Posts

Manage Shadow IT, Ensure Safe Adoption of SaaS Applications

Small- and mid-sized organizations are increasingly moving their business applications and IT infrastructure to the cloud. According to IDC, adoption rose from 20 to 70 percent for small companies (up to 100 employees), and 90 percentage for midsize organizations (up to 999 employees).

It’s no secret that businesses adopt cloud and SaaS applications to enhance agility and productivity to stay ahead of competition. But the same can be said for individuals within the business, who can deploy and on-board SaaS applications (e.g., Jira, Dropbox, Slack) with just a few clicks. Business unit heads or even project managers just submit their credit card information and voila, the team has access to an instance of a new collaboration tool.

This is great for productivity. But what about security?

Typically, when individual teams set up an instance of a SaaS application, it is outside the control or knowledge of the IT department. IT administrators do not have the visibility into which users are using these applications and what data is being consumed. In addition, employees use free accounts on public cloud services, such as Dropbox and Gmail, to collaborate. This is shadow IT.

According to Gartner, by 2020 one-third of security breaches will be because of shadow IT. In this new world, CSOs and IT struggle with the following problems:

  • Losing control over sensitive corporate data traversing through public or hybrid clouds and data centers, giving rise to risks such as unauthorized access, malware propagation, data leakage and non-compliance
  • Balancing security budgets, shadow IT practices and employee productivity.

IT administrators need a tool that provides visibility with the context of risk to understand the overall risk posture of the organization and a tool to assess all the shadow IT applications being used on the network.

For SMBs and mid-tier enterprises, this means a cost-effective offering that delivers functionality like a Cloud Access Security Broker (CASB) solution, which provides discovery, visibility and control over the usage of all the cloud applications and corporate data being accessed.

Introducing SonicWall Cloud App Security

SonicWall Cloud App Security is a cloud-based security service that enables organizations to secure SaaS application usage and reduce risk of shadow IT.

Delivered through SonicWall Capture Security Center (CSC), Cloud App Security is available as part of the SonicWall Capture Security Center Analytics subscription bundle. The solution seamlessly integrates with your existing SonicWall infrastructure and leverages next-generation firewall (NGFW) logs to provide CASB-like functionality by delivering discovery, visibility and control of cloud application usage.

Cloud App Security analyzes log files from SonicWall NGFWs against an in-house registry of 9000-plus SaaS applications, and reveals:

  • Applications in use and by which users
  • Data volumes uploaded to and downloaded from the cloud
  • Risk and category of each cloud service.

In effect, SonicWall Cloud App Security makes your existing infrastructure cloud-aware.

Automated cloud application discovery with SonicWall next-generation firewalls

Real-Time Dashboard

The SonicWall Cloud App Security real-time dashboard enables administrators to quickly assess the overall risk posture.

The dashboard displays risk assessment for real-time and trending views of:

  • Number and type of cloud applications being used
  • Number of users accessing cloud applications
  • Amount of data being used by cloud applications

Administrators can also monitor the top users and application by usage, and location from which the application is being used.

Discovery & Control

In the Discovery view, IT administrators can classify applications based on the risk score and other organizational factors as Sanctioned or Unsanctioned IT applications for use. Through the SonicWall Capture Security Center, the solution empowers administrators to set block/unblock policies and control Sanctioned and Unsanctioned IT applications on the network.

With employees increasingly using cloud applications for work, Cloud App Security enables administrators to detect gaps in security posture, classify cloud applications into sanctioned and un-sanctioned IT applications, and enforce access policies to block risky applications. The solution ensures safe adoption of cloud applications without impacting employee productivity at a low total cost of ownership.

SonicWall Cloud App Security is available with the SonicWall Capture Security Center Analytics bundle.

12 New Products Usher in SonicWall’s Expansion into Mid-Tier Enterprise Market

It’s been just 20 months.

And in that short time as an independent company, SonicWall employees, customers and partners have accomplished so much together. Our short-term mission was to rebuild the SonicWall brand, launch new and advanced cyber security solutions and services in the SMB space, and bring our global partner community back home.

SonicWall, it’s good to have you back.

Now that our heart, soul and technology are deeply rooted in protecting organizations in the SMB space, we feel it’s time to focus on another segment we serve: the mid-tier enterprise market, where we are the No. 5 player, according to Gartner.

That’s why today we announced a focused technology, security and partner mission to deliver network security solutions that align with the performance, security efficacy and high availability required by the modern mid-tier enterprise.

But we’re also focusing on disrupting the market with our Capture Cloud Platform, which brings together network, endpoint and application security with management, reporting, analytics and visual cyber threat intelligence.

“SonicWall is ensuring network security is available via bundles designed with the requirements of mid-tier enterprises in mind.”

This will usher in a new cost structure with an assertive total cost of ownership (TCO) offering via our Capture Security Center, Capture Client endpoint protection and our new NSa series high availability (HA) offerings.

In fact, most of our competitors still require a full-price purchase of the failover firewall unit, as well as full subscription services after the first year. We don’t think that’s right. And it certainly doesn’t make much business sense.

So, SonicWall wants to ensure two things:

  • Network security is available via bundles designed with the requirements of mid-tier enterprises in mind.
  • It’s easy for mid-tier enterprises to do business with our SecureFirst partners.

What’s New from SonicWall

All told, this platform announcement includes 12 new products, updates or enhancements. And we couldn’t be more excited to share this innovation with you. Please explore each in detail. We will have detailed blogs on many of the new and updated products in the coming days.

  • Capture Cloud Platform — Expanded for mid-tier enterprises and now delivers integrated cloud-scale management and true end-to-end security that protects networks, email, endpoints, mobile and remote users. This all-in-one approach enables our complete portfolio of high-performance hardware, virtual appliances and clients to harness the power, agility and scalability of the cloud.
  • Capture Security Center — Fully enhanced to deliver a unified security governance, compliance and risk management strategy. Improve security outcomes from the firewall to the endpoint with integrated threat intelligence between the SonicWall Capture Advanced Threat Protection (ATP) sandbox service, Capture Client endpoint protection and SentinelOne threat databases.
  • Capture Client 1.5 — Now integrated with the SonicWall Capture ATP sandbox service. Suspicious files that Capture Client gives a moderate threat score (but not high enough to merit an alert), may be automatically uploaded for analysis.
  • New NSa Next-Generation Firewalls — Replacing the SuperMassive 9200, 9400 and 9600 models, our new NSa 6650, 9250, 9450 and 9650 series deliver elite levels of performance, security efficacy and high availability for mid-tier enterprises — all with industry-low TCO.
  • New NSsp 12000 Next-Generation Firewalls — A brand new product line, the new NSsp 12400 and 12800 series next-generation firewalls align with advanced requirements of service providers and data centers and are capable of scanning millions of connections for the latest cyber threats.
  • Cloud App Security — Cloud-based security service that enables organizations to secure SaaS application usage and reduce risk of shadow IT. The solution provides functionality similar to Cloud Access Security Broker (CASB) offerings to deliver real-time visibility and control of applications being used by employees.
  • Analytics — Available in cloud-hosted or on-premise options, SonicWall Analytics provides network analysts, security operations engineers and incident responders deeper visibility into network traffic, threat information and cross-product insights to perform network forensics, security analysis and threat hunting for businesses, organizations and managed service providers (MSP) of all sizes.
  • SonicOS 6.5.2 — Adds 40 new security features to better secure wired, wireless and mobile network environments. It offers more dynamic defenses against modern zero-day threats, including attacks hidden within encrypted traffic, absolute control of application traffic without compromising performance and availability, and optimal wireless user experiences regardless of location.
  • Secure Mobile Access (SMA) 1000 Series 12.2 — Delivers consolidated access management and eliminates bad password habits with federated SSO to cloud and on-premise applications. Adds Always-On VPN for Windows devices for seamless and secure access from any location.
  • SMA 100 Series 9.0 — Integrates with Capture ATP to block malicious file uploads from remote users. Adds Always-On VPN for Windows devices for seamless and secure access from any location.
  • Email Security 9.2 — Blocks and quarantines messages with malicious URLs before they reach the inbox. Integrates with Google’s G Suite to provide advanced threat protection, strong data loss prevention and compliance engine, and email continuity.
  • Global Management System (GMS) 8.6 — Upgrades authentication measures with strict enforcement of password complexity and account lockout policies before granting access to its management platform. This protects against automated brute-force attacks (e.g., password spray campaigns). Update also adds management and provisioning support for the new NSa series firewalls running the latest SonicOS 6.5.2 and the “Firewall Sandwich” solution.

Enhancing our Go-to-Market Strategy

Fundamental to the release of these new enterprise-focused products and services is the strengthening of SonicWall go-to-market focus and resources. SonicWall will engage with organizations in key verticals, including retail, K12 and higher education, and state, local and federal government. SonicWall will also continue to focus on its partnership with Dell while building and expanding relationships with MSSPs.

To our existing customers, vendors and partners, thank you for making SonicWall what it is today. We can’t wait to see what we do next together.

To our future customers, trust us to protect what’s most important to you: your business, data and livelihood. Contact one of our cybersecurity experts to learn how our automated, real-time breach detection and prevention platform can protect your organization from both known and unknown cyberattacks in the fast-moving cyber arms race.

Frequently Asked Questions: The E-rate Program

While we’ve explained the ins and outs of the E-rate program during the five-part SonicWall E-rate Fear Less series, we wanted to use the final episode to explore the common questions about the E-rate program itself and how SonicWall cyber security solutions may be funded via the program.

Episode Five: E-rate Fear Less Series Q&A

Holly Davis interviews SonicWall software business development director John Mullen.

The final video in our five-part series explores these common E-rate program questions:

  • Why SonicWall for the K12 Environment?
  • What is SonicWall Capture ATP?
  • Why would SonicWall Capture ATP sandboxing be necessary for K12?
  • What is SonicWall SECaaS?
  • Does E-rate fund firewalls in their entirety?
  • Is Capture ATP funded by the E-rate program?
  • Is SECaaS funded by the E-rate program?
  • How do I get started with the E-rate program?
  • Where can we find additional resources about the E-rate program?

What technology is eligible for funding the E-rate program?

To help offset funding and staffing shortages, the U.S. Department of Education and the FCC launched the E-rate program, which helps make telecommunications and information services more affordable for schools, campuses, districts and libraries.

The E-rate program is operated by Universal Service Administration Company (USAC), which has a core focus of providing underfunded verticals the access to affordable technology and security services. This includes schools, libraries, rural healthcare organizations and more.

USAC provides a yearly Eligible Services List (ESL), which outlines which types of products and services can be procured via E-rate program discounts.

SonicWall and E-rate

With the most comprehensive channel program in the industry, combined with additional E-rate discounts, SonicWall and our partners are best positioned to meet the needs of K12 customers and help them take full advantage of the funding E-rate provides for securing their networks.

Through its global channel of more than 24,000 technology partners, SonicWall is actively involved in helping K12 education organizations cost-effectively obtain and deploy network security solutions. SonicWall provides a broad array of E-rate-eligible products and services, including firewalls and turnkey Security-as-a-Service solutions.

If you are an eligible K12 organization, please contact your preferred SonicWall reseller for information on E-rate benefits and discounts, or visit the SonicWall E-rate page for information, tools and guidance.

The Shortest Line at RSA Conference 2018: Where are all the Women?

Anyone who has attended an RSA Conference knows that it is typically a male-dominated event. In keeping with this year’s theme, “Now Matters,” I decided that this was the year for me to take a step toward shifting that gender imbalance.

I reached out to my leadership team to request that I attend RSA Conference 2018 as a part of the SonicWall team. My motivations were clear: as a woman working in cyber security, I believe more women need to be represented at the RSA Conference (and every other information security event).

In early March, the organizers behind RSA Conference 2018 announced their preliminary lineup of keynote speakers to much backlash and outcry in the industry. Critics and concerned industry experts were quick to highlight that the lineup was stacked with 19 men out of a total of 20 speakers. The sole female speaker: Monica Lewinsky. Lewinsky, although undoubtedly an interesting and relevant keynote on the topic of anti-cyber-bullying, is not exactly a name synonymous with cyber security.

RSA’s position
To their credit, RSA Conference organizers were quick to clarify that the list was not yet complete. The initial list only included speakers that had been confirmed early, many of whom were connected to the conference through sponsorship deals. In a matter of days, the RSAC organizers clarified that the conference would “feature more than 130 female speakers tackling everything from data integrity to hybrid clouds to application security, among other topics.”

In a statement that seemed to shift the blame back to the industry, RSA highlighted that 20 percent of overall speakers at the event were women, even though Forrester estimates that 11 percent of cyber security positions are held by women.

Observations at RSA Conference
As a member of SonicWall’s booth team, I spent the majority of my time at the conference on the expo floor where, interestingly, there seemed to be a decent representation of both men and women. On closer examination, the majority of women present were wearing exhibitor badges, indicative of women gravitating toward marketing or sales roles in the technology industry. Though, admittedly, this is anecdotal evidence.

Over at Moscone West, where the keynote speeches and sessions required a full conference pass costing $2,000-plus per attendee, it was a different story. A SonicWall colleague who attended the first morning’s keynote sessions jokingly shared with me that it was the first time he had experienced longer waits for the male restrooms while the female restrooms were relative ghost towns.

Organizers even made changes to the restroom configuration: In the North Expo hall, the women’s restrooms were converted to be gender-neutral in order to facilitate demand.

Lines for the Men’s Restrooms at RSA Conference 2018. Photo Credit: Samantha Schwartz

A history of change

It wasn’t all negative news for female representation at the RSA Conference. The organizers at RSA have been adapting to the changing industry landscape long before this year’s criticism. As recently as five years ago, it was common to see technology vendors at trade shows advertising their products with the assistance of “booth babes.”

It wasn’t until 2015 that RSA, under industry pressure largely driven by social media, issued a ban on so-called “booth babes.” Exhibitors are contractually obliged to have all expo staff adhere to a dress code described as “business and/or business casual attire.” This move has forced marketers to find creative and unique ideas to garner booth traffic — everything from magicians to virtual reality experiences were on display at this year’s expo.

Women in cyber security
This year’s conference also featured several panels and discussions dedicated to the topic of women in the industry. An unexpectedly optimistic discussion, “Women in Computing: Why Are Women Leaving Computing Professions?,” provided valuable insights to help leaders address female turnover in the industry.

Caroline Wong led a panel discussion on “Women in Security: A Progressive Movement,” which focused on the value that a woman’s perspective can bring to the table along with actionable takeaways for addressing problems with hiring practices.

Diversity is everyone’s responsibility

While tech conference organizers certainly have a responsibility to ensure the conversation around gender disparity has a forum and that women are represented fairly, opportunities to accelerate the progress in this area lie within companies, leadership and individual employees at all levels.

The Frost & Sullivan report, “The 2017 Global Information Security Workforce Study: Women in Cybersecurity,” published some telling statistics about this effort. Although just 11 percent of information security professionals globally are women according to the report, women in the field are more likely (52 percent) than their male coworkers (46 percent) to hold a master’s degree or higher. Despite this, they still hold less workplace authority.

Many organizations say they want to hire more women, yet most companies, especially in male-dominated fields of technology and cyber security, are far from reaching hiring parity. In North America, for example, women represent 14 percent of the cyber security workforce — the highest percentage when compared to other regions like Asia-Pacific (10 percent), Africa (9 percent), Latin America (8 percent), Europe (7 percent) and the Middle East (5 percent). For context, in the United States alone, females make up 48 percent of the workforce, said the report.

Organizations need to increase their investment in women. Beyond the obvious opportunities — closing pay gaps and advancing women in top leadership — organizations need to make workplaces trusted spaces, implement unconscious bias education and share best practices.

If you are a woman involved in the tech industry, you have an opportunity to serve as a much-needed role model — both to other women and to your male colleagues, many of whom are eager to hear and understand the female perspective in this industry. In short, if you are a woman in tech … get out there, be seen and be heard.

Resources for Women in Cyber Security

Organizations
WiCyS Women in CyberSecurity
Women in Security and Privacy
National Center for Women & Information Technology
SWE – Society of Women Engineers
Conferences and Events
WiCyS Women in CyberSecurity
Grace Hopper Celebration
OURSA – Our Security Advocates
Scholarships
Raytheon’s Women Cyber Security Scholarship Program
(ISC)² Women’s CyberSecurity Scholarships
Scholarship for Women Studying Information Security

SonicWall is proud to be an equal-opportunity employer. We are committed to providing employees with a work environment free of discrimination and harassment and welcome the opportunity to support skilled, talented women and men in their cyber security careers. If you are interested in pursuing a career at SonicWall, please explore our careers page: https://www.sonicwall.com/en-us/about-sonicwall/careers

New Virtual Firewalls: SonicWall NSv Provides Robust Security for Public, Private or Hybrid Cloud Environments

To keep pace with innovations and modernize data center operations and services, businesses are embracing today’s application-centric, virtualized world. Virtualization and cloud can cut costs and increase efficiency and operational agility.

Four common pitfalls of modern virtual environments

However, advantages in savings and efficiency must be weighed against applying constrained budgets to prevent potential damages due to growing threats and common pitfalls. Vulnerabilities within virtual environments are well-documented. New ones are discovered regularly that yield serious security implications and challenges. Common IT challenges in securing virtualized environments include:

  1. Monitoring and securing traffic between virtual machines
  2. Managing policy change across virtual environments
  3. Tracking and controlling the sprawl of virtual machines
  4. Protecting virtualized assets in public cloud environments

What you need in a next-generation virtual firewall

To best capitalize on virtualization trends, you should operationalize the complete virtualization of computing, networking, storage and security in a systematic way. Implement a new approach for selecting an appropriate and effective next-generation virtual firewall solution. You should explore new virtual security solutions that go beyond legacy approaches and technologies. Plus, solution components must be tightly integrated to deliver application services safely, efficiently and in a scalable manner.

A next-generation virtual firewall must offer all the security advantages of your physical firewall, along with the operational and economic benefits of virtualization. These include system scalability and agility, speed of system provisioning, simple management and cost reduction.

Introducing the SonicWall NSv virtual firewall series

The new SonicWall NSv virtual firewall series offers you all the security advantages of a physical firewall with the operational and economic benefits of virtualization. With full-featured security tools and services including Reassembly-Free Deep Packet Inspection (RFDPI), security controls and networking services equivalent to what a SonicWall physical firewall provides, NSv effectively shields all critical components of your private and public cloud environments.

NSv is easily deployed and provisioned in a multi-tenant virtual environment, typically between virtual networks (VN). This allows it to capture communications and data exchanges between virtual machines (VM) for automated breach prevention, while establishing stringent access control measures for data confidentiality and VMs safety and integrity.

The NSv Series also includes infrastructure support for high availability and scaling to fulfill any Software-Defined Data Center (SDDC) scalability and availability requirements. NSv virtual firewalls help ensure:

  • System resiliency
  • Operational uptime
  • Service delivery and availability
  • Conformance to regulatory requirements

Security threats, such as cross-virtual-machine or side-channel attacks and common network-based intrusions and application and protocol vulnerabilities, are neutralized successfully through SonicWall’s comprehensive suite of security inspection services.

All VM traffic is subjected to multiple threat analysis engines, including intrusion prevention, gateway anti-virus and anti-spyware, cloud anti-virus, botnet filtering, application control and Capture Advanced Threat Protection multi-engine sandboxing.

The NSv Series is available in multiple virtual flavors carefully packaged for broad range of virtualized and cloud deployment use cases. Delivering multi-gigabit threat prevention and encrypted traffic inspection performance, the NSv Series can adapt to capacity-level increases and ensure VN safety and application workloads and data assets are available as well as secure.

Segmentation security

With NSv segment-based security capabilities, NSv can apply an integrated set of dynamic, enforceable barriers to advanced threats. By applying security policies to the inside of the VN, segmentation can be configured to organize network resources into different segments, and allow or restrict traffic between those segments. This way, access to critical internal resources can be strictly controlled.

NSv can then automatically enforce segmentation restrictions based upon dynamic criteria, such as user identity credentials, geo-IP location and the security stature of mobile endpoints.

For extended security, NSv is also capable of integrating multi-gigabit network switching into its security segment policy and enforcement. It directs segment policy to traffic at switching points throughout the network, and globally manages segment security enforcement from a single pane of glass.

Since segments are only as effective as the security that can be enforced between them, NSv applies intrusion prevention service (IPS) to scan incoming and outgoing traffic on the VLAN segment to enhance security for internal network traffic. For each segment, it enforces a full range of security services on multiple interfaces based on enforceable policy.

Governs centrally

NSv deployments are centrally managed using both on premise with SonicWall GMS, and with SonicWall Capture Security Center, an open, scalable cloud security management, monitoring, reporting and analytics software that is delivered as a cost-effective service offering.

The SonicWall Capture Security Center gives the ultimate in visibility, agility and capacity to govern the entire SonicWall virtual and physical firewall ecosystem with greater clarity, precision, and speed — all from a single-pane-of-glass.

For more information, visit our NSv web page, and watch the video below.

SonicWall Capture Cloud Platform Ushers in New Era of Threat Intelligence, Connectivity and Automation

SonicWall’s mission is to help organizations protect themselves from the growing number of cyber attacks in the fast-moving threat landscape.

There are many schools of thought on how this is best accomplished. And much of this depends on the wares of a particular vendor. But I’ve made it a priority that SonicWall helps defend networks and data in a manner that is automated, layered, intelligent, easy to use and cost-effective.

Today marks a monumental milestone in that focused effort.

This morning we proudly introduced the SonicWall Capture Cloud Platform, which tightly integrates security, management, analytics and real-time threat intelligence across our full portfolio of network, email, mobile and cloud security products. This launch includes:

  • New SonicWall Network Security Virtual (NSv) Firewalls
  • New SonicWall Web Application Firewall (WAF)
  • New SonicWall Capture Client Endpoint Protection
  • Updated SonicWall Network Security Appliance (NSa) Firewalls
  • Updated SonicOS 6.5.1

The significance of the unified and connected Capture Cloud Platform is highlighted by the escalating threat landscape. In the first quarter of 2018 alone, the average SonicWall customer faced 7,739 malware attacks, a year-over-year increase of 151 percent; 335 of these attacks were hidden using SSL/TLS encryption.

The SonicWall Capture Cloud Platform also identified more than 49,800 new attack variants in the first quarter, with the new SonicWall Real-Time Deep Memory InspectionTM (RTDMI) identifying 3,500 never-before-seen variants.Capture Cloud PlatformThe numbers are alarming. The threats continue to grow. And it’s the reason I promise that SonicWall teams around the world are dedicated to ensure our customers are protected from today’s most malicious cyber threats — both known and unknown.

Here’s a helpful rundown of the new products we are proud to announce today under the SonicWall Capture Cloud Platform:

New NSv Virtual Firewalls

SonicWall Network Security virtual (NSv) firewalls protect all critical components of private and public cloud environments. SonicWall NSv virtual firewalls deliver the security advantages of a physical firewall with the operational and economic benefits of virtualization, including system scalability and agility, speed of system provisioning, simple management and cost reduction.

> Go to NSv Virtual Firewalls

New Web Application Firewalls

The new SonicWall Web Application Firewall (WAF) delivers defense-in-depth capabilities to protect web applications running in private, public or hybrid cloud environments.

The SonicWall WAF behavior-based detection engine learns, interrogates and baselines regular web application usage behaviors and identifies anomalies that may be indicative of attempts to compromise the application, steal data and/or cause a denial-of-service.

> Go to SonicWall WAFs

New SonicWall Capture Client

The new SonicWall Capture Client extends an organization’s ability to defend endpoint devices that connect and interact with its networks, applications and data.

Capture Client is a unified client platform that delivers multiple endpoint protection capabilities, including next-generation malware protection and support for visibility into encrypted traffic. It leverages layered protection technologies, comprehensive reporting and enforcement for endpoint protection, and also offers critical ‘rollback’ capabilities via SentinelOne integration.

> Go to Capture Client

New SonicWall NSa Firewalls

The new SonicWall NSa 3650, 4650 and 5650 next-generation firewalls continue the evolution of SonicWall’s vision for a deeper level of network security without a performance penalty.

Built on a multi-core hardware architecture featuring 10-GbE and 2.5-GbE interfaces, the NSa series scales to meet the performance demands of mid-sized networks, branch offices and distributed enterprises.

> Go to NSa Firewalls

Each day this week we’ll do an in-depth review of the above and how each can be leveraged to better protection your organization, networks, data and customers.

RTDMI Expanded to Protect Organizations from Malicious PDFs, Office Files

Complementing the major Capture Cloud Platform announcement, we also announced new Real-Time Deep Memory InspectionTM capabilities that protect businesses and users from memory-based attacks and zero-day malware, including malicious PDFs and Microsoft Office documents.

Since January 1, 2018, RTDMITM has identified more than 3,500 never-before-seen attack variants. First announced in February 2018, RTDMI technology is used by the SonicWall Capture Cloud Platform to identify and mitigate even the most insidious cyber threats, including memory-based attacks.

RTDMI is already operational for SonicWall customers with active subscriptions to SonicWall Capture ATP sandbox service and SonicWall Email Security solutions.

> Read the Press Release

ee Real-Time Threat Intelligence

Did you know you can improve your security posture by knowing what attacks are most likely to target your organization? Visit the SonicWall Security Center to see the latest attack trends, types and volume across the world.

SonicWall Recognized on CRN’s 2018 Security 100 List

Today CRN, a brand of The Channel Company, has named SonicWall to its annual Security 100 list.

This project recognizes the coolest security vendors in each of five categories: Endpoint Security; Identity Management and Data Protection; Network Security; SIEM and Security Analytics; and Web, Email and Application Security. The companies on CRN’s Security 100 list have demonstrated creativity and innovation in product development as well as a strong commitment to delivering those offerings through a vibrant channel of solution providers.

In addition to recognizing security technology vendors for outstanding products and services, the Security 100 list serves as a valuable guide for solution providers trying to navigate the IT security market. The list aids prospective channel partners in identifying the vendors that can best help them improve or expand their security offerings.

“The core elements of today’s businesses, both large and small, depend upon robust and reliable cybersecurity solutions,” said Bob Skelley, CEO of The Channel Company. “Unprecedented streams of data, the sweeping transition to cloud computing, vast networks of wireless systems, the rapidly growing Internet of Things—all these advances necessitate increasingly complex and adaptive security measures. CRN’s 2018 Security 100 list recognizes top vendors that are meeting this extraordinary demand with the most innovative security technologies on the market, enabling businesses to grow uninterrupted.”

This announcement comes just 24 hours ahead of the launch of the 2018 SonicWall Cyber Threat Report. This premier cyber security industry report puts you a step ahead of cyber criminals in the global cyber war, empowering you with proprietary security data, global knowledge and latest trends, gathered and analyzed by our leading-edge SonicWall Capture Labs Threat Network. The 2018 Cyber Threat Report is available on March 6.

The Security 100 list will be featured in the April 2018 issue of CRN and online at www.crn.com/security100.

SonicWall CEO Bill Conner Joins Cyber Security Panel on Capitol Hill

Cybercrime is a lucrative and booming industry, with recent reports estimating $600 billion in damages to businesses. With the introduction of innovative cyber security technologies and new cyber attack variants, the race is on for private and public organizations to arm themselves for a battle that is being waged in a dynamic threat landscape.

Bill Conner Portrait

On March 6, cyber security experts and policymakers will come together in a panel discussion to address the current threat landscape and its impact on the U.S. economy. Featuring Congressman Lamar Smith, SonicWall CEO Bill Conner and the Honorable Secretary Michael Chertoff, the panel will foster dialogues that focus on the preventative measures organizations should take to thwart cyber attacks, as well as the joint efforts of government and law enforcement agencies combatting modern-day cyber attacks, cybercriminals and threat actors.

Preceding the event, Conner and Chertoff penned an opinion piece, “SEC, Congress take steps toward cyber accountability and transparency,” on The Hill.

Michael Chertoff Portrait

“Cyber risk affects virtually every kind of enterprise. It is not a matter of if, but when,” they wrote on The Hill. “Companies should start with the presumption that they will be attacked and have a comprehensive incident response plan in place. An incident response plan should include a consumer notification process especially when sensitive data such as Social Security numbers and financial information is corrupted.”

Event: Cybersecurity Panel Discussion – 2018 SonicWall Cyber Threat Report
Date: Tuesday, March 6, 12:30 p.m. EST
Location: Committee Room 2325, Rayburn House Office Building, Washington D.C.
Panel:

  • Chairman Lamar Smith, Congressman, 21st Congressional District of Texas
  • Honorable Secretary Michael Chertoff, former head of the U.S. Department of Homeland Security
  • Bill Conner, President and CEO, SonicWall
  • Michael Crean, CEO, Solutions Granted

The panel also will leverage and discuss the findings and intelligence from the 2018 SonicWall Cyber Threat Report, which provides key advances for the security industry and cybercriminals; exclusive data on the 2017 threat landscape; cyber security predictions for 2018; cyber security guidelines and best practices.

Get the 2018 SonicWall Cyber Threat Report

The cyber arms race is a challenge we face together. And it’s the core reason we’re committed to passing our findings, intelligence, analysis and research to the global public via the SonicWall 2018 Cyber Threat Report.

SonicWall MSSP Program: Blueprint for Filling the Cyber Security Skills Gap

The demand for experienced cyber security professionals is at an all-time high. These highly skilled assets are essential in helping businesses protect customers, networks, sensitive data and intellectual property in a fast-moving cyber arms race.

But according to a recent ESG study, 51 percent of respondents claimed their organization had a problematic shortage of cyber security skills. I have watched this deficiency consistently grow the last five years.

Organizations are struggling to understand their own risk, which threats to focus on and where to put more of their security, resources and people to protect their environment.

When deploying new software, systems and architecture to run their business, companies find themselves redefining their cyber security strategy. They become focused on combating the cyber criminals and threat actors attacking their vulnerable web applications, systems, networks and connected devices. And they lose focus on their core business.

Annual ESG surveys are identifying an alarming trend in the cyber security skills gap. More than 51 percent of respondents claimed their organization had a problematic shortage of cyber security skills. This figure has more than doubled since 2014, according to CSO Online.

They must procure, implement, manage and optimize numerous cyber security tools and solutions that are running on different platforms and providing data in various formats. Security manageability and accountability becomes an operational challenge.

The absence of coordination, central collection, normalization and analysis of disparate data often leads to an incomplete and incoherent view of what is happening in the organization. This lack of visibility and awareness inside the security environment further impairs an organization’s ability to identify and remediate security gaps.

The absence of an in-house security team often compels organizations to outsource their entire security program to a capable managed security service provider (MSSP). It is all about managing and reducing risks, and responding fast to security events. For a majority or companies, this is a smart approach.

Managed security services (MSS) come in many different flavors and degrees of complexity. In fact, according to Research and Markets, the global MSSP market is predicted to exceed $31 billion by 2019 and the escalating cyber arms race is a primary catalyst.

Thankfully, I already see that many SonicWall SecureFirst partners have implemented managed security solutions to fill the skills gap. Others are in the process of doing so.

SonicWall continues to be committed to enabling partners to grow their services practices, and it’s the core reason we’ve just rolled out the SecureFirst MSSP Partner Program.

The SonicWall SecureFirst MSSP Partner Program

We designed our MSSP Program with the flexibility to ensure SecureFirst Partners across the spectrum of MSSP maturity models could participate and gain significant value from participation in the program.

Available to SecureFirst Silver, Gold and Platinum Partners, the SecureFirst MSSP Partner Program includes options for monthly billing through SonicWall’s popular Security-as-a-Service pricing model, multi-tenant capabilities and go-to-market branding opportunities. The SecureFirst MSSP Program will help eligible partners:

  • Design, launch and scale their MSSP offerings
  • Defend customers against evolving threats
  • Grow deeper customer relationships that place partners in a position of trust and thought leadership
  • Increase profitability by offering recurring, consistent revenue streams
  • Help customers reduce or eliminate upfront product costs

A constant struggle for MSSPs today is managing their operating costs, which makes security solution selection critical in helping minimize man-hours responding to incidents. With SonicWall Capture Labs threat intelligence data, SonicWall empowers MSSP partners with the critical threat visibility to offer customers real value through automated, ongoing and proactive protection in today’s ever-evolving threat landscape.

The MSSP ‘blueprint’

Recognizing that time to revenue is critical, our MSSP program offers MSS blueprints to help Partners jumpstart their managed security service offerings quickly and cost effectively. These blueprints provide the training, tools and support required to deliver a range of managed service offerings based on SonicWall solutions they already trust.

The program helps SonicWall partners offer a range of managed security service offerings either by implementing SonicWall MSS blueprints for high-demand managed security solutions or by jointly developing custom MSS offerings that build on your existing managed service core competencies and expertise.

Jumpstarting MSSP offerings

I strongly believe that proactive MSSPs are agile, responsive and skilled. They have the mindset to deliver valuable security outcomes, which are more realistic and cost-effective than customers taking their cyber security efforts in-house.

Following the Partner Enabled Services program SonicWall launched in 2017, the SonicWall MSSP Partner program is focused on helping partners — of all MSS maturity stages — jumpstart their managed services offerings to quickly fill their customers’ cyber security skills gap.

One of our trusted partners told me, “More of our customers are looking toward end-to-end managed security services to protect themselves.”

It’s just one of the many candid pieces of feedback I receive when talking to our partners across the board. As a 100 percent channel company, I knew the SonicWall MSSP Partner program was the next step to support our loyal channel community.

Ready to Enroll in the SonicWall MSSP Program?

Eligible SecureFirst Partners may register for the SonicWall SecureFirst MSSP Program online at https://www.sonicwall.com/en-us/partners/mssp-partner-program. For additional information, please download our complimentary program brochure.

California School District Amps Up Content Filtering with SonicWall’s Security-as-a-Service

We know how much value SonicWall network security brings to our customers, and we know how much value our partners add when incorporating our solutions into their solutions for our customers.

The case of Calistoga Unified Regional School District is an excellent example.

Calistoga is in California’s Napa Valley. The district has more than 850 students, divided among an elementary school, junior/senior high school and an alternative-program continuation high school for students between the ages of 16 and 18. Administration offices are in a separate building near the junior/senior high school.

The district felt that its existing content-filtering services were not providing all the functionality it needed. Calistoga couldn’t get the flexibility and granular control over content filtering it needed to define different roles and access permissions for students, faculty and staff.

Like all K-12 school districts, Calistoga’s content filtering is there to protect against inappropriate and malicious web content, as well as to control application access.

“Our No. 1 priority is making sure that the students are protected,” says Jenna Burrows, Calistoga’s Director of Business Services.

Regulatory requirements regarding content filtering are also part of the picture. The Children’s Internet Protection Act (CIPA), is the most directly relevant. Content filtering is also important with regards to the Family Educational Rights and Privacy Act (FERPA), which protects students’ personally identifiable information (PII) from unauthorized disclosure, and is a requirement for districts to be eligible for discounts through the federal E-rate program.

Faced with a clear need to upgrade their content-filtering capabilities, Calistoga turned to their local managed services provider, Napa Valley Networks (NVN). NVN has been a SonicWall partner for more than 15 years. NVN recommended SonicWall’s Content Filtering Service for Calistoga.

But NVN didn’t stop with content filtering. After an initial audit of Calistoga’s network, they uncovered an issue with the district’s gateway. NVN’s Vice President and Chief Technology Officer, Kyle Lumley, says the existing gateway “didn’t give them the control or feature set that they needed.”

NVN’s recommendation for Calistoga was a SonicWall SuperMassive 9800 next-generation firewall with High Availability capability.

All well and good so far. More granular, customizable content filtering and a new gateway to provide better control for the present, as well as being better able to handle future increases in networked devices and utilization.

Then came the 400-pound gorilla. How could Calistoga afford to pay for these improved capabilities? School districts work under very tight financial constraints.

Fortunately, NVN and SonicWall had a solution.

Calistoga leveraged SonicWall’s Security-as-a-Service (SECaaS). Rather than paying a large amount upfront as a capital expenditure, Calistoga pays a much more manageable monthly fee which fits within its operating budget. Burrows says this is a much more reasonable solution for the district.

Additionally, much of the cost is eligible for discounts through the federal E-rate program.

NVN coordinated the transition to the new gateway and Content Filtering Service. All went well, even in the face of tight deadlines. Calistoga’s happy with the results.

Read the Case Study here.