Posts

SonicWall Generation 7 Firewalls: Stability, Security, Scalability

In the first half of 2023, SonicWall Capture Labs threat researchers recorded a 399% increase in cryptojacking, a 22% increase in encrypted threats, and a 37% increase in IoT malware attacks. And we’ve continued to see attacks increase in sophistication, with the methods used and the speed with which they work both continuing to rise.

What is needed today is a rapid evolution in the way we conduct cybersecurity. Not only will we have to change our behavior with better personal security practices, but we must also deploy more innovative technology that has the capacity and durability to meet the urgent call for better protection.

SonicWall Next-Generation Firewalls Answers the Call

At SonicWall, we aren’t just retreading the path we’ve traveled. We’re also looking at the power and flexibility of new advancements that bring enterprises and SMBs alike to a level where they can stop attacks from many vectors. Our vision for cybersecurity is to protect organizations from the broadest spectrum of intrusions and pre-emptively reduce cyber risk — all while achieving greater protection across devices, new perimeters and network segments more efficiently while lowering the total cost of ownership.

Regardless of your organization’s size, the industry you serve, or where your employees work, you’ll benefit from our relentless dedication to bringing you NGFWs that offer the security, control and visibility you need to maintain an effective cybersecurity posture.

SonicWall NGFWs Designed for Enterprises, Governments and Service Providers

The SonicWall Generation 7 firewalls run on the SonicOS 7 operating system and include advanced networking features such as high availability, SD-WAN and dynamic routing. These firewalls were designed to meet the current high-demand cybersecurity landscape with validated security effectiveness and best-in-class price performance in a one or two rack unit appliance.

Our Gen 7 NGFWs protect organizations of all sizes with comprehensive, integrated security services, such as malware analysis, encrypted traffic inspection, cloud application security and URL filtering. In addition, all 17 Gen 7 NGFWs can be quickly and easily managed by SonicWall’s cloud-native Network Security Manager (NSM), which gives distributed enterprises a single, easy-to-use cloud interface for streamlined management, analytics and reporting.

The Gen 7 collection pushes security and performance thresholds to protect educational institutions, the financial industry, healthcare providers, government agencies, and MSPs/MSSPs. From the smallest home office to the largest distributed enterprise, there’s a Gen 7 NGFW designed to protect your assets — not just on prem, but in data centers, virtual environments and the cloud.

Entry-level NGFWs: The Gen 7 SonicWall TZ Series protect small businesses or branch locations from intrusion, malware and ransomware with easy-to-use, integrated security designed specifically for your needs. The TZ series includes five models, the 270, 370, 470, 570 and 670 — all of which excel at combining enterprise-grade protection with ease of use and an industry-leading TCO.

Image that shows Mid-range NGFWs: Gen 7 Network Security Appliance (NSa).

Mid-range NGFWs: Our Gen 7 Network Security Appliance (NSa) Series offers medium- to large-sized organizations industry-leading performance at the lowest total cost of ownership in their class. The NSa series consists of five models, the 2700, 3700, 4700, 5700 and 6700. Each includes comprehensive security features such as intrusion prevention, VPN, application control, malware analysis, URL filtering, DNS security, Geo-IP and botnet services.

An image that shows High-end NGFWs: The Gen 7 Network Security services platform (NSsp).

High-end NGFWs: The Gen 7 Network Security services platform (NSsp) high-end firewall series delivers the advanced threat protection, fast speeds and budget-friendly price that large enterprises, data centers and service providers demand. The NSsp series consists of four models, 10700, 11700, 13700 and 15700. Each NSsp NGFW features high port density and 100 GbE interfaces, which can process several million connections for zero-day and advanced threats.

An image that shows Virtual Firewalls: The Gen 7 NSv Series virtual firewalls are built to secure the cloud and virtual environments.

Virtual Firewalls: The Gen 7 NSv Series virtual firewalls are built to secure the cloud and virtual environments with all the security advantages of a physical firewall — including system scalability and agility, speed of system provisioning, and simple management in addition to cost reduction. The NSv series consists of three models; 270, 470 and 870, all of which excel at securing virtualized compute resources and hypervisors to protect public clouds and private cloud workloads on VMware ESXi, Microsoft Hyper-V, Nutanix and KVM.

Powered by SonicOS/OSX 7

SonicWall Gen 7 NGFWs run on SonicOS/OSX 7, the latest version of our new SonicOS operating system. This OS was built from the ground up to deliver a modern user interface, intuitive workflows and user-first design principles. In addition, it provides multiple features designed to facilitate enterprise-level workflows, easy configuration, and simplified and flexible management — all of which allow enterprises to improve security and operational efficiency.

SonicOS/OSX 7 features:

Read more details about the new SonicOS/OSX 7.

Overall Solution Value

SonicWall’s award-winning hardware and advanced technology are built into each Gen 7 NGFW to give every business the edge on evolving threats. With a solution designed for networks of all sizes, SonicWall firewalls help you meet your specific security and usability needs, all at a cost that will protect your budget while securing your network.

To learn more about the SonicWall Gen 7 NGFWs, click here.

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection

Recent ICSA testing has proven that nothing beats the combination of a NSa Series NGFW and Capture ATP. And to celebrate our latest perfect score, we’re offering you the perfect chance to score major savings on this unstoppable duo, with the return of SonicWall’s ‘3 & Free’ promotion.

For a limited time, when you purchase an NSa 2700 or NSa 3700 High Availability firewall with three years of advanced licensing, you’ll receive the primary unit with stateful license absolutely free.

Why ‘3 & Free’ is the Best Deal of the Season

“The return of our popular 3 & Free promo offers anyone waiting for a good opportunity to upgrade or replace their old firewall a chance to do so at tremendous savings,” said Jason Carter, SonicWall Executive Vice President, Americas Channels & Global Renewals. “You’ll enjoy SonicWall’s industry-leading threat capabilities, simplified management and unprecedented performance. And with the addition of a second unit, you also get the assurance of a reliable, continuous connection, all at no extra cost.”

Taking advantage of the 3 & Free promotion couldn’t be simpler: When a customer purchases an NSa 2700 or NSa 3700 High Availability appliance and three years of Advanced Protection Services Suite, they’ll also get the primary NSa 2700 or NSa 3700 NGFW and a stateful HA Upgrade Service License free.

Best of all, this promotion is for every SonicWall upgrade that qualifies. You don’t have to be a current SonicWall customer to take advantage of the savings: If you make the switch from a competing product, you’ll enjoy the same great deal.

What Sets the NSa 2700 and NSa 3700 Apart

The SonicWall NSa Series is one of the best mid-range firewalls on the market. It offers superior performance to SMBs and branches, and it’s powered by SonicOS7 — which has been redeveloped from the ground up to be more agile, flexible and user-friendly than any of its predecessors.

Not sure which firewall is right for you? Here’s a closer look at the specifics:

The NSa 2700 and NSa 3700 are both great for small businesses, medium-sized businesses and branch offices. Here's a closer look at the stats for both.

In addition to the superior threat protection provided by the NSa Series, with the purchase of three years of SonicWall Advanced Protection Services Suite, you also get access to Capture ATP with RTDMI™ (Real-Time Deep Memory Inspection™).

Capture ATP is a cloud-based, multi-engine sandbox that can detect and block the most advanced threats before they have the chance to infect your network.

Included as part of Capture ATP, our patented RTDMI™ technology leverages proprietary memory inspection, CPU instruction tracking and machine learning capabilities to become increasingly efficient at recognizing and mitigating never-before-seen attacks. This includes attacks that traditional sandboxes will likely miss, such as threats that don’t exhibit any malicious behavior and hide their weaponry via encryption.

How the NSa Series Stacks Up to the Competition

When compared with other firewalls in its class, the NSa Series with Advanced Protection Services Suite repeatedly comes out on top.

For the past seven quarters, SonicWall has submitted a NSa Series NGFW with Capture ATP and RTDMI™ for independent, third-party ICSA testing. And for the past seven consecutive quarters — over 223 days of continuous testing, consisting of 9,071 test runs — SonicWall Capture ATP found all 4,251 malicious samples, the majority of which were four hours old or less. And over this entire stretch, the solution only misidentified a single one of the 4,820 innocuous apps scattered throughout.

SonicWall has now earned more perfect scores — and more back-to-back perfect scores — than any other active vendor, with a streak of 100% threat detection scores going back to January 2021 and 11 total certifications in all.

But since threat detection is only part of the picture, SonicWall occasionally performs more thorough market comparisons to evaluate its position on factors such as total cost of ownership, performance and more.

NSa 2700 Firewall vs. Fortinet FG 100F

SonicWall also commissioned Tolly Group to perform an in-depth comparison of the SonicWall NSa 2700 and the Fortinet FG 100F, both with equivalent security services and configured in HA mode. In this evaluation, SonicWall NSa Series came out on top as well: In its report, Tolly Group noted that the SonicWall solution had a significantly lower 3-year TCO.

When Tolly Group compared the SonicWall NSa 2700 with the Fortinet FG100F, SonicWall had a much lower cost per Gbps of threat protection.

This was due to several factors, chief among them the fact that SonicWall only charges for licensing the primary unit in a High Availability deployment. Given that the SonicWall NSa 2700 offers 3 Gbps to the FG100’s 1 Gbps, the Fortinet solution had a cost per Gbps of traffic protected that was 4.5 times that of the SonicWall solution. (Keep in mind that this value comparison used regular SonicWall pricing: Those taking advantage of the 3 & Free promotion will see even greater savings.)

The report also noted that in NetSecOpen testing, the NSa 2700 had an overall block rate of 99.43%, compared with 93.98% for the Fortinet appliance — yet another confirmation of SonicWall’s superior threat-blocking capabilities.

Enjoy the Speed and Safety of TLS 1.3 Support

The best products tend to stick around for a while. In the first two years that the Ford Mustang was manufactured, 1965 and 1966, roughly 1.3 million cars rolled off assembly lines in Dearborn, Mich.; Metuchen, N.J.; and Milpitas, Calif. Of those, a remarkable 350,000 are still on the road today — and with proper care, still getting from Point A to Point B just as well as they did during the Johnson Administration.

But aesthetics aside, does that make them a good choice for a daily driver today? In a crash test with any modern vehicle (or a race with any of today’s Mustangs), the first-generation Mustang would be completely overwhelmed. Safety features we take for granted, such as airbags, lane-keep assist, blind spot detection and anti-lock brakes, are absent. These cars might do fine for the occasional Sunday spin around town. But would you put your family in one?

When a product forms the boundary between something precious and grave disaster, you want that product to be as safe as possible. This also holds true for another Milpitas innovation: SonicWall firewalls. To know whether your current choice is still the right choice, it helps to look at what innovations have occurred since then, and whether they were incremental improvements or giant leaps forward. In the case of TLS 1.3 encryption support, it’s unquestionably the latter.

TLS 1.3 is the latest version of transport layer security, which offers reliable encryption for digital communications over the internet. And as with the Mustang before it, modern innovations have led to sizeable leaps in two areas: safety and performance.

TLS 1.3: Safety First

Since the original SSL technology was introduced in 1994, each new version has worked to solve the problems of the previous versions while also maintaining compatibility with those versions. But, unfortunately, maintaining backward compatibility meant leaving in many unnecessary or vulnerable ciphers.

These legacy ciphers made the encryption susceptible to attack, offering attackers a vector through which to circumvent newer security advances in favor of older and weaker protection. A few of the ciphers that persisted up through TLS 1.2 were so weak that they allow an attacker to decrypt the data’s contents without having the key.

TLS 1.3 represents a fundamental shift in this philosophy. Due to a sharp increase in attacks, such as Lucky13, BEAST, POODLE, Logjam and FREAK, which depend on such vulnerabilities for transmission, the Internet Engineering Task Force (IETF) opted to remove these ciphers altogether — and the resulting TLS 1.3 is vastly more secure because of it.

It’s also more private. In previous versions, including 1.2, digital signatures weren’t used to ensure a handshake’s integrity — they only protected the part of the handshake after the cipher-suite negotiation, allowing attackers to manipulate the negotiation and access the entire conversation.

In TLS 1.3, the entire handshake is encrypted, and only the sender and the recipient can decrypt the traffic. This not only makes it virtually impossible for outsiders to eavesdrop on client/server communications and much harder for attackers to launch man-in-the-middle attacks, it also protects existing communications even if future communications are compromised.

TLS 1.3: Safety Fast

With TLS 1.3, the handshake process isn’t just more secure — it’s faster, too. The four-step handshake required with TLS 1.2 necessitated two round-trip exchanges between systems, introducing latency and taking up bandwidth and power.

These slowdowns especially affected the growing class of Internet of Things (IoT) devices, which have trouble handling connections requiring lots of bandwidth or power, but also tend to need encryption most due to weak onboard security.

However, with just a single key exchange and significantly fewer supported ciphers, TLS 1.3 uses considerably less bandwidth. And because it requires just one round trip to complete the handshake, it’s significantly faster. TLS 1.3’s zero round trip time (0-RTT) feature is even quicker: On subsequent visits, it offers a latency time equal to that of unencrypted HTTP.

Is Your Firewall Up to the Task?

Experts estimate that 80-90% of all network traffic today is encrypted. But many legacy firewalls lack the capability or processing power to detect, inspect and mitigate cyberattacks sent via HTTPs traffic at all, let alone using TLS 1.3 — making this a highly successful avenue for hackers to deploy and execute malware.

According to the 2022 SonicWall Cyber Threat Report, from 2020 to 2021, malware sent over HTTPS rose a staggering 167%. All told, SonicWall recorded 10.1 million encrypted attacks in 2021 — almost as many as in 2018, 2019 and 2020 combined.

With an average of 7% of customers seeing an encrypted attack in a given month, the odds your organization will be targeted by an attack this year are enormous. But if your firewall cannot inspect encrypted traffic — and increasingly, if it cannot inspect TLS 1.3 — you’ll never know it until it’s too late.

SonicWall Supports TLS 1.3 Encryption

SonicWall Gen 7 firewalls bring a lot to the table: They combine higher port density and greater threat throughput with comprehensive malware analysis, unmatched simplicity and industry-leading performance. But among the biggest game-changers in Gen 7 (and its predecessors capable of running SonicOS Gen 6.5) is its support for TLS 1.3 encryption.

SonicWall NGFWs with SonicOS Gen 6.5 and later offer full TLS inspection, decrypting data, checking it for potential threats, and then re-encrypting it for secure transmission — all while ensuring you retain optimal performance and comprehensive visibility.

After all, as in the case of the classic Mustang, there’s no blind spot detection for firewalls that can’t handle today’s encrypted traffic — and these legacy solutions are easily outclassed when going head-to-head. Don’t let yesterday’s firewalls leave unprotected gaps in your network: Upgrade to SonicWall Gen 7 today.

 

Don’t Let Global Supply Chain Issues Impact Your Security

Switch to SonicWall and secure your environment today without supply chain delays.

Every so often, we get clear examples of why it pays to be prepared. But, as the pandemic continues to impact the global workforce, it also reveals how interconnected and fragile the global supply chain can be.

A recent survey found that 75% of companies have had negative or strongly negative impacts on their businesses due to disruption from the COVID-19 pandemic. Especially vulnerable and consequential in this tale has been the computer chips shortage and its effect on security vendors. Many firms do not have the product in their inventory to meet their customers’ demands. To remedy these problems, vendors are trying many approaches, ranging from delaying upgrades, upselling more expensive products, cutting functionalities to outright EOL-ing (End-Of-Life) some products.

In the pantheon of cybersecurity, such delays can be catastrophic. As ransomware gangs roam global networks seemingly unopposed, shortages and supply disruptions impose a full range of unpleasant experiences, from uncertainty to total disruption of their network security expansion plans. The situation is increasingly problematic as delays expose networks to unnecessary risk as attackers take advantage of known and fixable gaps in security. Network managers understand, but who can blame them for seeking out more reliable sources?

Not all Security Vendors Are Impacted Equally by Shortages

The fact is, not all security vendors are impacted at the same level. Some had the foresight to manage the situation mitigating the risk and effect of global shortages and delays. For SonicWall, we got busy working diligently to minimize disruptions and maintain a robust product supply. At the earliest signs of shortages, we started working with our partners to strategically manage our supply positions. Collaborating diligently with our suppliers, we identified crucial parts and increased our supply in anticipation of a strong rebound. As a result, SonicWall is fulfilling 95% of orders within three days of receiving them.

Benjamin Franklin wrote, “By failing to prepare, you are preparing to fail.” We’ve taken that adage to heart by working closely with our suppliers to identify shortages in the supply chain and redesigned our solutions to take advantage of more readily available parts without sacrificing the quality or durability of our products. These preparatory efforts were well worth it, given the severity of the chip shortage that persists. Having successfully met global challenges in the supply chain allows us to respond to our customer needs more readily with the solutions they need.

The Rewards of Being Prepared

By being prepared, we acted on our customer’s behalf. The reward for all our work is a strong inventory of products, while many of our competitors struggle to fill theirs. If your current security vendor is giving you excuses and can’t offer you the solution you need in a timely manner, it is time to talk to SonicWall. We are ready to deliver the products you need and work with you to implement them now.

Contact Us for more information.

Non-Standard Ports Are Under Cyberattack

If you like watching superhero movies, at some point you’ll hear characters talk about protecting their identities through anonymity. With the exception of Iron Man, hiding their true identities provides superheroes with a form of protection. Network security is similar in this respect.

‘Security through obscurity’ is a phrase that’s received both praise and criticism. If you drive your car on side streets instead of the freeway to avoid potential accidents, does that make you safer? Can you get to where you need to go as efficiently? It’s possible, but it doesn’t mean you can evade bad things forever.

Difference between standard and non-standard ports

Firewall ports are assigned by the Internet Assigned Numbers Authority (IANA) to serve specific purposes or services.

While there are over 40,000 registered ports, only a handful are commonly used. They are the ‘standard’ ports. For example, HTTP (web pages) uses port 80, HTTPS (websites that use encryption) uses port 443 and SMTP (email) uses port 25.

Firewalls configured to listen on these ports are available to receive traffic. Cybercriminals know this too, so most of their attacks target the commonly used ports. Of course, companies typically fortify these ports against threats.

In response to the barrage of attacks aimed at standard ports, some organizations have turned to using ‘non-standard’ ports for their services. A non-standard port is one that is used for a purpose other than its default assignment. Using port 8080 instead of port 80 for web traffic is one example.

This is the ‘security through obscurity’ strategy. While it may keep cybercriminals confused for a while, it’s not a long-term security solution. Also, it can make connecting to your web server more difficult for users because their browser is pre-configured to use port 80.

Attacks on non-standard ports

Data in the 2019 SonicWall Cyber Threat Report indicates that the number of attacks directed at non-standard ports has grown. In 2017, SonicWall found that over 17.7% of malware attacks came over non-standard ports.

In comparison, that number was 19.2% in 2018, an increase of 8.7 percent. December 2018 alone hit an even higher number at 23%.

How do I protect non-standard ports?

The best defense against cyberattacks targeting services across both standard and non-standard ports is to have a layered security strategy.

Using ‘security through obscurity’ is just one layer. Relying on it too heavily, however, won’t provide the level of security you need. It may help against port scans, but it won’t stop cyberattacks that are more focused.

You’ll also want to take some other actions, such as changing passwords frequently, using two-factor authentication, and applying patches and updates. And, you’ll want to use a firewall that can analyze specific artifacts instead of all traffic (i.e., proxy-based approach).

Cybersecurity for SMBs: Bundled Network Security Delivers Cost-Effective Protection

If you’re a small- or medium-sized business (SMB), don’t bury your head in the digital sand. Cybercriminals don’t discriminate. Your data, credentials or access could be valuable to them in ways not immediately apparent. SMB cybersecurity is critical.

Unfortunately, SMBs also haven’t received the necessary guidance in terms of government support. That’s alarming since in September 2018 alone, the average SonicWall customer faced 1,662 malware attacks. For the year, SonicWall recorded 8.5 billion malware attacks globally — a 54 percent increase over 2017.

There is good news, however. In August 2018, President Trump signed into law the new NIST Small Business Cybersecurity Act. New legislation in Canada and the UK bring hope for similar protections.

But in many cases, cybersecurity guidance isn’t immediately available. In the U.S., for example, NIST has a year to deliver the guidance (read our eBook to learn more). Regardless of geographic location, a year is a long time for SMBs to wait to either enhance or begin their cybersecurity strategy. For this reason, SonicWall has created cost-effective cybersecurity bundles tailored specifically for SMBs.

Bundled Security for SMBs

The SonicWall TotalSecure SMB Bundle* provides robust cybersecurity technology and services that defend growing SMBs from the volume and sophistication of modern cyberattacks.

The tailored package includes high-performance network security, endpoint protection, cloud sandbox, content filtering, online management and more. Admins can also use powerful reporting functions to easily check the health of the network and endpoints and remediate threats if ever needed.

What’s includedWhat you get
  • Perimeter firewall protection, including SSL traffic inspection
  • Intrusion prevention
  • Content filtering
  • Zero-day defense via Capture ATP with RTDMI
  • Behavior-based endpoint security
  • Endpoint rollback (Windows only)
  • Advanced reporting and attack visualization

Bundled Security for Small Offices

The SonicWall TotalSecure SMB Bundle* also is available for small or home offices. It provides foundational cybersecurity tools that help smaller organizations mitigate cyberattacks from the perimeter to the endpoint.

It’s a comprehensive, out-of-the-box solution to stop cyberattacks, help remediate issues, protect endpoints and manage security — easily and efficiently.

What’s includedWhat you get
  • Perimeter firewall protection, including SSL/TLS traffic inspection
  • Intrusion prevention
  • Content Filtering Service
  • Behavior-based endpoint security
  • Endpoint rollback (Windows only)
  • Advanced reporting and attack visualization

SonicWall has been protecting SMBs for more than 27 years. SonicWall is the No. 2 cybersecurity vendor in the SMB space, according to Gartner’s Market Share: Unified Threat Management (SMB Multifunction Firewalls), Worldwide, 2017 report.

Contact SonicWall to build or enhance your cybersecurity posture for true end-to-end protection from today’s most malicious cyberattacks, including never-before-seen threats.

Lock In Your SMB Bundle

It’s time to use real-time cybersecurity to protect your business from cyberattacks. Contact a SonicWall security expert today. We’re ready to help you build a sound, cost-effective security strategy that’s just right for your business.

* Please contact SonicWall or your SonicWall SecureFirst partner for regional availability.

SonicWall Extends Next-Generation Firewalls to Public Cloud Deployments, Including AWS and Azure

Attacks on public cloud infrastructures increase every day.

“We are in the third era of computing — the cloud and mobile era — but security considerations on cloud are still not widely understood,” said Mark Russinovich, CTO of Microsoft Azure. “It is important to address the public cloud security concerns to facilitate its adoption.”

In this third era, securing the public cloud is critical. According to IDC, 83 percent of workloads are virtualized today, and 60 percent of large enterprises run virtual machines (VM) in the public cloud. With the rapid pace of cloud transformation, securing workloads in the cloud becomes challenging.

SonicWall takes on this challenge and extends the security of the private cloud to public clouds with SonicWall Network Security virtual (NSv) firewall series. In addition to public and private cloud security, NSv can also provide end-to-end security for multi-cloud deployments.

Cloud technology provides greater agility, scalability and infrastructure consistency, improving business efficiency. Public cloud environments supported by SonicWall NSv includes Amazon Web Services (AWS)* and Microsoft Azure.

True Next-Generation Virtual Firewall Series

SonicWall NSv series brings industry-leading next-generation firewall (NGFW) capabilities, such as application intelligence and control, real-time monitoring, IPS, TLS/SSL decryption and inspection, advanced threat protection, VPN and network segmentation capabilities, to protect your AWS and Azure environments.

NSv supports all security and networking features similar to SonicWall next-gen hardware firewall appliances, including our patented Reassembly-Free Deep Packet Inspection (RFDPI) technology and award-winning Capture Advanced Threat Protection (ATP) sandbox with Real-Time Deep Memory Inspection (RTDMI) to stop both known and unknown (e.g., zero day) cyberattacks.

You can gain complete visibility and control of your traffic across multiple virtual private cloud (VPC) and virtual networks (VN), plus provide seamless security and management capabilities with a single-pane-of-glass experience. With NSv, you can take advantage of agility, scalability, high-performance, lower operational cost, quick time-to-deployment and drive innovation.

The public platform support is available across multiple NSv models, such as NSv 200/400/800/1600. Based on the fully-featured SonicOS 6.5.0, NSv makes the move to the cloud easier and safer.

Protect Public Cloud Data, Applications with SonicWall NSv

NSv addresses some of the critical needs of public cloud security. Below are some of the key benefits of leveraging NSv to protect your public cloud infrastructure and resources.

  • Gain complete visibility into virtual environment for threat prevention
  • Implement proper security zoning and ensure appropriate placement of policies
  • Defend against zero-day vulnerabilities with SonicWall Capture ATP
  • Prevent service disruptions in the virtual ecosystem
  • Gain centralized control and visibility with single-pane-of-glass management via Capture Security Center
  • Leverage agility and scalability without performance impact
  • Maintain security governance, compliance and risk management

SonicWall NSv can be deployed in a variety of use cases including the ones below:

  • Internet gateway for ingress/egress traffic protection
  • Lateral protection of east-west traffic
  • Site-to-site VPN deployment
  • Secure end-to-end remote access
  • Multi-cloud secure connectivity

Why Choose SonicWall NSv?

In addition to the various key benefits in leveraging NSv, below are some additional reasons why you should choose NSv as the security of choice in the public cloud.

  • Patented technologies like RTDMI, RFDPI and more
  • Robust products with over 26 years of award-winning technological innovation
  • Powerful security, powered by SonicWall next-generation firewall capabilities, now extending to the cloud

* AWS availability date pending.

Protecting Your MSSP Reputation with Behavior-Based Security

You’ve been here before. Your customer gets hit by a cyberattack and they ask, “Why did this happen? Shouldn’t your managed security service have protected us?”

Unless you give them a satisfactory answer, they may be shopping for a new partner. Over the past few years, I’ve heard several MSSPs having to explain to their customers that the malware or ransomware attack could not be stopped because they didn’t possess the technology that could mitigate new attacks.

Don’t put yourself in a situation where you can’t properly safeguard your customers — even against new or unknown attacks. To protect both your customers and your reputation against the latest threats, you need to deploy behavior-based security solutions that can better future-proof your customer environment.

The Logistics of Threat Prevention

When talking with people about threat prevention I ask, “How many new forms of malware do you think SonicWall detected last year?”

I usually hear answers in the thousands. The real answer? 56 million new forms or variants of malware in a single year. That’s more than 150,000 a day. Every day, security companies like SonicWall have teams of people creating signatures to help build in protections, but this takes time. Despite the industry’s best effort, static forms of threat elimination are limited.

Layering Security Across Customer Environments

MSSPs understand the importance of selling perimeter security, such as firewalls and email security, to scrub out most threats. These solutions will cover roughly 94-98 percent of threats. But for the smaller percentage of threats that are no less devastating, this is where behavior-based solutions come into play.

On each edge-facing firewall and email security service you need to have a network sandbox, which is an isolated environment where files can be tested to understand their intended purpose or motive. For example, the SonicWall Capture Advanced Threat Protection (ATP) sandbox is an isolated environment that is designed to run suspicious files in parallel through multiple engines to resist evasive malware. With the ability to block a file until a verdict has been reached, you can ensure that you will deliver highly vetted and clean traffic to end users.

Endpoints require a form of security that continuously monitor the system for malicious behavior because they roam outside the network perimeter and encounter fileless threats that come from vectors like malvertising.

SonicWall’s endpoint security solution (called Capture Client) only uses roughly 1 percent of the CPU’s processing power on a standard laptop. It can stop attacks before they happen as well as halt attacks as they execute. MSSPs love the ability to prevent dynamic attacks but also roll them back (on Windows only) in case they do initiate.

Behavior-based Security in Action

The power of behavior-based security was clear with the initial WannaCry attack in 2017. It was made famous when 16 NHS hospitals in the UK were shut down due to this viral ransomware attack. These sites were protected by a competitor whose CEO had to explain himself and apologize on national television.

The sites protected by SonicWall were up and running and helped pick up the slack when the others went down. Three weeks before the attack, SonicWall put protections in place that prevented Version 1 of WannaCry and its SMB vulnerability exploit from working.

But it was the behavior-based security controls that helped to identify and stop all the subsequent versions that came after. This same pattern emerged again with the NotPetya and SamSam ransomware attacks; static defenses followed by proactive dynamic defenses.

Furthermore, SonicWall’s reporting enables MSSPs to be alerted when something has been stopped. SonicWall Capture Client attack visualization gives administrators a view of where the threat came from and what it wanted to do on the endpoint.

This approach gives our customers — and MSSPs powered by SonicWall — the ability to protect against threats detected by SonicWall. But this strategy also protects against attacks that shift and change to bypass safeguards. By doing our best to build protections in a timely manner, as well as providing technology that detects and stops unknown attacks, we protect your customer as well as your reputation.


This story originally appeared on MSSP Alert and was republished with permission.

How Everyone Can Implement SSL Decryption & Inspection

Since 2011, when Google announced it was switching to Hypertext Transfer Protocol Secure (HTTPS) by default, there has been a rapid increase in Secure Sockets Layer (SSL) sessions.

Initially, SSL sessions were reserved for only important traffic, where personal, financial or sensitive data was transferred. Now, it seems we can’t receive news or perform a simple search without an encrypted session.

In 2014 and 2015, SSL sessions accounted for about 52 percent of internet traffic. As cloud adoption grew, so did the SSL sessions. By 2017, SSL accounted for 68 percent of all internet traffic. Currently, SonicWall has seen encrypted traffic at almost 70 percent of the total traffic on the internet.

Secure sessions demonstrate that internet users are understanding and embracing session security and privacy. Unfortunately, as SSL sessions have increased, so have encrypted attacks. So far in 2018, SonicWall has seen a 275 percent increase of encrypted attacks since 2017. You find more numbers in the mid-year update of the 2018 SonicWall Cyber Threat Report.

What is DPI-SSL?

The modern cyber threat landscape requires a defense-in-depth posture, which includes SSL decryption capabilities to help organizations proactively use deep packet inspection of SSL (DPI-SSL) to block encrypted attacks.

However, even firewall vendors that claim to offer SSL decryption and inspection may not have the processing power to handle the volume of SSL traffic moving across a network today.

DPI-SSL extends SonicWall’s Deep Packet Inspection technology to inspect encrypted HTTPS and SSL/TLS traffic. The traffic is decrypted transparently, scanned for threats, re-encrypted and sent along to its destination if no threats or vulnerabilities are found.

Available on all SonicWall next-generation firewalls (Generation 6 or newer), DPI-SSL technology provides additional security, application control, and data leakage prevention for analyzing encrypted HTTPS and other SSL-based traffic.

It is important to have a secure and simple setup that minimizes configuration overhead and complexity. There are two primary paths for implementing DPI-SSL.

Option 1: Remote Implementation

Enabling DPI-SSL can sometimes be complex. Diverse sites and programs use certificates differently, some of which may be affected by DPI-SSL capabilities.

To confirm you have DPI-SSL implemented properly, leverage the SonicWall DPI-SSL Remote Implementation Service to ensure seamless and effective implementation of SonicWall DPI-SSL services.

The Remote Implementation Service for SonicWall DPI-SSL deploys and integrates the product into your environment within 10 business days. This service is delivered by Advanced Services Partners who have completed training and demonstrated expertise in DPI-SSL implementation and configuration.

Option 2: Leverage Easy-to-Use Guidance

For those considering in-house implementation, SonicWall also provides a number of knowledge base (KB) articles and resources that walk you through the DPI-SSL implementation process. Some of the most popular include:

These KBs, and others found within SonicWall’s support section or through the DPI-SSL Remote Implementation Service, ensure every type of user or organization has the resources  to properly activate DPI-SSL within their infrastructure to mitigate encrypted cyberattacks.

For additional guidance, watch “Initial DPI-SSL Configuration,” a popular SonicWall Firewall Series Tutorial.

DPI-SSL Adoption

Thankfully, SonicWall is witnessing gradual adoption of DPI-SSL add-on services. To best protect your environment, pair DPI-SSL capabilities with the Capture Advanced Threat Protection (ATP) cloud sandbox, Gateway Antivirus, Content Filtering and Intrusion Protection Services (IPS). All available in the SonicWall Advanced Gateway Security Suite, which delivers everything you need to protect your network from advanced cyberattacks.

Combine these services with a trusted and secure end-point protection software, such as SonicWall Capture Client, and you can provide a robust security posture that can protect devices — even when they are not behind your firewall.

Upgrade Your SonicWall Next-Generation Firewall with ‘3 & Free’ Program

Some good things should never end.

One of the most successful promotions in company history, SonicWall’s ‘3 & Free’ incentive is now a permanent component of our Customer Loyalty program.

In an escalated cyber threat landscape, it’s more important than ever to ensure your organization’s networks, data and applications are protected against today’s most malicious cyberattacks, including the most recent Foreshadow processor exploits. In fact, in July 2018 alone, the average SonicWall customer faced:

  • 2,164 malware attacks (28 percent increase from July 2017)
  • 81 ransomware attacks (43 percent increase)
  • 143 encrypted threats
  • 13 phishing attacks each day
  • 1,413 new malware variants discovered each day by SonicWall Capture Advanced Threat Protection (ATP) sandbox with Real-Time Deep Memory InspectionTM

When you upgrade your SonicWall hardware you gain the latest in next-generation firewall (NGFW) technology and access to the SonicWall Capture Advanced Threat Protection (ATP) service. It’s a cloud-based, multi-engine sandbox that stops both known and unknown cyberattacks from critically impacting your business.

What is the SonicWall ‘3 & Free’ Program?


Once a limited-time promotion, the SonicWall ‘3 & Free’ is now a mainstay offering to loyal SonicWall customers. It’s an easy, cost-effective way for customers to upgrade to the very latest SonicWall next-generation firewall appliance for free.

Eligible customers may receive a complimentary NGFW appliance by purchasing a bundle that includes a three-year subscription of the SonicWall Advanced Gateway Security Suite from their authorized SonicWall SecureFirst partner.

This security suite includes everything you need to stay protected against today’s modern attacks, including ransomware, encrypted threats, zero-day attacks and processor-based exploits. It offers:

  • Capture Advanced Threat Protection (ATP) sandbox
  • Gateway Anti-Virus and Anti-Spyware
  • Intrusion Prevention Service
  • Application Control
  • Content Filtering Service
  • 24×7 Support

SonicWall’s exclusive security subscription service also includes SonicWall Real-Time Deep Memory Inspection (RTDMI). A patent-pending technology, RTDMI™ enables Capture ATP to detect and block malware that does not exhibit any malicious behavior or hides weaponry via encryption. This protects your organization from zero-day attacks, malicious PDFs and Microsoft Office files, and even chip-based Spectre, Foreshadow and Meltdown exploits.

Upgrade Your SonicWall Firewall

Ready to upgrade? Take advantage of our ‘3 & Free’ program to get the latest in SonicWall next-generation firewall technology — for free. To upgrade, contact your dedicated SecureFirst Partner or begin your upgrade process via the button below.