Posts

Importance of Resiliency in Network Security

In life we hear stories about people who are able to recover from difficult situations. They’re often referred to as being “resilient.” Resiliency can also be applied to network security, albeit in a slightly different context. In both cases it’s a good thing to be.

As noted in our mid-year 2018 SonicWall Cyber Threat Report, network threats, such as malware and ransomware attacks, are on the rise compared to 2017. Cybercriminals are persistent in their efforts to find new methods to launch their attacks.

But it’s not just the quantity of attacks that are on the rise. New threats are increasing as well. Some of these are variants spawned from earlier malware or ransomware code, such as WannaCry and Locky. Others are malware cocktails that combined pieces of code from several different variants.

Absorb, Reorganize and Refocus

One of the best and often under-valued ways to protect against these threats is to have a network security solution that is extremely resilient. This doesn’t mean that your firewall is good at picking itself back up off the ground after it’s been defeated by an attack.

According to NSS Labs, a third-party source known for its independent, fact-based cybersecurity guidance, “The resiliency of a system can be defined as its ability to absorb an attack and reorganize around a threat. A resilient device will be able to detect and prevent against different variations of the exploit.”

A key component of this definition is the device’s ability to identify attacks that use evasion techniques to avoid being detected and stopped. Another is protection over time. Some attacks are launched and then quickly disappear. Others, however, are reintroduced over the years, whether in their original form or as a variant.

A resilient firewall will continue to block a threat that was launched previously in addition to current and future variants. Failure to be resilient increases the chance your network is open to an attack. The odds may be small, but it’s still possible. Remember, not every hacker is writing the latest code. Some are new to the game and stick to older, established attacks.

Blocking Never-before-seen Variants

NSS Labs released the 2018 Next-Generation Firewall Group Test results with 10 network security vendors participating in the testing. SonicWall submitted the NSa 2650 next-generation firewall (NGFW), which performed very well in both security effectiveness and value (TCO per protected Mbps), earning the “Recommended” rating for a fifth time.

One particular area in the security effectiveness testing where the NSa 2650 shined was its resiliency to a range of never-before-seen exploit variants. The NSa 2650 achieved a block rate of over 90 percent, outperforming every other firewall except one. In many cases, the difference was significant, with over half of the firewalls scoring only in the 65-75 percent range.

Exploit Block Rate by Year – Recommended Policies
2018 NSS Labs Next-Generation Firewall Comparative Report: Security

So, is having a firewall with high resiliency really that important? Research from both SonicWall and NSS Labs indicates that there are quite a few aging attacks still out there in circulation. They may not be as sophisticated as today’s threats, but they remain active. You need to be protected against them.

What’s more, some threat actors launch multi-pronged attacks comprised of the core malware plus a series of variants. The idea is that your firewall may stop one, but not all.

To counter attacks, some security vendors create signatures that are specific to a particular exploit. These signatures typically don’t account for variants, however. And, over time, the signatures may be removed, leaving the firewall open to attack. Ideally, security vendors will create signatures that focus on the vulnerability and block the threat plus its variants — now and in the future.

If you’re not sure whether your firewall is resilient, or how it rates in security effectiveness and value, SonicWall can help. Visit SonicWall.com to download and read NSS Labs test reports, including the Security Value MapTM.

SonicWall PEAK17 Partner Roadshow Touring Europe

19-City Tour Brings SonicWall Enablement, Networking to EMEA Partners

It’s no secret that SonicWall is committed to its partner community. The latest testament to this dedication is the PEAK17 partner roadshow, which is currently on a 19-city European tour that launched in March.

The annual roadshow takes SonicWall right to the partners to deliver updates to the SonicWall SecureFirst partner program, news on SonicWall SonicOS 6.5 launch, market momentum, new marketing tools and more.

“We have been working together with SonicWall for 15 years, but this power of innovation is the greatest we’ve ever seen,” said Ralf Leibmann of CONCIPIA GmbH, a SonicWall partner. “Especially as a managed security provider, we are very happy to have a professional partner like SonicWall that leads us to be one of the greatest MSPs in Germany.”

In September, the roadshow started its second leg by visiting Wien, Austria; Essen, Germany; Bern, Switzerland; and Ulm, Germany. The next stop will be Oct. 3 in Stockholm, Sweden. The 2017 roadshow will conclude on Nov. 11 in Paris, France.

“It was a great event with brand-new, first-hand information from representatives and partners,” said Werner Lenz of LENZ IT & NetWorking Solutions. “A big thanks to SonicWall for being a reliable partner over the years. It enabled us to continuously expand our business and build strong relationships to our customers.”

Upcoming stops will be highlighted by keynote sessions from SonicWall President and CEO Bill Conner (UK and Italy), dedicated channel strategy sessions from Senior Vice President and Chief Revenue Officer Steve Pataky (UK and Italy), and exclusive product updates from Executive Director of Product Management Dmitriy Ayrapetov (UK, Italy, Ireland and Germany).

Each day-long event will feature product-specific positioning sessions – new NSA 2650 firewall and SonicWave Wireless Access Points, marketing and partner enablement updates, and professional service presentations. The roadshow — featuring popular social events like cooking classes, wine tasting, theatre visits and escape rooms — is the perfect opportunity to learn best practices for engaging prospects, exceeding customer expectations and growing revenue opportunities.

“I really enjoyed the experience to attend the PEAK17 Partner Roadshow in Essen in a nice location,” said choin! CEO Boris Wetzel, a SonicWall gold partner in Germany. “It was an excellent event with great updates on products and roadmap. It is great to see the changes and the commitment from SonicWall.”

This is the roadshow’s second trip through Europe in 2017. Earlier in the year, SonicWall hosted partner events in Germany, Austria, Switzerland and the Netherlands. This drove SonicWall’s European partner outreach program to 19 cities for the year.

Honoring SonicWall Partners

At the PEAK17 events in Germany, Austria and Switzerland, SonicWall hosted award ceremonies to honor the region’s most successful partners.

Germany

  • SonicWall Distributor 2017: Infinigate
  • SonicWall Most Valuable Partner 2017: Axsos
  • SonicWall Security Project 2017: Kodak with Partner Axsos
  • SonicWall MSSP 2017: Concipia
  • SonicWall Mittelstandspartner 2017: Tarador

Switzerland

  • SonicWall Partner of the Year 2017: Vitodata

Austria

Attend PEAK 17

If you’re interested in attending an upcoming PEAK17 roadshow event in Europe or Africa, please reference the table below and register for a city near you.

City Country Date Registration
Wien Austria 13.09.2017 Complete
Essen Germany 19.09.2017 Complete
Bern Switzerland 20.09.2017 Complete
Ulm Germany 21.09.2017 Complete
Stockholm Sweden 03.10.2017 Complete
London United Kingdom 04.10.2017 Complete
Madrid Spain 04.10.2017 Complete
Florence Italy 05.10.2017 Complete
Dublin Ireland 06.10.2017 Complete
Hamburg Germany 10.10.2017 Complete
Johannesburg South Africa 19.10.2017 Complete
Nantes France 07.11.2017 Register
Paris France 09.11.2017 Register

SonicOS 6.5, the Biggest Update in Company History, Delivers Powerful Security, Networking and Usability Capabilities

Keeping organizations running safely, while improving business and user productivity in today’s accelerating threat environment, continues to be a non-trivial task for IT leaders. At the current pace of cyber attacks, we understand all too well that the effects of recent events, such as the Equifax, WannaCry and NotPetya attacks, have demonstrated their capacity to change the global business environment from normal to total hysteria in the blink of an eye.

When news breaks on new data breaches, we see a surge in conversations with our SonicWall partner and customer communities about security and risk assessments. These engagements reinforce our development commitment to ensure every new product release delivers more tools and capabilities to protect their networks and data, and subsequently avoid the unnecessary breach.

Delivering on that commitment, I am thrilled to introduce SonicWall’s biggest firewall feature release in its history. SonicWall SonicOS 6.5 is packed with powerful security, networking and usability capabilities, and meets the security operation requirements of organizations of various sizes and use cases. SonicOS 6.5 focuses on empowering IT leaders and their security teams to:

  • Elevate their breach detection and prevention capacity
  • Manage and enforce security controls across the entire organization
  • Bring the latest in wireless speed, performance and security for cloud and mobile users
  • Scale firewall networking, connectivity and performance for uncompromised, uninterrupted network services

SonicOS 6.5 delivers the following customer-focused outcomes as part of SonicWall’s expanding Automated Real-Time Breach Detection and Prevention Platform.

1. Bolster breach prevention capabilities for wired, wireless and cloud-enabled network environments

  • SonicOS 6.5 includes 60-plus new features, nearly half of which focus on enabling the latest Wi-Fi standard, 802.11ac Wave 2, to deliver matching network security performance, connectivity and security between wired and wireless networks.
  • The combination of SonicWall firewalls and the new SonicWave 802.11ac Wave 2 series of wireless access points gives customers the assurance that their users have uninterrupted, secure and fast access to business services and resources over wired and wireless connections.
  • Built-in features, like Wireless Deployment Tools, greatly aid in planning and building a robust wireless infrastructure, while Band Steering, Airtime Fairness and others improve the overall wireless service quality and performance to give users a safe, productive wireless experience. This helps eliminate dropped connections and slowness anytime, anywhere and in any environment within the workplace. Moreover, Dynamic VLAN assignment segments wireless users based on their roles and group associations to prevent advanced threats from spreading.
  • SonicOS 6.5 expands the threat API capabilities to help customers establish a path toward security automation. Through greater firewall collaboration with third-party security ecosystem, the firewall can automatically pull external intelligence sources for threat detection and protection, and security policies enforcement. For example, our Dynamic Botnet List feature enables customers to program their firewalls to download private third-party lists that contain desired security information, such as malicious IP and URL addresses, that they want the firewall to block for additional threat coverage.
  • For distributed organizations that have offices operating on different network domains, the new multi-domain security management capability in SonicOS 6.5 helps them manage and enforce discrete security policies across those domains. Based on service levels, risk tolerance, compliance and/or legal requirements, administrators can apply identical security controls to all domains or specific policy to a single domain or group of domains. This flexibility helps reduce the attack surface, eliminate security gaps, isolate risks and prevent any lateral movement of backdoor, network-based attacks, such as WannCry and NotPetya.

2. Increase scalability and connectivity of the firewall system

  • Advances in Layer 2/3 network and connectivity help customers optimize system availability and performance, and scale the firewall to deliver uncompromised, uninterrupted threat protection for every connected network domain. Supported on all SonicWall next-generation firewall (NGFW) models, including the newest NSA 2650, SonicOS 6.5 also supports daisy-chaining and management of Dell X-Series switches, Virtual Wire Mode, Dynamic LAG using LACP and Equal Cost Multi-Path (ECMP).
  • Using multi-domain security management in conjunction with virtual wire mode gives customers the ability to micro-segment and manage their virtual networks. These also provide independent security management, policies, controls and scanning to each virtual network with its separate security zone.

3. Improve ease of use and firewall management

  • SonicOS 6.5 introduces a completely redesigned user interface (UI) for a fresh, productive user experience (UX). This new UI gives users an executive dashboard loaded with security, user and traffic information. It also offers an organized, familiar and easily-understood menu-driven security management console. The dashboard presents a consolidated view of the live firewall security environment. This view includes a threat index, security events and data, network performance and connectivity, and application and bandwidth usage. The intuitive UI lets users complete security tasks faster, and with greater ease, from a single-pane-of-glass.

Meet the New SonicWall NSA 2650 Next-Gen Firewall – Where Faster Meets More Secure

Today I am excited to share the new addition to SonicWall’s NSA product family of Next-Generation Firewalls, the NSA 2650.  Three key trends form the design drivers for the new NSA 2650

  1. Wireless Devices Explosion – The demand for increased bandwidth from wireless networks is constantly on the rise with the growing number of wireless devices used per person. The wireless industry is going through waves of transformation (pun-intended) to support the requirement for more bandwidth. With the latest 802.11ac Wave 2 wireless standards opening the door for multi-gig WiFi performance there is a strong need for switches and firewalls that connect to wireless access points to support these faster speeds without increasing the cost to the network infrastructure.
  2. Multi-gig Campus Requirements – Campus/branch networks require technology trend adoption without adding significant costs to the network infrastructure. For example, switches and firewalls supporting wireless access points must be able to do so with existing the Cat5e/Cat6 cabling infrastructure.
  3. Encrypted Traffic Surge – The trend towards Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption has been on the rise for several years. Articles on the use of SSL/TLS encryption typically indicate that a little over 50% of all web traffic is now encrypted and that percentage is expected to continue growing. At SonicWall, data gathered by our Capture Labs Threat Research team shows the percentage to be a little higher, around 62%. We found that as web traffic grew throughout 2016, so did SSL/TLS encryption, from 5.3 trillion web connections in 2015 to 7.3 trillion in 2016. As vendors such as Google, Facebook, Twitter and others continue to move to HTTPS, we expect the use of HTTPS to increase. So, organizations now require a secure platform to protect their network from the sophisticated encrypted threats that evade the traditional security mechanisms. 

The NSA 2650 firewall is aimed at campus and branch networks that must secure their environments against the growing number of threats looking for new ways to burrow into networks. The new NSA 2650 firewall is the first branch and campus firewall to deliver automated real-time breach detection and prevention, as well as TLS/SSL decryption and inspection, over multi-gigabit wired and 802.11ac Wave 2 wireless networks. The SonicWall NSA 2650 represents the continuing evolution of SonicWall’s vision for a deeper level of network security without a performance penalty. More than simply a replacement for its predecessor, the NSA 2600, the NSA 2650 addresses the growing trends in web encryption and mobility by delivering a solution that meets the need for high-speed threat prevention.

The NSA 2650 is a 1U-device powered by four cores that provide the processing power necessary to support the compute-intensive deep packet inspection services such as:

  • Intrusion Prevention
  • Anti-Virus
  • Anti-Spyware
  • TLS/SSL inspection and decryption
  • Application Visualization
  • Application Control, Botnet detection
  • Geo-IP identification
  • Anti-Spam
  • User Identification and Advanced Threat Protection

Real-Time Inspection of SSL and TLS Attacks:

Unlike competing firewalls that perform well only with unencrypted connections, the NSA 2650 is built to support the need for more TLS/SSL inspection connections. The NSA 2650 features an unmatched number of encrypted web connections, up to 12,000 and performs deep packet inspection on each connection after first decrypting the traffic.

To protect against more advanced threats such as unknown and zero-day attacks that are concealed in encrypted web traffic, the NSA 2650 utilizes Capture, SonicWall’s cloud-based multi-engine sandboxing service that runs on the firewall. Suspicious files are sent to the award-winning SonicWall Capture service for analysis before rendering a verdict.

The NSA 2650 is a high-port density firewall that features 4×2.5-GbE SFP, 4×2.5-GbE, and 12×1-GbE interfaces with a dedicated management port. In addition to the multi-gigabit ports, high-speed processors and robust onboard memory, the NSA 2650 includes additional hardware enhancements that make it the ideal NGFW for mid-sized organization and distributed enterprises. An optional second power supply is available in case of failure for added redundancy. To help with scalability, the NSA 2650 includes two expansion slots. One is pre-populated with a 16 GB storage module to support features including logging, reporting, last signature update, backup and restores and more. The second slot provides flexibility to add future feature and physical capability expansion. Expandable in the future with additional modules, this versatile, high-port density firewall platform has the capacity to evolve through firmware updates to keep ahead of threats such as ransomware and intrusions.

With the NSA 2650, SonicWall yet again adds a ground-breaking security product to its portfolio. Combined with new 802.11ac Wave 2 SonicWave wireless access points, SonicWall creates a high-speed wireless network security solution that provides wireless users with an enhanced mobile experience.

Our latest firmware release, SonicOS 6.5, has more than 60 new features, and provides support for NSA 2650 hardware platform where faster meets more secure without any compromise on performance to all traffic including encrypted traffic.

Test drive the new NSA 2650 on SonicWall live demo: https://livedemo.sonicwall.com

SonicWall Delivers More Speed, Security Across Entire Portfolio

New SonicWall NSA 2650 Firewall, and SonicWave Access Points Take Security, Speed and Analytics to Elite Levels

Defending your business is job No. 1. But with so many vectors and end points, it’s an arduous challenge to identify and mitigate known and unknown threats across multiple locations, networks and endpoints — particularly as the need for wireless and mobile access scales to untold heights.

It’s this amalgamation of technology that makes SonicWall’s latest announcement so intriguing. It’s not another product. It’s not just a new service. It’s not only a refined dashboard and interface.

The innovation here is keenly focused on integrating each of these advanced “ingredients” into a powerful platform that helps businesses automate real-time breach detection and prevention while exceeding speed and performance expectations.

An ‘Absolutely Superb’ Firewall

If you missed the announcement, “SonicWall Turbocharges Innovation with Unprecedented Delivery of New Wireless, Mobile and Wired Network Security Products,” this platform approach is central to how SonicWall proactively defends its end customers.

In fact, we allowed customers to beta test the new products in real-world situations. The feedback was resounding, particularly for the new SonicWall NSA 2650 firewall and our range of new SonicWall SonicWave access points, which deliver elite speeds via the 802.11ac Wave 2 standard.

“The new NSA 2650 is an absolutely superb product,” said Dr. Michael Breen, Dean of Arts at Mary Immaculate College. “In my opinion, the speed and level of security is unparalleled in its class. It gives us the throughput to conduct deep packet inspection (DPI) of encrypted traffic without costing us any loss of performance.”

The NSA 2650 firewall enables threat prevention over 2.5 gigabit Ethernet wired and 802.11ac Wave 2 wireless networks, supports twice the number of DPI connections and offers 12,000 DPI SSL connections, an increase of 12X.

“Protecting sensitive information and preventing security breaches is paramount,” said Breen. “Our network contains highly private student information and we must conform to EU GDPR (European Union General Data Protection Regulation) protocols. We see over a thousand suspect probes at our gateway every week from eastern Europe. We need to lock down access to only authorized users. We’re also concerned with threats hidden in an increasingly high proportion of encrypted traffic.”

SonicOS Goes Modern

There’s nothing like a fresh UI. Our teams have worked tirelessly to re-envision everything about our popular operating system, SonicOS. Featuring more than 50 improvements and enhancements — not to mention a modern look and feel — SonicOS 6.5 is the biggest customer-driven release in company history.

“SonicWall products have always been very good, but the new SonicOS 6.5 is a giant step forward,” said Greg Thomas, owner of ComLogic, a SonicWall partner. “SonicWall is clearly visionary, not just in protection, but in analytics and usability as well. The new UI is fresh, relevant and easy to use.”

The most apparent change you’ll notice is the slimmed navigation, which now places emphasis on three of the most important functionalities: Monitor, Investigate and Manage.

“The biggest thing you’ll notice is that we’ve moved the navigation around,” said SonicWall senior UX and product design lead Tara Kelly. “We’ve done this to separate all the tasks that you need to do in three macro categories. This takes what used to be a giant menu on the left-hand side and breaks them down into smaller, bite-sized tasks.”

SonicOS offers all the standard features and capabilities you’d expect in easy, convenient locations. This includes everything from logs, reports and tools to upgrades, connectivity breakouts, systems setups and security configurations.

We will have more on SonicOS 6.5 in the future, including detailed overviews and walkthroughs.

Real-Time Analytics for Firewalls & Access Points

Each and every administrator, architect, analyst and cyber security pro wants to make better decisions faster. We want to be confident, smarter and decisive. Unfortunately, we don’t always have actionable data when we need it. In many cases, we have too much data that’s unorganized and unusable.

The new SonicWall Cloud Analytics application will help solve this everyday challenge. The intelligence-drive engine features real-time data presented in a structured, meaningful, actionable and easily consumable manner. You’ll be able to monitor, record, analyze and report security data for deep forensic analysis across multiple SonicWall firewalls and SonicWave wireless access points.

Our goal is to truly empower security teams, analysts, auditors, boards, C-suites and stakeholders to discover, interpret, prioritize and take appropriate defensive actions against both known and unknown cyberattacks or threats. Smarter decisions faster.

An extension of the recently introduced SonicWall Cloud Global Management System (GMS), SonicWall Cloud Analytics provides extensive drill-down investigative and forensic capabilities for deep security data analysis, including traffic, applications, threats, and user behavior and activities.

SonicWall SonicWave Is New Standard for Wireless Speed

As the number of applications and data-heavy services grow, so do speed demands. Based on the high-performance Wave 2 802.11ac standard, the new SonicWave access points couple speed, reliability, range, consistency and security into a single, cost-effective appliance.

Wave 2 represents the evolution from the Wave 1 802.11ac standard, which is fairly common in both enterprise and consumer environments. It operates on the 5 Ghz band and can deliver speeds up to 1.3 Gbps.

In contrast, Wave 2 supports multiple users, multiple inputs and multiple outputs (MU-MIMO) and is able to deliver speeds that exceed 3 Gbps. For this reason, the new SonicWave access points feature 4×4 MU-MIMO technology for best-in-class Wi-Fi performance, range and reliability.

“The new SonicWave access points blew me away,” says Spencomp Solutions security specialist Dominic Valois. “The new SonicWave line presents us with a great offering for our customers. With Wave 2 support and 2.5 GbE ports, we can provide larger business sites and campuses with better streaming and bandwidth for hundreds of wireless devices.”

The sentiment from Valois was echoed by Greg Thomas, the owner of ComLogic, a SonicWall partner based in Denver, Colo.

“The 2.5 GbE ports on both the NSA 2650 and SonicWave access points can handle the increasing congestion,” said Thomas. “You can easily position the SonicWave access points for best cellular reception, either for failover or percentage of use.”

Protecting the Mobile Workforce

When employees are on the road, they require secure access to the same systems and applications they trust when on Wi-Fi or wired networks in the office. Not only must access be available anywhere, anytime and on any device, speed and security cannot be compromised.

This truth was the precipitous behind the new SonicWall Secure Mobile Access (SMA) 12.1, which helps enable access to business-critical internal and external apps for employees and partners.

For remote users, vendors and third-party contractors, SMA 12.1 provides policy- enforced secure access to email, file servers and corporate applications using federated single sign-on (SSO) to both cloud and on-premise resources from authenticated devices.

In addition to SSL encryption of sensitive user sessions, SMA provides an additional layer of security by scanning all remote file uploads with the SonicWall Capture Advanced Threat Protection (ATP) service. This helps ensure remote users have the same level of protection from zero-day threats when they are on the road as they have in the office.

Go Faster, Go Safer

If you’d like to learn more about the new security products and services that deliver unprecedented speed and security, please explore the dedicated product pages and resources:

Ready to make the jump to one of the new products or services? SonicWall is ready to help. If you don’t have a SonicWall partner, or are unsure, please contact SonicWall directly. We always welcome new members to the SonicWall family.