else’s resources. Infecting 10 machines with a cryptominer could net up to $100/day, so the challenge for cryptojackers is three-fold:

  1. Find targets, namely organizations with a lot of devices on the same network, especially schools or universities.
  2. Infect as many machines as possible.
  3. Unlike ransomware, and more akin to traditional malware, stay hidden for as long as possible.

Cryptojackers use similar techniques as malware to sneak on to an endpoint: drive-by downloads, phishing campaigns, in-browser vulnerabilities and browser plugins, to name a few. And, of course, they rely on the weakest link — the people — via social engineering techniques.

How to Know if You are Infected by Cryptominers

Cryptominers are interested in your processing power, and cryptojackers have to trade off stealth against profit. How much of your CPU resources they take depends on their objectives.

Siphoning less power makes it harder for unsuspecting users to notice. Stealing more increases their profits. In either case, there will be a performance impact, but if the threshold is low enough it could be a challenge to distinguish the miner from legitimate software.

Enterprise administrators may look for unknown processes in their environment, and end users on Windows should spawn a Sysinternals Process Explorer to see what they are running. Linux and macOS users should investigate using System Monitor and Activity Monitor, respectively, for the same reason.

How to Defend Against Cryptominers

The first step in defending against cryptominers is to stop this type of malware at the gateway, either through firewalls or email security (perimeter security), which is one of the best ways to scrub out known file-based threats. Since people like to reuse old code, catching cryptojackers like CoinHive can be a simple first step.

If the malware strain is unknown (new or updated), then it will bypass static filters in perimeter security. If a file is unknown, it will be routed to a sandbox to inspect the nature of the file.

In the case of SonicWall Capture ATP, the multi-engine sandbox environment is designed to identify and stop evasive malware that may evade one engine but not the others.

If you have an endpoint not behind this typical set up (e.g., it’s roaming at the airport or hotel), you need to deploy an endpoint security product that includes behavioral detection.

Cryptominers can operate in the browser or be delivered through a fileless attack, so the legacy solutions you get free with a computer are blind to it.

A behavioral-based antivirus like SonicWall Capture Client would detect that the system wants to mine coins and then shut down the operation. An administrator can easily quarantine and delete the malware or, in the case of something that does damage to system files, roll the system back to the last known good state before the malware executed.

By combining a mixture of perimeter defenses and behavioral analysis, organizations can fight the newest forms of malware no matter what the trend or intent is.

To learn more about how you can defend your organization from these threats I recommend reading this white paper, “Best Practices for Protection Against Phishing, Ransomware and Email Fraud.”

SonicWall Wins Gold and Silver in Best in Biz Awards 2018

SonicWall has been named a multiple winner in the 8th annual Best in Biz Awards, the only independent business awards program judged each year by prominent editors and reporters from top-tier publications in North America.

Best in Biz Awards 2018 honors were conferred in 70 award categories across five focus areas: company; department or team; executive; product; and CSR, media, PR and other categories. SonicWall received Best in Biz honors in in two categories, as a gold winner for the Most Innovative Product of the Year and a silver winner for the Support Department of the Year.

With the addition of the Best in Biz Awards, SonicWall has won 44 industry honors so far in 2018.

SonicWall’s Capture Cloud Platform took the gold award in the Most Innovative Product of the Year – SMB category. The Capture Cloud Platform combines the global security intelligence of the Capture Threat Network with the cloud-based management, reporting and analytics of the Capture Security Center and the advanced threat prevention of the multi-engine Capture ATP sandbox. This approach enables our complete portfolio of high-performance hardware, virtual appliances and clients to harness the power of the cloud.

SonicWall’s Global Support team, under the leadership of SVP and Chief Customer Success Officer Keith Trottier, was recognized with a silver award in the Support Department of the Year category. SonicWall is proud to provide dedicated, follow-the-sun service and support with global contact centers that are staffed 24/7 with technical support and customer service teams.

“All of the entries in the Service categories in this year’s Best in Biz Awards take the meaning of ‘service’ seriously – whether it is targeting individuals, companies or employees,” said Mari Edlin, Healthcare Innovation News, judging her third Best in Biz Awards competition. “Submissions represented an entirely new service, while others added an innovative touch to their other offerings, enhancing already existing, similar products. Hats off to everyone for keeping good service alive!”

Since 2011, winners in Best in Biz Awards have been determined based on scoring from independent judging panels deliberately composed each year of prominent editors and reporters from some of the most respected newspapers, TV outlets, and business, consumer, technology and trade publications in North America. Structured in this unique way, Best in Biz Awards is able to best leverage its distinguished judges’ unparalleled expertise, experience and objectivity to determine award winners from among the hundreds of entries. This year’s judging panel included writers and contributors to such publications as Associated Press, Barron’s, Consumer Affairs, eWeek, Forbes, Healthcare Innovation News, Inc., Investment Advisor Magazine, MediaPost, New York Post, New York Times, Ottawa Citizen and Wired.

For a full list of winners in Best in Biz Awards 2018, visit: http://www.bestinbizawards.com/2018-winners

About Best in Biz Awards

Since 2011, Best in Biz Awards has made its mark as the only independent business awards program judged each year by a who’s who of prominent reporters and editors selected from top-tier publications from North America and around the world. Over the years, Best in Biz Awards judges have ranged from Associated Press to the Wall Street Journal and winners have spanned the spectrum, from blue-chip companies that form the bedrock of the world economy to local companies and some of the most innovative start-ups. Best in Biz Awards honors are conferred in two separate programs: North America and International, and in 70 categories, including company, team, executive, product, and CSR, media, PR and other categories. For more information, visit: http://www.bestinbizawards.com.

SonicWall’s Multi-Cloud Offering Extends to Hyper-V Private Clouds with Flexible Licensing

Technology and data usage are changing at a rapid pace. Finding a way to store, manage and distribute data is a major challenge. Plus, the need for compute and storage grows at unprecedented rates. You need to buy racks, then hire staff to configure, maintain and monitor appliances.

It’s a no-brainer that cloud adoption is becoming inevitable.

According to a recent study by RightScale, more than 81 percent of enterprises have a multi-cloud strategy in place. Of this group, 51 percent have embraced hybrid cloud environments, while 21 percent use multiple public clouds and 10 percent have various private cloud strategies.

Cloud adoption drives business growth by increasing agility and innovation, while reducing cost. According to Gartner, by 2020 a “No-Cloud” policy will be as rare as a “No-Internet” policy is today. So, you can imagine the importance of secure cloud adoption. It is the future.

Private Cloud Security from SonicWall

In line with this, SonicWall continues to expand its cloud offering with added support of the Microsoft Hyper-V platform on SonicWall Network Security virtual (NSv) firewall series, along with new flexible licensing options. SonicWall also recently announced support for AWS* and Azure platforms.

Hyper-V support is available across the full suite of NSv firewalls. The flexible licensing model introduces a non-perpetual method of licensing your firewalls. Securing data wherever it resides should be consistent and seamless, providing you increased flexibility and an improved security posture.

Do I Need Virtual Firewalls?

While securing the cloud is a must, it is not an easy task. Gartner predicts that through 2020, 95 percent of cloud security failures will be the customer’s fault. And according to Research and Markets, the cloud data center market is expected to reach $67.5 billion by 2023.

With the widespread adoption of virtualization, it becomes increasingly critical to secure workloads and data across your multi-cloud deployment. Virtual firewalls can be deployed quickly, driving productivity and innovation. By being virtual, there is a huge benefit of shifting from CapEx to OpEx models.

Virtual firewalls, like NSv, address some of the critical needs of public cloud security. Below are some of the key benefits of leveraging NSv to protect your public cloud infrastructure and resources.

  • Gain complete visibility into virtual environment for threat prevention
  • Implement proper security zoning and ensure appropriate placement of policies
  • Defend against zero-day vulnerabilities with SonicWall Capture ATP
  • Prevent service disruptions in the virtual ecosystem
  • Gain centralized control and visibility with single-pane-of-glass management via Capture Security Center
  • Leverage agility and scalability without performance impact
  • Maintain security governance, compliance and risk management

Plus, as the threat landscape evolves and takes advantage of various vulnerabilities in the cloud and virtual workloads, it is essential to secure cloud infrastructure. Some of the common type of attacks include cross-virtual machine attacks and side-channel attacks, like PortSmash and Foreshadow.

Virtual firewalls can be used to defend against information threats and protect against unauthorized takeover of virtual machines (VMs). It can provide security at every level of the virtual environment, providing granular security posture control.

What Cloud Platforms do SonicWall Virtual Firewalls Support?

With NSv virtual firewalls you can leverage next-gen firewall capabilities across your multi-cloud deployments. Platform support currently extends to ESXi, Azure, AWS* and Hyper-V*.

How Can I Purchase NSv?

Previously, NSv was available only via perpetual licensing. To solve the challenge of relying just on perpetual model licensing and provide flexibility to our customers, SonicWall introduces non-perpetual licensing for NSv. This is an additional offering to the current SonicWall perpetual licensing model.

SonicWall licensing models provide customers the flexibility to choose perpetual licensing or non-perpetual licensing based on their requirements.

Non-Perpetual Licensing Model

Non-perpetual licensing is ideal for those who require a short-term solution and agile deployments. It’s a single bundle for firewall software, security and support services, making it simple to purchase these appliances. Once the period ends, all services expire at the same time. Customers are notified via MySonicWall before service expiration.

The non-perpetual licensing model is available via the three options: IPS/App Control Subscription, TotalSecure Subscription and TotalSecure Advanced Subscription, which is available over a one-year period.

Service Offering Type Bundled Service
IPS/App Control Subscription NSv Software + IPS + App Control + Support
TotalSecure Subscription NSv Software + CGSS + Support + CSC
TotalSecure Advanced Subscription NSv Software + AGSS + Support + CSC

Perpetual Licensing Model

Perpetual licensing is SonicWall’s traditional licensing model where firewall services do not expire, while security and support services do. Perpetual licensing is suitable to customers that require long-term solutions.

Virtual Firewall Promo: NSa/NSsp with NSv

The SonicWall NSv promo enables organizations to extend the next-gen security of their private data center to the public cloud and ensure end-to-end security of their multi-cloud environment.

Organizations can test drive SonicWall virtual firewalls at no additional cost or commitment to see if it fits their needs and requirements.

  • Test drive an NSv with a TotalSecure subscription for one year at no additional cost
  • Get an NSv TotalSecure subscription with Comprehensive Gateway Security Service (CGSS), Capture Security Center and 24×7 support
  • Requires eligible SonicWall NSa or NSsp firewall with an active AGSS/CGSS subscription
  • Deploy NSv firewalls across public and private cloud platforms, including ESXi, Azure, AWS* and Hyper-V*

To take advantage of the SonicWall NSv virtual firewall promo, please contact your dedicated SonicWall SecureFirst partner or reach out to SonicWall online.

What to Look for in a Next-Gen Virtual Firewall

To best capitalize on virtualization trends, IT must operationalize the complete virtualization of computing, networking, storage and security in a systematic way. A new approach is required to select an appropriate and effective next-generation virtual firewall solution. Download our exclusive brief to explore fundamental capabilities, core solution requirements and best practices.

* Hyper-V and AWS availability pending.

SonicWall & ConnectWise Simplify Security Management for MSPs

When it comes to running a well-organized managed security service business, managed security providers (MSP) demand effective, repeatable processes and continuous operation optimization as a key part of their business strategy.

Evaluating and deciding on a wide-range of important operational capabilities are important to developing and delivering the right services — at the right time and for the right cost. These include choosing the right:

  • Technology partner
  • Staff
  • Data center architecture
  • Contractual terms
  • Service-level delivery
  • Go-to-market strategies
  • Back-office automation tools that power the business

To enable this strategy, MSPs face a myriad of business, economic and technical decisions associated with the infrastructure they’re going to develop and business management software they’re going to employ. Establishing a high-valued managed security service requires a solution that integrates modern security with rich management, monitoring and reporting capabilities with leading professional services automation (PSA) software.

“Establishing a high-valued managed security service requires a solution that integrates modern security with rich management, monitoring and reporting capabilities with leading professional services automation (PSA) software.”

This integration should give MSPs visibility and control of their multi-vendor solution environment and help them streamline business operations and reduce operating costs.

To properly empower MSPs, SonicWall introduces Global Management System (GMS) 8.7, bringing greater visibility, manageability and serviceability of network security solutions via integration with industry-leading professional services automation (PSA) tool ConnectWise Manage® software.

With more than 27,000 SecureFirst global channel partners, the GMS-ConnectWise integration is driven by the collective inputs from many years of partner collaborations. The benefits to MSPs are increased visibility into their customers’ data, improved productivity and better overall efficiency.

The combined solution gives MSPs single-portal experience for automated service ticketing and asset synchronization. MSPs can easily and quickly perform and administer these important operational tasks natively within the ConnectWise Manage portal based on set priority and/or severity level.

So, how does this improve MSP operations? Consider the four ways GMS 8.7 and the ConnectWise integration can simplify security management for your customers.

Company Mapping

MSP partners can share selected clients’ profiles between SonicWall GMS and ConnectWise Manage and map all managed SonicWall firewall assets associated with each client within the ConnectWise portal for management and monitoring.

Auto Asset Synchronization Integration

Automatically update the SonicWall security appliances mapped to a client’s account in the ConnectWise Automate portal for asset tracking and usage. Give visibility to client names and device details, such as model, serial, version, active subscription, enrolled dates, service expirations, IP/MAC address and more.

Asset Synchronization

MSPs also gain visibility into asset inventory inside ConnectWise for easier device management. Whenever a new unit is added, a configuration is created for that unit through ConnectWise and the same is stored in GMS. Reversely, whenever a unit is deleted, the configuration created in ConnectWise is deleted and the same is removed from GMS.

Auto Ticketing Service Integration

Create GMS-generated alerts automatically in the ConnectWise Manage ticketing system. Track, document and communicate all open tickets during the correction process until they are resolved and automatically closed.

Ticketing is mapped between the systems. When they are created in GMS, GMS synchronizes to reflect changes to both systems.

Automated Ticketing

ConnectWise can also send status alerts to the stakeholders using various communication tools until a service ticket is acknowledge or closed. These include email, text messages (SMS), phone calls and even iOS & Android push notifications.

With SonicWall, MSPs are partnering with a technology partner with deep expertise in security technology, operations and processes. Because a vast number of SonicWall partners rely on the ConnectWise Manage for their business-management platform, the GMS-ConnectWise integration is the first of many future product integrations to continue servicing our MSP business requirements.

12 Smart Reasons to Upgrade to SonicWall Secure Mobile Access (SMA)

The modern mobile or remote workforce is one businesses’ most valuable resources. Ensuring users have fast and secure anytime, anywhere access to applications, services and networks is a business-critical function.

For many years, the SonicWall Secure Remote Access (SRA) solution was the workhorse for distributed or remote personnel across the world. But technology moves fast. Today’s business environment has more users, applications and services than ever before. Satisfying this need requires a secure, high-performance remote access solution.

That’s why SonicWall introduced Secure Mobile Access (SMA), a unified secure access gateway that enables organization to provide anytime, anywhere and any device access to any application. More memory. More users. More throughput.

The solution’s granular access control policy engine, context-aware device authorization, application-level VPN and advanced authentication with single sign-on enables organizations to move to the cloud with ease, and embrace BYOD and mobility in a hybrid IT environment.

Explore the top 12 reasons organizations are upgrading to SonicWall SMA to deliver the speed, security and user experiences their mobile workforces require.

Shrink Budgets by Going Virtual

Virtualizing your infrastructure provides many benefits, while significantly improving performance needed for today’s secure mobility. Improvements include enhanced scalability and flexibility, reduction in downtime, minimized upfront investment and lower maintenance costs.

Why upgrade: SMA 8200v is a powerful virtual appliance with a quad-core processor and 8 Gb RAM. It delivers high-performance secure remote access — all at a fraction of the cost of a physical appliance.

Go Faster

Having both more and faster processing cores enables SMA to encrypt data-in-motion and with lower latency. The end result is a faster, high-performance experience for end users.

Why upgrade: The SMA series has quad core processors that run at up to 1.8 times the speed of those on the SRA series (single core on EX6000 and dual core on EX7000).

Increase Your Throughput

While speed is important, the ultimate goal is to deliver a seamless user experience. By increasing throughput, you promote better productivity with fast and secure access to mission-critical cloud and on-premises applications.

Why upgrade: SMA appliances have up to 15 times the SSL-VPN throughput of the SRA EX series (1.58 Gbps/400 Mbps/3.75 Gbps vs. 106 Mbps/550Mbps).

Serve More Concurrent Users

The mobile workforce has matured quickly in the past decade. Businesses are serving more remote users than ever before — and usually at the same time. Having a higher number of concurrent user sessions provides greater scalability by enabling more simultaneous user sessions to be active and tracked by firewalls.

Why upgrade: The SMA series offer more scalability from a single appliance for larger numbers of concurrent user sessions compared to the SRA series.

Get More High-Speed Ports

Today’s applications and cloud services are bandwidth hogs. Whether users are accessing sales data from a SaaS application or streaming a video presentation, organizations need the throughout to support bandwidth-intensive applications and high-speed data transfers.

Why upgrade: SMA 8200v supports 2 10-GbE ports and SMA 7200 includes 2 10-GbE ports out-of-the box.

Keep Features, Firmware Current

One of the most important best practices to defend against cyberattack or unknown threats is to always keep patches current. This habit also ensures you’re getting the latest feature updates to take advantage of new capabilities that help reduce costs while embracing trends such as BYOD, mobility and cloud.

Why upgrade: Every SMA firmware version is packed with new features. For example, SMA OS 12.1 is the current recommended firmware that provides advanced features, such as:

  • Federated Single Sign-On (SSO)
  • Face ID AUTH Support
  • Centralized Access Portal for Hybrid IT
  • File-Scanning via SonicWall Capture ATP Sandbox Service

Retain Support, Warrant for Hardware

Delivering secure remote access is a critical IT function that reduces attack surface for cybercriminals. It is imperative that the solution is always fully supported and has a best-in-class warranty — should the need arise.

Why upgrade: The SRA series are approaching End of Life (EOL) and the appliances will not be supported beyond November 2019.

Centralize Management & Reporting

Management and technology oversight are significant cost centers for businesses. By centralizing management and reporting, and automating routine tasks, organizations can drastically reduce administrative overhead. That’s time better spent on core business or security objectives.

Why upgrade: SonicWall Central Management Server (CMS) provides organizations with a single administrative user interface for reporting and management of all SMA appliances. This even includes SSL certificate management and policy roll-outs.

Enhance Resilience & Availability

Downtime happens. But organizations do their best to ensure business continuity and scalability, not to mention service-level agreements are being met. Service providers vastly improve Quality of Service (QoS) and workforce productivity by being in proactive in this area.

Why upgrade: Appliances managed by CMS can be configured as Active/Active or Active/Standby high-availability (HA) clusters for redundancy, availability and reliability. The solution includes Global Traffic Optimizer (GTO) for intelligent load-balancing and universal session persistence in case of failovers.

Store Critical Information with Onboard Memory

While much storage today is outsourced to clouds or servers, having large onboard modules is still a key capability. It allows for the local storage of logs, reports, file transfer inspection, firmware backups and restores, and more.

Why upgrade: The SMA 6200 and 7200 offer storage modules that have 12.5 times the capacity of the SRA series (2 x 500 GB vs. 80 GB).

Reduce Costs by Maximizing Global Usage

Organizations with appliances that are globally distributed can benefit from the fluctuating demands for user licenses due to time differences from off‐work/night hours.

Why upgrade: User licenses no longer need to be applied to individual SMA appliances. With central user licensing, CMS reallocates licenses to managed SMA appliances based on usage.

About SonicWall SMA

SMA is an advanced access security gateway that offers secure access to network and cloud resources from any device. SMA provides centralized, granular, policy-based enforcement of remote and mobile access to any corporate resource delivered using a hardened Linux-based appliance. Available as hardened physical appliances or powerful virtual appliances, SMA fits seamlessly into any existing IT infrastructure.

SonicWall Firewalls Honored, Named A 2018 Gartner Peer Insights Customers’ Choice for Unified Threat Management (UTM), Worldwide

The SonicWall mission — defending organizations in a fast-moving cyber arms race — is only possible because of the commitment and loyalty of our partners and customers.

Gartner peerinsights customers' choice 2018For what we believe is that reason, SonicWall is pleased to have been recognized as a 2018 Gartner Peer Insights Customers’ Choice for Unified Threat Management (UTM), Worldwide.

“The Gartner Peer Insights Customers’ Choice is a recognition of vendors in this market by verified end-user professionals, taking into account both the number of reviews and the overall user ratings,” Gartner said in the official announcement.

To ensure fair evaluation, Gartner maintains rigorous criteria for recognizing vendors with a high customer satisfaction rate. For this distinction, a vendor must have a minimum of 50 published reviews with an average overall rating of 4.2 stars or higher. SonicWall received 122 reviews and a 4.3 rating for Unified Threat Management firewalls as of September 24, 2018. Here are a few snippets from SonicWall reviews provided by real-world customers that contributed to the distinction:

  • “Predominantly, the system is fantastic for our business model and has fantastic capabilities to address site level security.” — Network & Security Manager, Finance
  • “Excellent firewall for a small to medium size business.” — System Administrator
  • “SonicWall is our go-to for security hardware products.” — Project Manager, Services Industry
  • “The ease of use is where the SonicWall OS stands out. As long as you’re familiar with firewall concepts, you’ll be up and running in no time with the TZ [firewall] series. Support is strong and knowledgeable. I felt very comfortable having them hands-on in our production firewall.” — Sr. Network Engineer, Services Industry

Peer Insights is an online platform of ratings and reviews of IT software and services that are written and read by IT professionals and technology decision-makers. The goal is to help IT leaders make more insightful purchase decisions and help technology providers improve their products by receiving objective, unbiased feedback from their customers. Gartner Peer Insights includes more than 70,000 verified reviews in more than 200 markets.

SonicWall Named ‘Challenger’ in Gartner Magic Quadrant for Unified Threat Management

Complementing the Peer Insights Customers’ Choice selection, SonicWall was also named a ‘Challenger’ in the 2018 Gartner Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls).

Supported by new products and capabilities, including Capture Security CenterCapture Client endpoint protection and SonicWall NSv virtual firewalls, SonicWall continues a consistent trajectory to the upper right. Gartner highlighted the SonicWall Capture Advanced Threat Protection (ATP) sandbox service, along with the innovative Real-Time Deep Memory InspectionTM technology, as a key market differentiator.

In support of the Peer Insights Customers’ Choice selection, the Gartner MQ found that that “channel partners and surveyed customers demonstrate high satisfaction with hardware throughput, quality and ease of configuration.”

The Gartner Peer Insights Customers’ Choice logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

SonicWall NSa Series Wins Cybersecurity Breakthrough Award as Best Firewall Solution

The CyberSecurity Breakthrough Awards named the SonicWall NSa the best next-generation firewall solution of 2018. The CyberSecurity Breakthrough Awards is an independent organization that recognizes the top companies, technologies and products in the global information security market. SonicWall has won 42 industry honors so far in 2018.

This year alone, SonicWall introduced seven new next-generation NSa firewall models: NSa 3650, 4650, 5650 6650, 9250, 9450 and 9650. The NSa series works in conjunction with the SonicWall Capture Cloud Platform as part of an end-to-end security solution that delivers integrated cloud-scale management to protect networks, email, endpoints, mobile and remote users.

CyberSecurity Breakthrough judges are experienced senior-level cybersecurity professionals who have personally worked within the information security space, including journalists, analysts and technology executives with experience in a range of information security positions and perspectives. From successful technology startups to veteran industry leaders, the panel of judges brings a balanced perspective of evaluation for the award nominations.

The judges have earned a reputation for fairness and credibility, and are committed to determining the break through nominations for each award category, which includes:

In 2017, SonicWall was named the Cybersecurity Breakthrough Overall Cybersecurity Company of the Year. More than 2,000 nominations from over 12 different countries throughout the world competed for the honor.

How Everyone Can Implement SSL Decryption & Inspection

Since 2011, when Google announced it was switching to Hypertext Transfer Protocol Secure (HTTPS) by default, there has been a rapid increase in Secure Sockets Layer (SSL) sessions.

Initially, SSL sessions were reserved for only important traffic, where personal, financial or sensitive data was transferred. Now, it seems we can’t receive news or perform a simple search without an encrypted session.

In 2014 and 2015, SSL sessions accounted for about 52 percent of internet traffic. As cloud adoption grew, so did the SSL sessions. By 2017, SSL accounted for 68 percent of all internet traffic. Currently, SonicWall has seen encrypted traffic at almost 70 percent of the total traffic on the internet.

Secure sessions demonstrate that internet users are understanding and embracing session security and privacy. Unfortunately, as SSL sessions have increased, so have encrypted attacks. So far in 2018, SonicWall has seen a 275 percent increase of encrypted attacks since 2017. You find more numbers in the mid-year update of the 2018 SonicWall Cyber Threat Report.

What is DPI-SSL?

The modern cyber threat landscape requires a defense-in-depth posture, which includes SSL decryption capabilities to help organizations proactively use deep packet inspection of SSL (DPI-SSL) to block encrypted attacks.

However, even firewall vendors that claim to offer SSL decryption and inspection may not have the processing power to handle the volume of SSL traffic moving across a network today.

DPI-SSL extends SonicWall’s Deep Packet Inspection technology to inspect encrypted HTTPS and SSL/TLS traffic. The traffic is decrypted transparently, scanned for threats, re-encrypted and sent along to its destination if no threats or vulnerabilities are found.

Available on all SonicWall next-generation firewalls (Generation 6 or newer), DPI-SSL technology provides additional security, application control, and data leakage prevention for analyzing encrypted HTTPS and other SSL-based traffic.

It is important to have a secure and simple setup that minimizes configuration overhead and complexity. There are two primary paths for implementing DPI-SSL.

Option 1: Remote Implementation

Enabling DPI-SSL can sometimes be complex. Diverse sites and programs use certificates differently, some of which may be affected by DPI-SSL capabilities.

To confirm you have DPI-SSL implemented properly, leverage the SonicWall DPI-SSL Remote Implementation Service to ensure seamless and effective implementation of SonicWall DPI-SSL services.

The Remote Implementation Service for SonicWall DPI-SSL deploys and integrates the product into your environment within 10 business days. This service is delivered by Advanced Services Partners who have completed training and demonstrated expertise in DPI-SSL implementation and configuration.

Option 2: Leverage Easy-to-Use Guidance

For those considering in-house implementation, SonicWall also provides a number of knowledge base (KB) articles and resources that walk you through the DPI-SSL implementation process. Some of the most popular include:

These KBs, and others found within SonicWall’s support section or through the DPI-SSL Remote Implementation Service, ensure every type of user or organization has the resources  to properly activate DPI-SSL within their infrastructure to mitigate encrypted cyberattacks.

For additional guidance, watch “Initial DPI-SSL Configuration,” a popular SonicWall Firewall Series Tutorial.

DPI-SSL Adoption

Thankfully, SonicWall is witnessing gradual adoption of DPI-SSL add-on services. To best protect your environment, pair DPI-SSL capabilities with the Capture Advanced Threat Protection (ATP) cloud sandbox, Gateway Antivirus, Content Filtering and Intrusion Protection Services (IPS). All available in the SonicWall Advanced Gateway Security Suite, which delivers everything you need to protect your network from advanced cyberattacks.

Combine these services with a trusted and secure end-point protection software, such as SonicWall Capture Client, and you can provide a robust security posture that can protect devices — even when they are not behind your firewall.

4 Ways to Protect Your Virtualized Infrastructure

Adopting a virtualized infrastructure is well established as a cost- and space-savings model, but there are additional benefits as well. Whether you are using virtual servers deployed in the cloud or on-premises, there are proven best practices to help you maintain the security posture that operate and protect virtual environments.

While physical appliances remain as powerful workforces, they sometimes require certain network traffic configurations to ensure they can properly protect and integrate with virtual environments

Virtual firewalls, like the SonicWall NSv, are the No. 1 type of virtual appliance being deployed across environments. Securing an environment requires looking at all types of access and uses, such as remote access, communications and management.

SonicWall network security solutions operate and protect virtual environments in four categories:

  • Security: Network Security Virtual Firewall protects virtual environments at an intra-VLAN level.
  • Email: Email Security solution protects organizations against spam, viruses, phishing, ransomware and malware that enter through email. The solution can integrate seamlessly with Microsoft Office 365 and other on-premise and cloud email providers.
  • Remote Access: Secure Mobile Access provides anytime, anywhere access for any device to securely access an organization’s internal resources while the Web Application Firewall gives organizations the necessary controls around their forward-facing offerings.
  • Management: NSv deployments may be centrally managed using the on-premise SonicWall Global Management System (GMS) and the SonicWall Capture Security Center, an open, scalable cloud security management, monitoring, reporting and analytics software delivered as a cost-effective service offering. Capture Security Center gives the ultimate in visibility, agility and capacity to govern the entire SonicWall virtual and physical firewall ecosystem with greater clarity, precision, and speed — all from a single pane of glass.

SonicWall works diligently to ensure customers have access to best-in-class professional services delivered by Authorized Services Partners. These security solutions are optimized within virtual environments.

As Infrastructure as a Service (Iaas) offerings and cloud-based providers continue to grow, implementing trusted SonicWall platforms to protect, secure and manage your environment will allow you to grow and be more mobile through SonicWall’s virtualized product offerings.

Request a demo or trial of these products from your local partner or reach out to the Partner Enabled Services team to help you secure your virtualized environment through SonicWall Partner Enabled Services.