Posts

Wave 2 Wireless Standard Powers SonicWall’s New High-Performance SonicWave Access Points

/0 Comments/in /by

Over the past few months, Verizon has launched a series of television ads in which the main character utters the line, “Right plan, wrong network.” The actor saying the line is talking to another character who is clearly having an unhappy experience with his/her cellular connection. If you own a mobile phone, it’s likely you’ve gone through something similar at one point.

While the focus is on cellular in this case, the same can be said for Wi-Fi. It’s all about the user experience. Slow wireless performance is a big turn-off. If you’re providing wireless connectivity to employees, customers, students or guests, odds are you’ve heard complaints about the performance of your wireless network at some point.

Of course, there are a number of factors that impact the quality of the wireless connection, such as physical objects, proximity to an access point and, if you’re outdoors, weather. None of this matters to Wi-Fi users, however. They just expect to have lightning-fast connectivity.

The Wave 2 Wireless Standard Is Here

Something else that affects performance is the technology behind the wireless signal. If you’re like me and still have an iPhone 5 that only supports the 802.11n wireless standard, you’re not expecting much. However, if you have a more modern phone you can take advantage of the faster 802.11ac standard, which has been around for the past five or so years.

This assumes the access point (AP) you’re connecting to also supports that standard. Times are changing once again and the new standard is 802.11ac Wave 2, which promises multi-gigabit wireless performance.

In fact, we’re right in the middle of the transition to Wave 2 technology, which means more client devices (e.g., phones, laptops, tablets, etc.) that support the new standard are coming to market along with Wave 2 wireless access points. To take advantage of the faster speeds, both the client and access point must support Wave 2.

Introducing SonicWave Wireless Access Points

Given the seemingly universal use of wireless in retail stores, schools, doctors’ offices and other locations, and the need for high-speed connectivity, SonicWall is extending its portfolio of wireless products with the introduction of a series of 802.11ac Wave 2 wireless access points.

The SonicWave series features two indoor access points, the 432e and 432i, and one outdoor access point, the 432o. All three models are built on the idea of delivering an exceptionally fast, secure and reliable wireless experience.

SonicWave access points support the 802.11ac wireless standard, so they’re able to take advantage of performance and reliability features such as Multi-User MIMO (MU-MIMO), which enables simultaneous transmission from the access point to multiple wireless clients instead of just one.

A built-in 2.5 GbE port eliminates the need for multiple 1 GbE ports to facilitate multi-gigabit throughput. For enhanced reliability, beamforming focuses the wireless signal on an individual client instead of spreading the data transmission equally in all directions.

Wireless Security, Speed

From an organizational standpoint, providing high-speed wireless is essential. It enables the use of bandwidth-intensive apps and faster sharing of data. Securing that data as it travels across the wireless network is equally important.

SonicWall’s solution to the need for wireless security and speed is something we call Wireless Network Security, which combines SonicWave access points with our next-generation firewalls, such as the NSA series.

All inbound and outbound Wi-Fi traffic is scanned by the SonicWall firewall’s high-speed deep packet inspection (DPI) engine, including TLS/SSL encrypted connections, so threats such as ransomware and intrusions are removed. Unknown files are analyzed by our Capture Advanced Threat Protection service to eliminate zero-day threats.

Other security and control capabilities, such as content filtering, application control and intelligence, can be run on the wireless network to provide added layers of protection. The solution also integrates additional security-related features, including wireless intrusion detection and prevention, virtual access points and wireless guest services.

How else can SonicWall help you provide a fast, reliable and secure wireless experience?

  • Dedicated third security radio – Continually scan the wireless spectrum for rogue access points without impacting performance using the SonicWave access point’s third radio, something very few Wave 2 access points on the market provide.
  • MiFi Extender – Attach a 3G/4G/LTE modem to the SonicWave access point for use as either the primary wide area network (WAN) or as a secondary failover WAN link for business continuity.
  • Bluetooth Low Energy (aka Bluetooth Smart) radio – Use industrial, scientific and medical (ISM) applications for healthcare, fitness, retail beacons, security and home entertainment over a low-energy link.
  • AirTime Fairness – Distribute air time equally among connected clients, ensuring faster clients get more data in their time while slower clients receive less.
  • Band steering – Steer dual-band clients to connect automatically to the less-crowded 5 GHz frequency band, leaving the more-crowded 2.4 GHz frequency for legacy clients.

Wave 2 wireless technology is here and with it comes the promise of a faster and better user experience. To learn more about how the SonicWall SonicWave series can help you provide that experience, explore the new SonicWave series on our website.

Watch SonicWave Video

SonicWall Annual Threat Report Reveals the State of the Cybersecurity Arms Race

/0 Comments/in /by

In the war against cyber crime, no one gets to avoid battle. That’s why it’s crucial that each of us is proactive in understanding the innovation and advancements being made on both sides of the cybersecurity arms race. To that end, today we introduced the 2017 SonicWall Annual Threat Report, offering clients, businesses, cybersecurity peers and industry media and analysts a detailed overview of the state of the cybersecurity landscape.

To map out the cybersecurity battlefield, we studied data gathered by the SonicWall Global Response Intelligence Defense (GRID) Threat Network throughout the year. Our findings supported what we already knew to be true – that 2016 was a highly innovative and successful year for both security teams and cyber criminals.

Security Industry Advances

Security teams claimed a solid share of victories in 2016. For the first time in years, our SonicWall GRID Threat Network detected a decline in the volume of unique malware samples and the number of malware attack attempts.  Unique samples collected in 2016 fell to 60 million compared with 64 million in 2015, whereas total attack attempts dropped to 7.87 billion from 8.19 billion in 2015. This is a strong indication that many security industry initiatives are helping protect companies from malicious breaches.  Below are some of the other areas where progress is clearly being made.

Decline of POS Malware Variants

Cybersecurity teams leveraged new technology and procedural improvements to gain important ground throughout the year. If you were one of the unlucky victims of the point-of-sale (POS) system attack crisis that shook the retail industry in 2014, you’ll be happy to learn that POS malware has waned enormously as a result of heightened security measures. The SonicWall GRID Threat Network saw the number of new POS malware variants decrease by 88 percent since 2015 and 93 percent since 2014. The primary difference between today’s security procedures and those that were common in 2014 is the addition of chip-and-PIN and chip-and-signature technology particularly in the United States, which undoubtedly played a big role in the positive shift.

Growth of SSL/TLS-Encrypted Traffic

The SonicWall GRID Threat Network observed that 62 percent of web traffic was Secure Sockets Layer/Transport Layer Security (SSL/TLS) encrypted in 2016, making consumers and businesses safer in terms of data privacy and integrity while on the web. This is a trend we expect to continue in 2017, based on Google’s announcement that it has a long-term plan to begin marking HTTP traffic in its Chrome browser as “not secure.” NSS Labs estimates that 75 percent of web interactions will be HTTPS by 2019.

Decline of Dominant Exploit Kits

We also saw the disappearance of major exploit kits Angler, Nuclear and Neutrino after cybersecurity investigations exposed the likely authors, leading to a series of arrests by local and international law enforcement agencies. The SonicWall GRID Threat Network observed some smaller exploit kits trying to rise to fill the void. By the third quarter of 2016, runner-up Rig had evolved into three versions employing a variety of obfuscation techniques. The blow that dominant exploit kit families experienced earlier in 2016 is a significant win for the security industry.

Cyber Criminal Advances

As with any arms race, advances made by the good guys are often offset by advances made by the bad guys. This is why it’s critical for companies to not become complacent and remain alert to new threats and learn how to counterattack. Below are some of the areas where cyber criminals showed their ability to innovate and exploit new ways to launch attacks.

Explosive Growth in Ransomware

Perhaps the area where cyber criminals advanced the most was in the deployment of ransomware. According the SonicWall GRID Threat Network, ransomware attacks grew 167 times since 2015, from 3.8 million in 2015 to 638 million in 2016. The reason for this increase was likely a perfect storm of factors, including the rise of ransomware-as-a-service (RaaS) and mainstream access to Bitcoin. Another reason might simply be that as cybersecurity teams made it difficult for cyber criminals to make money in other ways, they had to look for a new paycheck.

Exploited Vulnerabilities in SSL/TLS Encryption

While the growth of SSL/TLS encryption is overall a positive trend, we can’t forget that it also offers criminals a prime way to sneak malware through company firewalls, a vulnerability that was exploited 72 percent more often in 2016 than in 2015, according to NSS Labs. The reason this security measure can become an attack vector is that most companies still do not have the right infrastructure in place to perform deep packet inspection (DPI) in order to detect malware hidden inside of SSL/TLS-encrypted web sessions. Companies must protect their networks against this hidden threat by upgrading to next-generation firewalls (NGFWs) that can inspect SSL/TLS traffic without creating performance issues.

IoT Became a New Threat Network

Many people who enjoy using Reddit, Netflix, Twitter or Spotify experienced another of our top threat trends firsthand. In October 2016, cyber criminals turned a massive number of compromised IoT devices into a botnet called Mirai that they then leveraged to mount multiple record-setting distributed denial-of-service (DDoS) attacks. The SonicWall GRID Threat Network found that at the height of the Mirai botnet usage in November 2016, the United States was by far the most targeted, with 70 percent of DDoS attacks aimed at the region, followed by Brazil (14 percent) and India (10 percent). The root cause leading to the Mirai attacks was unquestionably the lax security standards rampant in IoT device manufacturing today. Specifically, these devices do not prompt their owners to change their passwords, which makes them uncommonly vulnerable.

Combatting the New Cyber Threats

It’s worth noting that the technology already exists today to solve many of the new challenges cyber criminals threw at victims in 2016.  SSL/TLS traffic can be inspected for encrypted malware by NGFWs with high-performance SSL/TLS DPI capabilities.  For any type of new advanced threat like ransomware, it’s important to understand that traditional sandboxing solutions will only detect potential threats, but not prevent them. In order to prevent potential breaches, any network sandbox should block traffic until it reaches a verdict before it passes potential malware through to its intended target.  SonicWall’s family of NGFWs with SSL/DPI inspection coupled with the SonicWall Capture multi-engine cloud sandbox service is one approach to provide real-time breach prevention for new threats that emerge in the cybersecurity arms race.

If you’re reading this blog, you’re already taking an important first step toward prevention, as knowledge has always been one of the greatest weapons in the cybersecurity arms race. Take that knowledge and share it by training every team member in your organization on security best practices for email and online usage. Implement the technology you need to protect your network. And most importantly, stay up-to-date on the latest threats and cybersecurity innovations shaping the landscape. If you know where your enemy has been, you have a much better shot of guessing where he’s going.

DOWNLOAD 2017 SONICWALL THREAT REPORT

New SonicWall SecureFirst Partner Program -100% Security, 100% SonicWall

/0 Comments/in , /by

Today is an exciting day for SonicWall and our channel partners.  As part of SonicWall’s transition to an independent company owned by Francisco Partners and Elliot Management and to affirm our 100% channel strategy, we are launching the new SonicWall SecureFirst Partner Program.  We thought long and hard on what to name our new program.  So why SecureFirst?  SECURE – because for SonicWall, security is our mission – it’s all we do and it’s what motivates us every day – to protect our customers from the constantly evolving cyber threat landscape.  And FIRST – because our partners and customers always come first!

SecureFirst is now the way our channel partners worldwide access the entire SonicWall portfolio of technology and solutions – from our best-in-class next-generation firewalls, SonicWall Capture for advanced threat protection, access security, email security and Security-as-a-Service.  With SecureFirst, all of these solutions will continue to be available through SonicWall’s network of valued Distributors, so partners can continue to source SonicWall products uninterrupted, in the way they are accustomed. Partners will find several program levels in SecureFirst, allowing them to commit to SonicWall solutions at a level that is right for their security practices. With the different levels of commitment to the program come differentiated levels of rewards and benefits. Central to the new program is Reward for Value, SonicWall’s partner profitability framework that rewards partners for the value they bring to selling, implementing, and supporting SonicWall solutions. Both up-front discounts and back-end rewards have all been refreshed with the new program and are optimized for partners growing their security practice with SonicWall. New sales and technical enablement will become available as well as new programs to help partners leverage greater services and support opportunity with their SonicWall solutions.  When you add it all up, SecureFirst has the horsepower to deliver high performance and deep security solutions with unparalleled protection for your customers, while driving accelerated reward and value for your business.

Sign up for SecureFirst today. We encourage all partners – whether you are legacy SonicWall, legacy Dell or a new partner looking to onboard with SonicWall — to enroll in the SecureFirst Partner Program.  The process is simple and straightforward. Further details can be found at the new partner website www.sonicwall.com/partners.

With a twenty-five year legacy as a security industry leader, we couldn’t be more excited about the launch of the new program.  Partnering has always been at the heart of SonicWall’s strategy and the partner program is an important part of that.  But equally important is the commitment we make to the channel and the deliberate dependence we have on our partners.  And the entire SonicWall team of security professionals that is dedicated to the success of our partners and their customers. These things will never change.  They are just as much a part of the new SonicWall as they’ve always been.  Thanks for investing in your partnership with the new SonicWall.  As always, we want to hear from you.  Find us on Twitter @SonicWall and @sppataky.

“We are pleased that the Secure First Partner Program rewards committed partners for the value they provide to customers, provides sufficient product margin and rebates, and offers discounted training and incentives for new SonicWall partners to grow their SonicWall practice.

Western NRG has been working with SonicWall exclusively for over a decade. We provide customers with custom-fit SonicWall configuration, ongoing appliance management, network reporting, and expert network security support. We are excited for what lies ahead as SonicWall begins this new chapter and continues to deliver the world’s best security solutions.” Said Timothy Martinez, President and CEO of Western NRG, Inc.

“For over a decade, SonicWall has been such a great and valuable partner across Latin America. A channel-centric vendor that provides profitable growth opportunity for us and our resellers on the cyber security segment helping small, medium and large customers to protect their infrastructure and applications,” said Rafael Paloni, President Latin America, Network1 ScanSource.

Are School-issued Mobile Devices Safe to Use on Off-campus Networks?

/0 Comments/in /by

A few weeks ago my eldest son was given a Chromebook by his school which he brought to the house to do his homework. Before the Chromebook, he did his homework on the PC I had set him up with in his room. The nice thing about that is I have a firewall with a content (aka URL or web) filtering policy in place so I have control over the websites he can access since he’s getting to the internet through our home network. But not everyone has a firewall and/or content filtering to protect their kids from inappropriate and potentially harmful web content.

Schools providing K-12 students with mobile devices so that they can access content over the internet has grown over time as administrators, teachers and parents see the benefits of an untethered learning environment. A Project Tomorrow report indicates that almost half of the K-12 teachers surveyed said that their students have regular access to mobile devices in their classroom. Some of those devices are school-issued. However as students enter high school more prefer to use their own personal mobile device in the classroom whether it’s a laptop, Chromebook, tablet or smartphone.

In an earlier blog I wrote about five things K-12 schools should look for in a network security solution. One of those is web filtering. K-12 schools need a URL filtering policy in place that includes technology to protect students from inappropriate or harmful internet content if they want to be eligible for discounts through the government’s E-rate program, also known as the Schools and Libraries program. While most schools have a filtering policy in place to protect students when they’re in the classroom, what happens when they take that device home? Does the mobile device have some way to enforce the policy beyond the school’s network perimeter?

This leads me back to the story about my son’s Chromebook. Without some mechanism in place that blocks access to inappropriate websites when the device is outside the firewall he could take the Chromebook anywhere there is a Wi-Fi connection and have unrestricted internet access. From a parent’s point of view, depending on the student’s age that’s probably not a good thing. From the school’s perspective, administrators don’t want to be viewed as the provider of a tool that enables children to look up inappropriate videos, images or text without some form of control in place.

One solution school IT administrators use to solve the problem is to force all traffic from the device back through the school’s firewall once the device connects to the internet. The nice part about this approach is that the school can use the same policy whether the device is inside or outside the firewall perimeter. There is some downside though. Routing all traffic from every school-issued device regardless of its location back through the school network consumes valuable bandwidth which can be costly.

A unique solution SonicWall offers is our Content Filtering Client. Residing locally on the Windows, Chrome OS or Mac OS X mobile device, the client extends web filtering policy enforcement to devices used outside the firewall perimeter. Administrators can apply the same policy or a different one depending on whether the student is using the device is being used inside or outside the network. The device will also switch over to the inside policy once it reconnects to the school’s network. The combination of the Content Filtering Service and Content Filtering Client provides “inside/outside” web filtering coverage.

If you’re an IT director or administrator with responsibility for implementing network security and content filtering across the school district and would like to learn more about Dell SonicWALL Content Filtering Services and why they are an essential component of your network security strategy, read our technical white paper titled “K-12 network security: A technical deep-dive playbook.”

Download Tech Brief

SonicWall Security Named Grand Trophy Winner

/0 Comments/in /by

On April 20, 2015, Info Security Products Guide, the industry’s leading information security research and advisory guide, announced the winners for its 11th Annual Info Security 2015 Global Excellence Awards. These prestigious global awards recognize security and IT solutions that have a profound impact on the Security industry. More than 50 industry leaders including CISOs, executives, and industry analysts and experts from around the world participated in the selection of the winners for 72 security and IT product and service categories.

Today, we are thrilled to announce that Info Security Product Guide has honored SonicWall as the Grand Trophy Winner as well as the winner of 12 additional awards outlined in the table below. These recognitions validate the feedback we get from our customers.

Info Security Products Guide 2015 Global Excellence Grand

For nearly two decades, SonicWall Security has created innovative products that have set and reset the standard for security. Our technologies have continued to lead the way with an advanced patented security architecture in addition to a best-in-class security research team enabling our customers to be future-ready. SonicWall’s industry experience, innovative technologies and technical excellence to solve security and compliance challenges have made us the vendor of choice for many leading Fortune 500 organizations across all sectors. Receiving these honors affirms our deep commitment to investing in ongoing research and development as well as our unique dedication to helping our customers experience a more secured future.

Category Award
Grand Trophy Winners SonicWall (2,500+ employees)
Firewalls GOLD Winner: SonicWall SuperMassive 9800
New Products & Services Silver Winner (2,500+ employees): SonicWall SuperMassive 9800
Integrated Security &
Unified Threat Management (UTM)		 Bronze Winner: SonicWall TZ Series
IP Sec/SSL/VPN Bronze Winner: SonicWall Secure Mobile Access (SMA)
Network Security & Management Silver Winner: SonicWall Global Management System (GMS)
Email Security & Management Bronze Winner: SonicWall Hosted Email Security
Auditing Silver Winner: SonicWall ChangeAuditor
Best Security Software (New or Updated) Bronze Winner: SonicWall One Identity-as-a-Service
Cloud Security Bronze Winner: SonicWall Cloud Access Manager
Compliance Bronze Winner: SonicWall ChangeAuditor
Identity Management Bronze Winner: SonicWall One Identity Manager
Endpoint Security Bronze Winner: SonicWall KACE K1000

If you are an IT leader responsible for your organization’s information and network security, defining the company’s security defense program and vetting security technologies can be a trying experience, especially when available choices are often equivocal. In these circumstances, how often do you find yourself looking for credible third-party endorsements such as the Info Security Product Guide Global Excellence Awards for guidance and validation prior to making critical purchase decisions? Before buying additional security technologies, here are some key recommendations to consider.

  1. Develop an information and user risk profile and determine the security controls that will be needed to protect the business from internal and external threats.
  2. Perform a comprehensive threat and vulnerability analysis and identify all possible ways users and systems can be exploited by cyber criminals.
  3. Explicitly call out security requirements that can best remediate identified threats, risks and liabilities that require immediate attention.
  4. Accurately map the award-winning SonicWall products listed above to the appropriate use cases identified in step 1 through 3.
  5. Last but not least, begin layering multiple security technologies together so that you have more than one way of preventing and responding to various attack methods that a hacker may use to harm the organization.