Posts

New SMA Release Updates OpenSSL Library, Includes Key Security Features

As part of SonicWall’s commitment to performance, security and usability, we are introducing SMA 100 Series release 10.2.1.7.

SonicWall Secure Mobile Access (SMA) 100 Series is a unified secure access gateway that allows organizations to offer remote users virtual private network (VPN) access to their corporate applications. SMA 100 Series release 10.2.1.7 includes several key security features that protect the operating system from potential attack as well as updates to the OpenSSL Library.

SonicWall has taken the approach of incorporating security enhancements in their products, such as the SMA 100 series, which helps identify potentially compromised devices by performing several checks at the operating system level and baselining normal operating system state. In addition, SonicWall sends anonymous encrypted data to backend servers, including device health data, to detect and confirm security events and release new software to correct the issue.

SMA 100 Security Enhancements with NIST 800-61

SMA 100 10.2.1.7 follows the NIST incident response playbook of detection and analysis, containment, eradication, and recovery.

Detection & Analysis: The SMA 100 10.2.1.7 continuously monitors the operating system (also called firmware) for any anomalous behavior and deviations from normal operations. Further analysis is done to determine if these aberrations represent actual security incidents. If a security incident is discovered on the local system, additional diagnostic metadata is collected from the operating system to determine the root cause of the incident.

Containment: After detecting a potentially malicious event, it is important to contain the intrusion before an adversary can access more resources and cause further damage. If the SMA 100 is deemed to have deviated from normal behavior, short-term containment is performed. This involves restricting specific network communications from the SMA 100 to avoid communications to malicious servers.

Figure: SMA 100 Incident Response Methodology
Eradication: If SMA 100 has been deemed to be compromised, eradication is the process of trying to eliminate the root cause of the incident and either evict the adversary or mitigate the vulnerability that may have enabled the adversary to enter the environment. To achieve this, suspicious processes are terminated, and unauthorized files are removed from the operating system.

Recovery: This phase involves bringing an affected SMA 100 back to normal operations to avoid future incidents. When the SMA 100 has a confirmed security incident after our internal analysis, customers are notified by SonicWall support. SonicWall will work with the affected customers to upgrade them to newer firmware.

Hygiene: While not part of the incident response playbook, good security hygiene and following industry security practices is important in staying proactive against cyber threats. SMA 100 10.2.1.7 also checks to see if the end customer is following security best practices, such as ensuring password expiration and multi-factor authentication and enabling web application firewalling to secure the SMA 100. If these have not been enabled, the customer is prompted to do so using proactive messages on the administrative user interface.

SMA 100 gets updated OpenSSL library

SMA 100 leverages the OpenSSL Library to offer SSL-VPN connection security. We are updating the OpenSSL Library to the 1.1.1t version to patch third-party OpenSSL vulnerability documented in ‘CVE-2022-4304: A timing-based side channel exists in the OpenSSL RSA Decryption implementation.

SonicWall recommends all SMA 100 customers upgrade to 10.2.1.7 by logging in to MySonicWall or by following the guidance in the following resources.

  1. Knowledge Base
  2. Upgrade Guide
  3. Administrative Guide
  4. Release Notes

SonicWall SMA 1000 Series Earns Best-Of Enterprise VPNs Award from Expert Insights

SonicWall is pleased to announce that it has been awarded an Expert Insights “Best-Of” award for its enterprise VPN solution: SMA 1000 Series.

SonicWall earned this coveted award thanks to its ability to empower remote workforces without sacrificing security or ease of use. The SonicWall SMA 1000 Series easily handles the influx of remote users on large, distributed networks by enabling organizations to scale up to a million remote VPN users.

“The SMA 1000 Series appliances enable organizations to deliver best-in-class secure access to any network or application, anytime, from anywhere and any device — all while minimizing attack surfaces,” said SonicWall Executive Director of Product Marketing Kayvon Sadeghi. “We are incredibly honored to see our enterprise VPN solution be recognized by Expert Insights.”

Expert Insights’ Best-Of Awards are designed to recognize cloud technology providers across multiple software categories including cloud software, security and storage, highlighting up to 11 vendors in each category.

Best-Of award winners are chosen by Expert Insights’ editors, based on extensive research into each solution’s merits as a solution provider, customer reviews and how they compare to their competitors.

All recipients of these awards were specifically selected for their impressive features, strong capabilities, and positive user experiences. Expert Insights also takes into consideration pricing, target markets and the deployment process when selecting the top vendors.

You can view the full list of Expert Insights award winners here.

Award image

12 Smart Reasons to Upgrade to SonicWall Secure Mobile Access (SMA)

The modern mobile or remote workforce is one businesses’ most valuable resources. Ensuring users have fast and secure anytime, anywhere access to applications, services and networks is a business-critical function.

For many years, the SonicWall Secure Remote Access (SRA) solution was the workhorse for distributed or remote personnel across the world. But technology moves fast. Today’s business environment has more users, applications and services than ever before. Satisfying this need requires a secure, high-performance remote access solution.

That’s why SonicWall introduced Secure Mobile Access (SMA), a unified secure access gateway that enables organization to provide anytime, anywhere and any device access to any application. More memory. More users. More throughput.

The solution’s granular access control policy engine, context-aware device authorization, application-level VPN and advanced authentication with single sign-on enables organizations to move to the cloud with ease, and embrace BYOD and mobility in a hybrid IT environment.

Explore the top 12 reasons organizations are upgrading to SonicWall SMA to deliver the speed, security and user experiences their mobile workforces require.

Shrink Budgets by Going Virtual

Virtualizing your infrastructure provides many benefits, while significantly improving performance needed for today’s secure mobility. Improvements include enhanced scalability and flexibility, reduction in downtime, minimized upfront investment and lower maintenance costs.

Why upgrade: SMA 8200v is a powerful virtual appliance with a quad-core processor and 8 Gb RAM. It delivers high-performance secure remote access — all at a fraction of the cost of a physical appliance.

Go Faster

Having both more and faster processing cores enables SMA to encrypt data-in-motion and with lower latency. The end result is a faster, high-performance experience for end users.

Why upgrade: The SMA series has quad core processors that run at up to 1.8 times the speed of those on the SRA series (single core on EX6000 and dual core on EX7000).

Increase Your Throughput

While speed is important, the ultimate goal is to deliver a seamless user experience. By increasing throughput, you promote better productivity with fast and secure access to mission-critical cloud and on-premises applications.

Why upgrade: SMA appliances have up to 15 times the SSL-VPN throughput of the SRA EX series (1.58 Gbps/400 Mbps/3.75 Gbps vs. 106 Mbps/550Mbps).

Serve More Concurrent Users

The mobile workforce has matured quickly in the past decade. Businesses are serving more remote users than ever before — and usually at the same time. Having a higher number of concurrent user sessions provides greater scalability by enabling more simultaneous user sessions to be active and tracked by firewalls.

Why upgrade: The SMA series offer more scalability from a single appliance for larger numbers of concurrent user sessions compared to the SRA series.

Get More High-Speed Ports

Today’s applications and cloud services are bandwidth hogs. Whether users are accessing sales data from a SaaS application or streaming a video presentation, organizations need the throughout to support bandwidth-intensive applications and high-speed data transfers.

Why upgrade: SMA 8200v supports 2 10-GbE ports and SMA 7200 includes 2 10-GbE ports out-of-the box.

Keep Features, Firmware Current

One of the most important best practices to defend against cyberattack or unknown threats is to always keep patches current. This habit also ensures you’re getting the latest feature updates to take advantage of new capabilities that help reduce costs while embracing trends such as BYOD, mobility and cloud.

Why upgrade: Every SMA firmware version is packed with new features. For example, SMA OS 12.1 is the current recommended firmware that provides advanced features, such as:

  • Federated Single Sign-On (SSO)
  • Face ID AUTH Support
  • Centralized Access Portal for Hybrid IT
  • File-Scanning via SonicWall Capture ATP Sandbox Service

Retain Support, Warrant for Hardware

Delivering secure remote access is a critical IT function that reduces attack surface for cybercriminals. It is imperative that the solution is always fully supported and has a best-in-class warranty — should the need arise.

Why upgrade: The SRA series are approaching End of Life (EOL) and the appliances will not be supported beyond November 2019.

Centralize Management & Reporting

Management and technology oversight are significant cost centers for businesses. By centralizing management and reporting, and automating routine tasks, organizations can drastically reduce administrative overhead. That’s time better spent on core business or security objectives.

Why upgrade: SonicWall Central Management Server (CMS) provides organizations with a single administrative user interface for reporting and management of all SMA appliances. This even includes SSL certificate management and policy roll-outs.

Enhance Resilience & Availability

Downtime happens. But organizations do their best to ensure business continuity and scalability, not to mention service-level agreements are being met. Service providers vastly improve Quality of Service (QoS) and workforce productivity by being in proactive in this area.

Why upgrade: Appliances managed by CMS can be configured as Active/Active or Active/Standby high-availability (HA) clusters for redundancy, availability and reliability. The solution includes Global Traffic Optimizer (GTO) for intelligent load-balancing and universal session persistence in case of failovers.

Store Critical Information with Onboard Memory

While much storage today is outsourced to clouds or servers, having large onboard modules is still a key capability. It allows for the local storage of logs, reports, file transfer inspection, firmware backups and restores, and more.

Why upgrade: The SMA 6200 and 7200 offer storage modules that have 12.5 times the capacity of the SRA series (2 x 500 GB vs. 80 GB).

Reduce Costs by Maximizing Global Usage

Organizations with appliances that are globally distributed can benefit from the fluctuating demands for user licenses due to time differences from off‐work/night hours.

Why upgrade: User licenses no longer need to be applied to individual SMA appliances. With central user licensing, CMS reallocates licenses to managed SMA appliances based on usage.

About SonicWall SMA

SMA is an advanced access security gateway that offers secure access to network and cloud resources from any device. SMA provides centralized, granular, policy-based enforcement of remote and mobile access to any corporate resource delivered using a hardened Linux-based appliance. Available as hardened physical appliances or powerful virtual appliances, SMA fits seamlessly into any existing IT infrastructure.