Posts

The “Aha” Moment. Say Yes to Security and Collaboration.

In survey after survey, IT executives continue to say that security is one of the top challenges they face. No one has to tell us about the risks. The stories of data theft and breaches are in the media every day. We are intimidated by the rapidly changing threat environment. New malware is being written every day and some of it is being written using a variety of methods that defeat existing security technologies. And too often the way that we protect our organizations is to add a myriad of approaches, tools and solutions, creating a tremendous amount of complexity that becomes hard to understand let alone manage.

But if you dig down one level, what you find is that security concerns create a barrier to doing what IT really needs to do, which is implement cool new initiatives that move the business forward.

Everybody wants to be seen as a hero, the clever one who can take on challenges, solve problems and make an impact on the business. Unfortunately, the security concerns become the reason they can’t do it. At SonicWall Security, we are working to help out with the security equation.

What are the initiatives that organizations are trying to deploy? One of the biggest areas of opportunity comes from all of the innovation that is going on in the cloud. Moving your work to the cloud streamlines the ability of your workers to collaborate and share information in real time. Tools like Microsoft Office 365 and DropBox allow employees to collaborate in a way that is changing the workplace.

This really hit home for me a couple of weeks ago when my 11-year-old daughter was assigned a big project in her fifth grade class. She and her teammate needed to create a report and a presentation. The night before the project was due, I came into her bedroom and she had her iPod setup to FaceTime her partner. They were both working together on the report using Google Docs and on the presentation using Google Sheets. They were oblivious to me, so I watched for a few minutes as they talked through ideas, added and edited text and pictures, and generally created and fine tuned the deliverables.

For this project, there was no need for them to meet, or even call each other. Collaboration tools enabled the entire project. This was an “aha” moment for me, because I realized then and there that these kids were demonstrating the future of work. What they take for granted is sadly often not possible in the work environment for a variety of reasons, but I couldn’t stop thinking that security is a big stumbling block to achieving the productivity new collaboration tools offer.

So, what is on your IT wish list? Do you want to move your CRM to the cloud? Or streamline your customer service delivery, or give your team access to data analytics no matter where they are? Or are you looking to eliminate paper and go all digital? Whatever it is, don’t let security be a barrier. If you want to learn how to turn IT security into the Department of Yes, contact SonicWall Security.

SonicWall Next-Gen Firewall Consistently Ranks as Recommended Year After Year

The hacking economy continues to thrive. As you can see for the timeline chart below, we have seen data breach headlines in every industry verticals regardless of their size. Cyber-criminals made the most of their opportunities last year, and rest assured it’s unlikely to be any different for years to come.

Timeline of high profile breaches in 2015

If the fear of a network breach keeps you up at night wondering if you’ve done a thorough job measuring the effectiveness of your cyber-defense system, then you’re in good company. Even a slight doubt about your firewall capability forces you to worry regularly if you are successful as you can be in thwarting preventable attacks on your networks. Burdened with the possibility of having to deal with security incidents, you may ask if there is a reliable way to lessen this anxiety. The good news is the answer is yes!

Once a year, leading next-generation firewalls (NGFWs) vendors gear up to participate in the industry’s rigorous security and performance tests, conducted by NSS Labs, a trusted authority in independent product testing. NSS designs various permutations of real-world test conditions and parameters specifically to address the challenges security professionals face when measuring and determining if their firewall is truly performing as their vendor has promised. Upon completion of these tests, NSS publishes a comprehensive result-based report on all participating vendors. Each vendor’s product is ranked either “Recommended,”“Neutral” or “Caution” based on its weighted score across key evaluation criteria including security effectiveness, resistance to evasion, performance, and stability and reliability.

Definition:

  1. A “Recommended” rating from NSS indicates that a product has performed well and deserves strong consideration. Only the top technical products earn this rating from NSS, regardless of market share, company size, or brand recognition.
  2. A “Neutral” rating from NSS indicates that a product has performed reasonably well and should continue to be used if it is the incumbent within an organization.
  3. A “Caution” rating from NSS indicates that a product has performed poorly. Organizations using one of these products should review their security posture and other threat mitigation factors, including possible alternative configurations and replacement. Products that earn a Caution rating from NSS should not be short-listed or renewed.

NSS started this vendor group test four years ago, so it has a significant amount of knowledge and experience in security product testing. Over this period, I have observed many vendors that have moved in and out of the NSS Labs “Recommended” quadrant as NSS’s test methodologies have evolved. This should give you total clarity and confidence toward those vendors with products that have repeatedly and consistently performed well year over year, while providing specific guidance on how to proceed with products that performed poorly or inconsistently. You can find out how your current firewall vendor performed in the latest 2016 Next Generation Firewall Comparative Report ““ Security Value Mapâ„¢ (SVM). The SVM gives you a complete scorecard and ranking for each product tested. I urge you to read the entire set of NSS Labs NGFW reports, including the SVM, Comparative Analysis Report (CAR) and product Test Report (TR), to help you evaluate your current security posture and take immediate action where necessary.

For four years running, SonicWall has prevailed in the NSS Labs vendor group test. The SonicWall SuperMassiveâ„¢ E10800 is one of only three vendor products to have earned the coveted “Recommended” rating in the NSS Labs Next-Generation Firewall Security Value Map for four consecutive years. This year, the SuperMassive E10800 once again demonstrated one of the highest security effectiveness ratings in the industry, blocking 98.83 percent of exploits during continuous live testing. The device also consistently scored 100 percent effective against all tested evasion techniques and passed all manageability, stability and reliability tests. These are highly credible and verifiable proof points that SonicWall next-generation firewalls deliver on our product promise, and empowers you to achieve breakthrough performance at unprecedented levels of protection. The same technology is used in SonicWall SuperMassive, NSA and TZ firewalls, so they are also highly secure.

Figure of NSS Labs 2016 Security Value Map (SVM) for Next Generation Firewall (NGFW)

Learn more. Read the 2016 NSS Labs Next-Generation Firewall Security Value Map SVM Report.

New SonicWall Email Security 8.2 w. Cyren AV

The foundation of email threat protection has long been anti-virus technology and IP reputation databases. Threat research teams across the globe are hard at work analyzing email, identifying spam and malware, and building anti-virus and IP reputation database libraries to help combat threats. Experts agree that for best threat protection, email security solutions should not rely on a single anti-virus engine or reputation database, but should integrate multiple sources to maximize security effectiveness.

To deliver best-in-class email threat protection, SonicWall Email Security 8.2 includes multiple anti-virus technologies, including SonicWall Global Response Intelligent Defense (GRID) Anti-Virus, SonicWall Time Zero, and premium anti-virus technologies, including McAfee, Kaspersky, and now, Cyren Anti-Virus.

Cyren AV is now included with SonicWall Hosted Email Security and, for customers that prefer an on-prem solution, available with Email Security appliance and software release 8.2, when purchased with the Total Secure subscription service. The SonicWall Email Security offers seamless set-up for IT administrators and provides immediate results.

“Since replacing our Barracuda appliance with SonicWall, we achieved a 95 percent reduction in spam reaching user mailboxes,” saidGary Walker, network administrator, City of Alexandria.

With SonicWall Email Security solutions, our GRID Network performs rigorous testing and evaluation of millions of emails every day, and then reapplies this constantly updated analysis to provide exceptional spam-blocking results and anti-virus and anti-spyware protection.  SonicWall Time Zero Virus Protection uses predictive and responsive technologies to protect organizations from virus infections before anti-virus signature updates are available. Suspect emails are identified and immediately quarantined, safeguarding the network from the time a virus outbreak occurs until the time an anti-virus signature update is available. Moreover, premium anti-virus technology from industry-leading, anti-virus partners including McAfee, Kaspersky, and Cyren provides an additional layer of anti-virus protection, resulting in protection superior to that provided by solutions that rely on a single anti-virus technology. In addition to the multi-layer threat protection and ease of use, the SonicWall solution is affordable and provides low TCO.

“With SonicWall, we have easily saved $30,000, and will save an additional $15,000 each year,” said Walker.

Learn More about SonicWall Email Security

For more information about SonicWall Email Security, please visit our website, refer to the SonicWall Email Security 8.2 release notesor contact a SonicWall representative at 1.888.557.6642, or emailsales@sonicwall.com

Combat Cyber Espionage with New SonicWall TZ Wireless Firewalls

How many times have you heard the phrase, “Your data is your most valuable possession?” Pretty often I bet. And it’s true. The information your organization keeps is extremely important not only to you, but to your customers as well.

I was thinking about this the other day while watching a scene from the movie “The Incredibles” where the superhero mom tells her daughter, “Your identity is your most valuable possession. Protect it.” That’s good advice, whether it’s data, records or even the identity of your employees or your customers. Protecting the things that are valuable to your organization from the seemingly relentless onslaught of theft is critical in today’s world.

Every day we are all potential victims of cyber-espionage. It doesn’t matter what size your organization is. Sure, the bigger the victim the larger the headline. To safeguard our customers against attack, today SonicWall has announced the new SonicWall TZ Wireless firewall series which combines enterprise-grade security, deep packet inspection of SSL-encrypted traffic and integrated high-speed 802.11ac wireless for small and medium-sized businesses and distributed enterprises.

Back in April we announced our new lineup of secure, high-performance SonicWall TZ series firewalls that help both small and medium-sized businesses (SMBs) and large distributed enterprises protect their most valuable assets. The TZ series allows SoincWall to offer market-leading security solutions to its customers at a price that fits under even the tightest budgets. With these new firewalls, small organizations can afford the same security effectiveness as large enterprises.

One of our premier partners, Western NRG, has already experienced the incredible benefits of the new TZ wireless firewalls.

“Since I upgraded my remote office from a TZ 105 Wireless to the new TZ500 Wireless I have noticed a substantial increase in my Internet speeds! I am truly taking advantage of the 100Mb download offering from my ISP. In addition, I have also added the new SonicPoint ACi to the network. The boys at NRG configured the TZ500 Wireless and the SonicPoint ACi to use the 5GHz radio and a single SSID which allows me to connect anywhere in the multi-story 3400 square foot facility and have seamless wireless access to networking resources now with amazing speeds!” said Tim Martinez, president of Western NRG, Inc.

The TZ Wireless series takes security and performance another giant step forward with built-in secure WiFi connectivity. And not just any WiFi. With these new firewalls, our customers can have the same level of protection and performance on their wireless networks as they do on their wired networks.

If you’re familiar with the benefits of 802.11ac, good for you. If you’re not, there are plenty of articles you can read on the subject. Even better, check out Scott Grebe’s blog titled “Three Reasons to Make the Jump to 802.11ac.”If you don’t have the time, here is the abbreviated version.

  • 802.11ac is really fast. It’s about 3x faster than its predecessor 802.11n. Faster speed means greater employee productivity and a better user experience.
  • 802.11ac enhances the quality of the wireless signal. Ever have a poor WiFi or cellular connection? How did that make you feel?
  • 802.11ac plays well with earlier wireless standards. In other words, it’s backward compatible with WiFi devices that use the 802.11n, b, g or a standards like your mobile phone, tablet and laptop so you can continue to use them to connect to the wireless network if you want.

The integration of high-speed wireless into our TZ series firewalls is good news for SonicWall customers. It enables us to offer them a complete security solution for wired and wireless networks of all sizes. SMBs love the highly integrated nature of the TZ series along with the simplified setup and management. Configuration of the LAN and wireless LAN and accompanying security is all done through the appliance’s GUI. So is the management. Distributed enterprises also enjoy these same benefits, however many take things a step further by adding our award-winning Global Management System (GMS) to enable centralized management and reporting of multiple TZ series firewalls deployed in different locations.

With the introduction of our new TZ Wireless series we have our strongest lineup ever of wired and wireless firewall solutions for SMBs and distributed enterprises. Whether it’s our customers’ data, their records or even their superhero identities, we’re able to protect it like no one else. If you want to learn more about the TZ series including our new wireless models featuring 802.11ac, check out the TZ series page on our website.

Seven Layers of Protection from Hacked Websites

In January 2015, celebrity chef Jamie Oliver announced that his website, which attracts 10 million visitors per month, had been compromised. This followed an announcement by Forbes that a month earlier, in December of 2014, the highly visible “Thought of the Day” flash widget had been compromised as well. In both of these, the hacked website was simply the first step in a complex process that is carefully engineered to make money off of unsuspecting internet users.

Most people are surprised to learn that the Hollywood perpetuated stereotype of the cyber-criminal is a myth. We imagine an evil genius sitting in a dark room, typing feverishly to hack into the good guy’s networks in real time, guessing passwords and avoiding law enforcement through well-timed keystroke sequences as he goes. The reality is much less intriguing. The tools that are used for these exploits are often generic off-the-shelf software developed by third-party developers and then sold on the black market. The sale of criminal tools – exploit kits, malware droppers, malware itself and more — has become a big business in itself. In fact, according to researchers, in the case of the Jamie Oliver website, a popular and widely available hacking tool named Fiesta was used to scan visitors’ computers and look for vulnerabilities that could be exploited to deliver the malware. Our own  SonicWall threat research shows that Angler was the most commonly used exploit kit in 2014, resulting in over 60 percent of the exploits that we saw last year.

To add to the problem, NSS labs estimates that 75 percent of the world’s computers and 85 percent of the computers in North America are poorly protected against these exploits. Even worse, anti-virus (AV) software that is typically used to protect computers provides only adequate security at best.

How do websites get compromised?

The attacker will generally target websites with vulnerabilities that allow them to modify the HTML on the web page. A prime target for cybercriminals is a website that is highly trusted and high volume like Forbes.com. In many cases, attackers will look to compromise ad servers which generate a huge amount of views. After a webpage with a vulnerability is identified, users can be tricked into clicking links to a separate landing page on a rogue web server that hosts the exploit kit. In the more disturbing case of a so-called drive-by download, an exploit kit automatically loads content from the malware server with zero end user interaction required.

The exploit kit then attempts to scan the user’s computer looking for vulnerabilities in common applications. We know that most people ignore OS patches, and even more people ignore browser, Java and Flash patches. A sophisticated attacker may independently find a vulnerability, but more likely he or she will use published vulnerabilities. The level of sophistication of these exploit kits varies, but some will even check IP addresses to ensure that the target computer matches the desired profile, for example a residential PC.

Once a vulnerable application is discovered, the exploit is launched and if successful the chosen malware payload is finally downloaded to the victim’s computer. While one common payload delivers malware that takes control of the victim’s computers (this is called a bot as in robot or zombie), other malware can be used to steal data, log keystrokes, or launch distributed DOS attacks on other websites. Another common payload is called ransomware because it encrypts all data on the victim’s computer and holds it until the data owner provides a valid credit card number and pays to unlock the data. The reality with these attacks is that anybody and everybody is a target – the mom and pop business owner, gas station attendant, grandma and grandpa, business executive or school teacher – everyone is a potential victim.

A layered approach for protection from compromised website exploits

No single tool or technique is guaranteed to stop these attacks, but there are a variety of tactics that can be utilized to minimize the chance of a successful exploit.

  1. Gateway malware protection. Modern firewalls, also known as next-generation firewalls, provide much more intensive packet scanning than legacy firewalls. Deep packet inspection is used to inspect not only the header portion of the packet but also the payload, searching for viruses, Trojans and intrusion attempts. This level of inspection will often block the download of the malware payload.
  2. Patch management. Since most of the known exploits take advantage of vulnerable versions of applications, it is critical that you continuously apply the latest versions of software to all of your servers, PCs, Macs, Chromebooks, smartphones, tablets, printers, networking gear and other connected non-computing devices. Whew! Systems management solutions automate this patching for larger organizations.
  3. Automatically updated desktop AV clients. Standard desktop anti-virus clients provide a level of protection from the malware payloads that are used in these attacks, but it is critical that the desktop client is kept up-to-date. Ideally, if you are in charge of security, you would have a way to enforce the use of the clients because users love to turn off AV when they perceive that it slows down their computer. And unfortunately, in some cases malware disables AV or uses advanced methods to avoid detection so this is just one layer in the overall security strategy.
  4. Internet/web content filtering. There are a wide variety of solutions on the market that allow an organization to filter the URLs that can be accessed by users inside the network. Filtering in many cases will block the redirect to the malware server, and is a standard feature on most next-generation firewalls.
  5. Botnet filtering. Deep packet inspection also provides the ability to determine if connections are being made to or from botnet command and control servers. Many next-generation firewalls have continuously updated lists of these servers. Botnet filtering is a layer of security that will block communications to and from already compromised computers participating in botnets from behind the firewall.
  6. GeoIP filtering. Another feature of next-generation firewalls that can be useful in preventing bots from communicating with their command and control server is to restrict communications based on geography. GeoIP data includes the country, city, area code and much more. This is useful if an organization can exclude geographies that are known cyber-security risks such as Russia or China.
  7. Outbound email protection. Attackers will often use the computers that they are able to exploit as spambots to send spam mail as part of a larger spam campaign. These computers are often called zombies because they are remotely controlled by another person, in this case the spam botmaster. Email security solutions can scan outbound mail for signals that the computer has been compromised and determine that a system has been compromised.

Security professionals realize the complexity of the risks posed by compromised websites. Unfortunately, there is no magic bullet to preventing exploits, but a layered approach to security can minimize the risk to your organization.

To learn more about protecting your network from these types of exploits, read the new SonicWall Security eBook, “Types of Cyber-Attacks and How to Prevent Them.” Follow me on Twitter @johngord.