Posts

Protect Web Applications Running Private, Public or Hybrid Cloud Environments

With the number of attempted web attacks ranging up to millions over the course a year, you need to ensure web application security. You need a solution that protects both your public and internal web properties.

Why you need a web application firewall

Today’s businesses strive to provide the highest possible service experience and engagement through different types of interactive web applications and user-friendly mobile applications. Over half of the world population uses the internet. Ninety three percent of them now go online, and perhaps stay online longer, using their mobile devices as opposed to their computers.

With the addition of the Internet-of-Things (IoT), we have now added tens of billions of devices already connected, communicating and exchanging data through web and mobile applications today — from TVs, digital wearables, cars, gaming consoles and vending units, to all sorts of smart appliances. This makes web applications more critical now than ever before. You need keep them all online and safe.

What makes a good web application firewall?

An ideal   solution requires a comprehensive foundation for application security, data leak prevention, performance and management. With most web servers vulnerable to a wide spectrum of web-based exploits, you need a dynamic web application firewall to provide continuous real-time protection for web properties, whether they are hosted on-premises or in the public cloud. A best-practices WAF solution requires feature-rich web security tools and services to keep web properties safe, undisrupted and in peak performance every single day.

SonicWall Web Application Firewall

Our award-winning solutions give you a defense-in-depth strategy to protect your web applications running in private, public or hybrid cloud environments. It offers you a complete, out-of-box compliance solution for application-centric security that is easy to manage and deploy.

The SonicWall WAF series arms you with advanced web security tools and services to protect your data and web properties against modern, web-based threats. It applies deep packet inspection of Layer 7 web traffic against a regularly updated database of known signatures, denies access upon detecting web application threats and redirects users to an explanatory error page.

In addition, the SonicWall WAF baselines regular web application usage and behavior, and identifies anomalies that may be indicative of attempts to compromise the application, steal data and/or cause a denial of service (DoS).

SonicWall WAF employs a combination of signature-based and application profiling deep-packet inspection, and high-performance, real-time intrusion scanning engine, to dynamically defend against evolving threats, as outlined by the Open Web Application Security Project (OWASP), as well as more advanced web application threats like denial-of-service (DoS) attacks and context-aware exploits.  Moreover, it learns, interrogates and baselines regular web application usage behaviors and identifies anomalies that may indicate attempts to compromise the application, steal data and/or cause a denial of service.

The WAF series gives you economy-of-scale benefits of virtualization. You can deploy it as a virtual appliance in private clouds based on VMWare or Microsoft Hyper-V; or in AWS or Microsoft Azure public cloud environments. This gives you all the security advantages of a physical WAF with the operational and economic benefits of virtualization, including system scalability and agility, speed of system provisioning, simple management and cost reduction.

Acceleration features include load balancing, content caching, compression and connection multiplexing to improve performance of protected websites, and significantly reduce transactional costs. A robust dashboard gives you an easy-to-use, web-based management interface featuring status page overview of all monitoring and blocking activities, such as signature database status information and threats detected and prevented since boot-up.

The is available in four models that represent their inspection capacities and can be deployed on a broad range of public cloud, private cloud and virtualized deployment use cases.

To learn more about protecting web applications, explore our latest solution brief, “Best Practices for Web Application Firewall.”

3 Disruptive Trends Driving Demand for Automated Cyber Security for SMBs

Organizations typically struggle to provide a holistic security posture. There are many security vendors providing exciting and innovative solutions. But from a customer perspective, they often become various point solutions solving several unique problems. This often becomes cumbersome, expensive and unmanageable. Some of the most recent trends in this area are discussed in this blog, which could bring about even further complexity to an organizations security posture.

IoT the new mobile?

Internet of Things (IoT) brings similar challenges to the industry, to those which mobile introduced over the last eight years. These endpoints are non general-purpose computing devices often with a specific function, but typically have an operating system, applications and internet access. Unlike Mobile, IoT devices do not usually have the same high level of user interaction, so breaches are more likely to go unnoticed.  The result of poor security controls can result in similar events, to the recent IoT botnet which caused havoc to major online services, including Twitter, Spotify and GitHub.

The industry should look to the lessons from securing mobile and apply these to IoT. This is most important in the consumer space, but as with mobile we’ll see risks arise in the commercial also, including HVAC, alarm systems and even POS devices.

Mobile and Desktop Convergence

More focus needs to be spent on unifying the identity, access and controls for mobile and desktop security. As this often requires custom integration across differing solutions and products, it’s difficult to maintain and troubleshoot when things go wrong.

Some solutions only focus on data protection, endpoint lockdown or only on mobile applications. By themselves, none of these go far enough, and software vendors should aim to provide more open ecosystems. By exposing well documented APIs to customers and integration partners, this would allow for better uniformity across services, with a richer workflow and improved security.

Cloud and SaaS

As we see endpoints split across mobile and desktop, customers are rapidly splitting data across a hybrid IT environment. While we expect hybrid to be the norm for many years to come, organizations need to consider how the security and usability can be blended, in a way that security controls don’t become too fragmented, or result in a poor experience for users and unmanageable for IT.

How SMBs can automate breach detection and prevention

The impact of a security breach to the SMB is significant. When large organizations detect fraudulent activities, they expect to write off a fair percentage of the cost. On the flip side, the impact of a $50,000-$200,000 incident to a small business could be enough for it to cease trading. To the attacker, SMBs are a relatively easy target; as they may not have the expertise or man-power to protect against an advanced and persistent threat.

For 25 years, SonicWall has maintained a rich security portfolio, which is primarily focused on delivering enterprise-grade security for our SMB customers. Our vision is to simplify and automate, to solve complex security challenges — all while meeting the constantly evolving threats. It’s an ongoing arms race after all!

Taking full advantage of our vast database of threat intelligence data, coupled with our advanced research from SonicWall Capture Labs team, we ensure our customers of all sizes can detect and prevent from these threats.  The breadth and depth of our portfolio, also includes those that specifically help with mobile, cloud and IoT security.

Stop ransomware and zero-day cyber attacks

One of our biggest strengths is combatting advanced persistent threats, ransomware and zero-day cyber attacks with the award-winning SonicWall Capture Advanced Threat Protection (ATP) multi-engine sandbox. Capture ATP is now available as a security service across each product in our portfolio, providing a unique protection solution across a multitude of scenarios.

Simplify endpoint protection

For endpoint protection, we are also very excited with our recent partnership agreement with SentinelOne.  This brings the highest level of zero-day malware prevention on the endpoint while concurrently simplifying solutions for organizations of all shapes and sizes.

To learn more about how SonicWall helps our customers implement mobile security, download: Empowering Mobile Workforce to Collaborate Securely.