Month: December 2020

by Atul Dhablania

With the ever-evolving security needs of our customers and partners, SonicWall is committed to staying ahead of the curve, leveraging the latest technologies to bring you solutions that keep you safer, more agile and more productive no matter where or how work gets done.
Our mission to help customers know the unknown, gain unified visibility and control, and leverage disruptive economics to do more with less is what drove Boundless Cybersecurity earlier this year.

As the next step in our commitment to Boundless Cybersecurity, we’re introducing a new series of products designed to help meet your unique cybersecurity and business needs — all while giving you more choice and budget flexibility.

Multi-gigabit threat performance for mid-sized networks: SonicWall NSA 2700
Earlier this year, we released new NSsp 15700, TZ670 and TZ570 firewalls built around our new SonicOS 7.0 architecture. Now, we’re bringing this same game-changing OS to small- to medium-sized businesses (SMB) and mid-sized networks.

The new SonicWall NSa 2700 firewall offers industry-leading performance and the highest port density in its class, with TLS 1.3 support that stops cyberattacks and eliminates bottlenecks.
For enterprises that have grown beyond the capacity of the TZ series, the NSa 2700 offers enterprise-grade security without the need for an enterprise-scale appliance — or the price tag that goes with it. The NSa 2700 mid-range firewall offers a full high-availability (HA) solution without traditional HA prices and delivers 3Gbps threat inspection throughput at a fraction of the price of the second-best next-generation firewall in its class.

To learn more about SonicWall NSa 2700, click here.

Cost-effective SD-Branch solutions: SonicWall TZ270, TZ370 and TZ470
Cybercriminals have shifted from focusing on large enterprises to targeting any organization they think they can gain access to — meaning you can no longer rely on size to protect you.
Designed for SMBs including distributed enterprises with SD-Branch locations, SonicWall’s Generation 7 TZ models combine industry-validated security effectiveness with best-in-class price performance.

These new TZ firewall appliances offer all the user-friendliness and critical management capabilities of SonicOS 7.0. And despite their smaller size (and price tag), the new TZ appliances allow you to connect and secure up to 1 million connections (35,000 concurrent connections on SSL/TLS with DPI-SSL enabled).

Like their larger counterparts, the new TZ firewalls pack a lot of power, with 2.5 gigabit interfaces on the TZ470 and gigabit interfaces on the TZ370 and TZ270. All are available in wired and wireless models with 802.11ac Wave2, supporting integrated SD-WAN and offering expandable storage of up to 256 GB, Zero-Touch Deployment, and single-pane-of-glass management using our recently launched Network Security Manager.

TZ firewalls are also 5G- and LTE-ready, with a convenient USB 3.0 for 5G connectivity with several LTE and 5G modules from various ISPs qualified.

To learn more about SonicWall’s full range of new TZ firewalls, click here.

Zero-trust security that’s easy to deploy and use: SonicWall Cloud Edge Secure Access
The adoption of remote work, tighter collaborations with partners and BYOD have redefined perimeter security — and in today’s boundless enterprise, enforcing security policies has never been more challenging.

While VPN is a smart choice for specific deployment scenarios, it introduces its own set of challenges. While securing the perimeter is crucial, it’s no longer enough: To truly protect your network, cybersecurity must go wherever work gets done, and extend to wherever your assets reside

With Cloud Edge Secure Access, SonicWall delivers easy-to-deploy, easy-to-use zero-trust security for site-to-site and hybrid cloud connectivity. This robust, cloud-native Secure Access Service Edge (SASE) offering can be configured by IT admins in as little as 15 minutes, and self-installed by end users in just 5 minutes.

Built around a Least-Privilege Access philosophy, SonicWall Cloud Edge Secure Access lets you limit access to only those who need it. With the power to control and protect network access to both managed and unmanaged devices based on identity, location and device parameters, you can now protect sensitive areas of your network and secure your resources without sacrificing productivity or flexibility.

And if you’re worried about DDoS, SlowLoris or SYN Flood, don’t be. Because it’s supported by over 30 global points of presence and built on Software-Defined Perimeter (SDP) core architecture, SonicWall Cloud Edge Secure Access is impervious to common cyberattacks.
SonicWall Cloud Edge Secure Access also proactively monitors environments, automatically activating a secure access connection in public Wi-Fi hotspots, further securing remote work by automatically securing unsecure Wi-Fi hotspots.

To learn more about SonicWall Cloud Edge Secure Access, click here.

Increased visibility and simplified multitenant management: Capture Client 3.5
Designed for MSSPs/MSPs, as well as enterprise customers that manage multiple tenants, Capture Client 3.5 endpoint protection offers simplified management of multiple tenants, translating to lower operational costs and faster response times.

With Capture Client 3.5, you can create and deploy new tenants through the adoption of baseline policies, while also offering customers the flexibility to build and deploy custom policies for specific tenants.

By offering a quick snapshot of the health of all tenants, Capture Client 3.5 provides administrators the ability to see infections and vulnerabilities instantly. The solution also offers more granular views, displaying which version of Capture Client is installed on each endpoint, which devices are online, what web content categories or domains get the most blocks, and which users cause the most alerts.

To learn more about SonicWall Capture Client 3.5, click here.

The ultimate firewall management tool, on-prem or SaaS: Network Security Manager (NSM) 2.1
With SonicWall NSM 2.1, we’re making centralized firewall management even better, bringing greater control and ease to your security operations center (SOC).

NSM 2.1 adds several new enterprise management capabilities, along with several options for NSM on-premises deployment. By leveraging a unified code base, firewall management is simplified regardless of whether you choose a SaaS or on-prem deployment.

This release also features Role-Based Access Controls (RBAC) for granular access based on device or user, Golden Templates to convert device configurations to your principal set, and Approval Workflow to help you roll out sanctioned security policies with a controlled and auditable process.

With the added security of two-factor authentication (2FA) and the continuous monitoring of Intelligent Platform Monitoring (IPM) system, NSM 2.1 does more than ever to ensure your network is protected, and running and performing optimally.

To learn more about SonicWall NSM 2.1, click here.

While SonicWall is excited to introduce these new products, we’d also like to thank our partners, who provided the valuable input that drove our innovations. Everything we do and everything we dream of at SonicWall is for our partners and customers, and we’re proud to offer you even more products and solutions to drive your business.

Senior Vice President and Chief Operating Officer | SonicWall
Atul Dhablania is Senior Vice President and Chief Operating Officer for SonicWall. Atul has over 25 years of experience in engineering and operations management. In the last 15 years at SonicWall, he has led teams in designing and developing security solutions as well as managing the worldwide operations. Prior to joining SonicWall, Mr. Dhablania held management and engineering positions at AMD, Fujitsu/HaL Computer Systems, Cyrix, National Semiconductor, and LSI Logic.

By Sony Kogin

With the global pandemic showing no signs of abating anytime soon, businesses worldwide are finding creative ways to adapt. Survival and continued growth often mean expanding services beyond traditional areas, being more agile and embracing work-from-anywhere policies.

In this inverted environment — one in which most employees are offsite, reliance on external business partners is increasing, and the nature of hyper-distributed offices has become almost nomadic — how do you enforce consistent and effective security policies?

Since 2019, SonicWall has been delivering a full set of new product portfolios to help IT managers alleviate these challenges. But today, with many workforces 100% remote and cyberthreats on the rise, adopting a Boundless Cybersecurity model has never been more crucial.

The Security Perimeter must follow wherever humans work and extend to wherever the assets reside.

Last January, SonicWall announced a partnership with Perimeter 81, the leading Zero-Trust Secure Network-as-a-Service provider, to firmly establish our presence in SASE. And now we’re delivering on that promise — starting with the new worldwide Cloud Edge Secure Access service, designed to free businesses from the notion of fixed locations and rigid cybersecurity solutions.

Cloud Edge Secure Access enables a simple Network-as-a-Service (NaaS) for site-to-site and hybrid cloud connectivity with integrated Zero-Trust and Least-Privilege security. Organizations can now empower remote workforces outside the traditional perimeter while protecting high-value business assets, regardless of location.

Cloud Edge Secure Access effectively provides a dedicated and invisible “rail and fence” for every employee and partner device. It offers secure access to apps and data anywhere in the cloud, including private, AWS, Azure, Google and more.

The inherent Least-Privilege Access security allows users and devices access to what’s necessary and nothing more, similar to the concept of a “need-to-know basis.” By limiting the exposure to other sensitive areas of the network, organizations can prevent threats from moving laterally, thereby securing their resources without sacrificing their operational flexibility. The illustration below shows how the Zero-Trust security follows the user anywhere and gives choices to use any devices, as both managed and unmanaged.

Worldwide cloud-native service that takes minutes to deploy.
The global infrastructure of SonicWall Cloud Edge is supported by over 30 global points of presence (PoPs). The solution is built on the Software-Defined Perimeter (SDP) architecture, making Cloud Edge service impervious to common cyberattacks like DDoS, Slowloris and SYN Flood.

IT managers can take advantage of the powerful cloud-native service via a simple SaaS interface. Built with ease of use in mind, SonicWall Cloud Edge can be configured by IT managers in as little as 15 minutes, and self-installed by end users in just 5 minutes.

But this is just the beginning of how SonicWall Cloud Edge increases IT agility and accelerates employee productivity.

Instant, high-performance multi-regional private network service.
With Cloud Edge Secure Access’ NaaS, a geographically distributed enterprise can quickly interconnect with a single virtual multi-regional private network. This makes it an ideal solution for connecting nomadic kiosks, temporary retail stores, mobile point of sales or remote branch offices in areas underserved by telcos’ MPLS, where only commodity internet is available.

The ability to not be bounded by a telco’s service map is a big plus, because it allows you to use a location that aligns with strategic business objectives and can offer considerable cost savings.

If you have legacy firewalls and routers, SonicWall Cloud Edge Secure Access will inter-operate seamlessly regardless of their location and bridge them to the nearest PoP gateways via IPsec tunnels. However, SonicWall recommends the WireGuard tunnel, which can deliver up to four times faster performance. In this race, SonicWall leads the industry as the only incumbent security vendor to offer WireGuard support.

How does Zero-Trust network and application access work?
Here’s how easy it is to enable the Cloud Edge Secure Access service and enforce Zero-Trust security:
• A home user can turn any desktop machine or notebook running macOS or Windows into a managed device with the SonicWall Cloud Edge app client. The client includes Wi-Fi security support that automatically enables a VPN connection in an unsecured public hotspot. When a Wi-Fi hijacking attempt is detected, the client will instantly disable the outbound internet connection to prevent any masquerade attack from exfiltrating data out of the target device.
• A roaming user with an iOS or Android mobile device can install the lightweight version of SonicWall Cloud Edge app to benefit from the work-from-anywhere protection.
• A business partner with an unmanaged device and a browser can also securely connect to the network and access authorized applications and data. This generic browser support is handy in public locations, such as libraries, airports or hotels where only a shared device is available.

In each of these scenarios, Cloud Edge Secure Access enforces Zero-Trust access, starting with a user login. Both internal and external logins will be directed to a centralized controller, which facilitates the interactions between the endpoint and the identity management system (such as LDAP, Okta, Azure Active Directory or Google Cloud Identity) for proper authentication.

Upon successful verification, the traffic will be relayed to one of the 30 gateways nearest the user to ensure optimal performance and the best application experience. The gateway brokers the connection by decrypting the incoming traffic and microsegmenting the traffic flow to prevent lateral movements.

An all-inclusive solution for enterprises with lean IT, and a revenue-generating platform for MSSPs.
Moving security and networking services to the cloud eliminates many hardware and software costs, such as purchasing network security appliances and security applications from several vendors.

SonicWall Cloud Edge Secure Access offers enterprises with lean IT an all-inclusive package. It integrates state-of-the-art WireGuard cryptography, built-in protection against volumetric DDoS attacks, Slowloris and SYN flood as well as Wi-Fi hijacking. It also offers service redundancy with automatic traffic load balancing, and it works seamlessly with SIEMs including Splunk and modern identity management providers (IdP).

The addition of a subscription model offered by Cloud Edge Secure Access means that services can be scaled up or down on demand, without waiting weeks or months for equipment to arrive and dedicated circuits to be installed.

And because multi-tenancy, monitoring and reporting for compliance audits come standard, SonicWall Cloud Edge Secure Access is also ideal for MSSPs.

While other vendors talk about disparate technologies when referring to their SASE solutions, SonicWall offers networking and security as a single, unified service stack, starting with Zero-Trust security built into a worldwide Network-as-a-Service. To learn more, read here.

This post originally appeared on 11/12/2020 via SonicWall and was republished with permission”

Product Marketing, Senior Manager | SonicWall
Sony Kogin is very passionate about security, networking, and cloud technologies. At SonicWall, he is responsible for the marketing strategy for all the Secure Remote Access and SASE products to help organizations enable and empower their employees with innovative work-from-anywhere solutions and to accelerate their digital transformations.