Latest News
Latest blogs and updates from SonicWall-Sales.com
A boost to digital transformation
Embracing new and innovative technology is what small businesses and those with often distributed workforces and offices do best. Finding alternative ways to connect and, most importantly, stay connected securely is of considerable benefit to small and distributed companies.
However, this engagement with technology doesn’t come without its challenges. This post looks closer at some of these obstacles and ways businesses can get around them, using various applications and integrated appliances.
Challenges in implementing digital change
Small businesses often find themselves under-equipped to deal with the variety as well as the volume of cyber-attacks and cyber threats out in the digital space. Such threats are not only becoming commonplace in everyday working practices, but they’re also becoming much more sophisticated in their approach with the aim to maximise their return on investment; and trust us, they will do anything they need to make this happen.
We must also take a look at the hike in mobile and IoT devices that are now being used to access and connect to remote networks. Unfortunately, what this has meant for many is a degradation in network performance and a high level of unpredictability in the overall application.
One of the biggest challenges? Cloud applications. Cloud applications disrupt the traditional WAN and branch models; however, they do help to lower costs and reduce the time spent implementing cybersecurity solutions to branches.
The best solution to all challenges?
A fully integrated approach that offers complete digital transformation while keeping costs of ownership low and providing all security capabilities you need.
Welcome the SonicWall TZ series.
TZ270, TZ370, and TZ470 offer integrated SD-branch platforms with exceptional performance levels, all designed to focus on the `modern-day` branch setup.
The latest TZ range working alongside their wireless counterparts (TZ270W, TZ370W, and TZ470W), promotes state-of-the-art hardware designed specifically for small business and distributed offices.
What’s on offer:
- Automated real-time branch detection and prevention
- TLS/SSL inspection and decryption
- Multi GB wired and 802.11ac Wave 2 wireless networks
- High port density
- High-speed processors
- Robust onboard memory
- Expandable storage options
- And more!
Powered by SonicOS 7.0, the new TZ range certainly offers it all.
Transforming digital security
Threats to online security, business data and information is higher now than it has ever been. As more and more workforces now offer distributed offices and work locations, cybercriminals continue to play on vulnerabilities and flaws within the network systems.
The new TZ series helps to not just patch over these identified flaws but eradicate them completely.
Offering security solutions with all third-party certifications, these solutions meet the need for high-speed threat prevention.
SonicWall Capture, the cloud-based, multi-engine sandboxing service, helps to stop even the most advanced, zero-day attacks, which can often be encrypted web traffic—providing you with peace of mind that your servers and networks are protected at all times.
What’s more, the new TZ series has built-in SD-WAN at no additional cost to you, effectively replacing outdated WAN connections and technologies as well as any standalone SD-WAN appliances.
Through QoS features, the aim is to provide businesses with critical cloud performance applications.
In addition, with the use of SonicWave access points, SonicWall Switches, and the multi-gigabit interfaces, networks can now stay ahead and keep up with the high bandwidths that are now required due to the increase in the use of mobile devices.
Using a centralised management platform, SonicWall Network Security Manager (NSM), you can access the analytics platform through the cloud and on-prem form factors.
With smaller IT teams and a lack of cybersecurity, we understand how important it can be for small and medium-sized businesses to take advantage of zero-touch deployment and a unified policy that focuses on security saving your business both time and money.
Consolidated and integrated security across endpoint, edge, and access networks, the TZ series SonicWall firewalls can all be managed through a single pane, amplifying your control and cross-product visibility.
Providing a unified and robust security solution eases management pressures and provides solutions needed to protect your data and information.
For all of your business’s integrated cybersecurity needs and to find out more about the TZ series from SonicWall firewalls, call 0330 1340 230.
Security Update: SMA 100 Series Patch Now Available
As communicated on Feb. 1, SonicWall is announcing the
availability of a critical firmware update to patch a zero-day vulnerability
on SMA 100 series 10.x code.
|
||||
|
||||
As previously stated, SonicWall firewalls and SMA 1000 series
appliances, as well as all respective VPN clients, are unaffected and remain
safe to use. No action for these products is required.
|
||||
What is a VPN firewall, and how does it protect your networks?
Designed specifically to protect networks and systems, a VPN firewall provides excellent protection against unauthorised people attempting to access your networks and steal your data through exploiting and intercepting the VPN connection.
VPN - Virtual Private Network. An appliance created within the public network (like the internet), where once it is set up, information can be sent, received and retrieved through any shared or public site securely.
VPN firewalls allow you to connect remotely to your place of work safely, and most importantly, securely. They are available as either hardware or software and, in some instances, like the SonicWall VPN, all in one firewall appliance.
The main objective of a VPN firewall is only to allow legitimate and authorised traffic access to the VPN, i.e., only those with permissions and correct setup should be able to access work servers while working remotely.
Ultimately, they provide the layer of protection needed to secure your network from cybercriminals accessing your systems remotely.
Reasons why you need firewalls
Most operating systems today come with built-in firewalls. However, the SonicWall VPN firewall appliances add a layer of security to all systems and are flawless in their design and installation. They can detect even the smallest and inconspicuous of threats, providing you with peace of mind that your networks and servers have the highest levels of security installed.
Hardware VPN firewalls can also be connected to large scale virtual private networks to prevent any range of cyber-attacks. Providing maximum protection, the hardware is also quick and easy to install and used to protect larger systems and servers.
The VPN element is what builds the connection offering wireless connectivity without compromising on privacy.
For businesses, this means employees can log in from their personal PC or device through a VPN while remaining connected to a public network. All data received, sent, etc., will then work precisely as if the person were connected to your private network within the office.
Acting as a barrier between your systems and potential hackers, firewalls are extremely important when using wireless networks. Helping to reduce the chance of an attack happening and deadly viruses seeping into your systems.
Configuring VPN with your firewall
Fortunately, configuring a VPN with a firewall appliance is relatively straightforward. It does become a little more complicated when network administrators want VPN connections to be filtered through firewalls, routers, or proxy servers; however, placement of the VPN server is key.
Installation of firewall VPNs can occur either at the front or the back of the VPN server itself.
For example, placing the server behind the firewall, filters are required for configuration as these filters will allow you to set up specific pockets, which will then be allowed to pass through the firewall. This is the most common configuration method, especially when working with database servers, as it adjusts itself as part of your network's existing security infrastructure easily. Note that when servers are placed behind the firewall, you may receive connection requests from remote servers and individual VPN clients. In these cases, you must have the resources to accept incoming traffic through a specific port.
If the installation is at the front, the firewalls are configured only to allow tunnel data to pass through its internet interface. This method can offer increased security as only traffic that has been passed through the firewall will carry on through the VPN. However, it's important to note that the traffic that flows between the VPN server and the firewall with a front installation is not encrypted.
Monitoring all incoming and outgoing traffic, SonicWall firewalls create a barrier/wall between your networks and information trying to come back and forth through the server.
Carefully monitoring what is received, firewalls ensure your data is protected at all times.
Protecting against viruses, harmful malware, and other types of cyber threats and attacks, ensuring that your firewalls are installed and up and running is the first step; installing a VPN appliance to work alongside this is certainly the second!
VPN SonicWall and SonicWall firewalls are robust, offer easy installation and application, and increase security levels for remote workers required to access onsite systems and servers.
To find out more, visit our Sonicwall-Sales website or call 0330 1340 230.
Read the next article: A boost to digital transformation
Layered Cybersecurity: A Tactical Guide
The notion of layered security isn’t new. But with companies needing to mobilize for the new business normal amid threats that are increasingly sophisticated, more varied and more frequent, layered cybersecurity has never been more relevant.
The idea behind layered cybersecurity is simple: The more obstacles you place in front of an attacker, the better your chances are to identify and stop the attack before your network, data or business are compromised.
While many organizations understand the basics of layered security, our new hyper-distributed IT reality—where everyone is remote, everyone is mobile, and everyone is less secure—requires us to revisit and refine this best practice.
To help, SonicWall has prepared a layered approach to meet the needs of your boundless workforce while keeping your business objectives a priority.
While there are different schools of thought on which layers are the most important (e.g., logical, most critical, easiest to implement, etc.) this guide offers a top-down look at the vulnerabilities you should mitigate first.
It should also be stated that a modern layered security strategy should be grounded and managed in a unified, harmonized and un-siloed environment.
LAYER 1 Security Awareness
LAYER 2 Strong Authentication
LAYER 3
Email Security
LAYER 4
Mobile & Remote
Access Security
LAYER 5
Wireless Security
LAYER 6 Endpoint Protection
LAYER 7
SSL/TLS Decryption
& Inspection
LAYER 8 Real-Time Sandboxing
LAYER 9
Advanced Memory &
Side-Channel Inspection
LAYER 10 Real-Time Security for Cloud Apps & Services
LAYER 11
Next-Generation Firewalls
Read the full details at https://www.sonicwall.com/medialibrary/en/ebook/la...
Don't forget cybersecurity during the holidays
ith bargains, online sales, and time to sit and browse the internet, online scams and breaches to cybersecurity increase two-fold during the holiday season.
Cybercriminals use this time to take full advantage of people operating online, with SonicWall Capture Labs recording an increase in the number of cyber-attacks taking place during the holidays, increasing both ransomware and malware over the years.
Unfortunately, in September 2020, the malware had its biggest increase of the year. Worse still, ransomware increased by 40%!
This can also be a problem for businesses, as people often use the same device to shop online as they do to connect to their employer's networks and servers.
Now is the time we all must keep our guard high!
Cybersecurity during holidays
We can all fall victim to visiting a dodgy website on the hunt for a bargain or click on an untoward phishing email because it looks very similar to an order you have placed.
Some of the most important signs and things to look out for include:
False order confirmation emails
How many purchases have you made over the past few weeks? Would you really question an email confirming yet another purchase? These particular emails are clever because firstly, you open it because you can't remember ordering anything, and secondly, cleverly, the email doesn't give too much away, so you click on the link to find out more.
Unfortunately, these emails are phishing emails controlled by a hacker. As soon as you hand your email and password over, they have all the information they need.
How to spot a bogus email?
Check out the URL. Are there letters missing in the company name? Does it have a lock symbol on the left-hand side of the address bar?
Taking advantage of public wi-fi
We would never advise you to purchase items online using public wi-fi. This is because you can never be 100% sure that the connection you are using is secure. Even with password and login details, middleman attacks work by exploiting flaws in the network, intercepting traffic, and stealing your details.
If you do want to shop online when you're out and about, using your mobile data can offer you a little further protection and make it harder to tamper with.
Keep all your devices updated
Installing the latest software updates is crucial. That and also ensuring that your firewall is enabled. These updates and barriers of a defence often contain important security updates, providing you with the latest protection against security threats.
Setting your device for automatic updates can help save time and potential security issues.
Installing the SonicWall firewall can help filter all incoming and outgoing traffic, ensuring only safe and secure data is transferred.
Bogus instant messaging
Receiving an instant message with a great offer that can't be missed when you least expect it is probably a warning sign that something might be wrong. Scammers can hijack instant messaging accounts by phishing and sending malicious malware. Clicking on any links in the message can cause your device to download a file containing malware.
Make sure to view all links with caution, and remember, if it seems too good to be true, then it probably is.
Carefully choose where you shop
If you don't know them, can you really trust them? This is why it's important to do your research. Find out about the company, ask around, has anyone you know used them before, bought from them, dealt with them, etc.
To help stay on the side of caution, use a credit card that ensures all online purchases.
Use strong passwords
Strong passwords and changing these regularly is vital in securing your device, your email accounts, and other accounts you use for online shopping.
It's also essential that you don't use the same password across multiple accounts. Using a password manager will help you use different passwords for different accounts and remember them for you, so you don't have to. The only password to remember is the password to the application manager itself!
Don't give them all your information
Handing over your mother's maiden name, or the make and model of your very first car just to buy something, should set alarm bells ringing. Details such as your name, address, and your payment details, will be required; however, anything else usually won't be needed.
Holiday shopping in 2020 and beyond
This year, the trend will most definitely see a shift to online shopping, avoiding the crowds, supporting those who are self-isolating, and more.
It's estimated that approximately 66% of people will make more purchases online in the coming months than ever before.
Installing the correct firewalls and security software and taking heed of the points mentioned above can all help keep you and your information safe online.
To find out more about SonicWall firewall, call 0330 1340 230
Read next blog: What is a VPN firewall, and how does it protect your networks?
Reference video: KnowBe4
Could your SonicWall Firewall do with an upgrade?
The cyber-world moves incredibly fast, so fast that it is extremely difficult not only for businesses to keep up but also for the software and firewall systems they employ to still be 100% effective.
Those in the cyber industry and technology arena work tirelessly to adapt, innovate, and evolve software and equipment quickly and efficiently to help mitigate all advanced cyberattacks. Stopping them in their tracks, capturing them, and putting a stop to them once and for all.
Today, in light of more and more people working from home or working remotely from wherever they are in the world, it has never been so important for organisations to defend their networks, systems, data, information, applications, and more.
Protecting everything that can cost them dearly from the most malicious cyber-attacks around.
Protecting businesses now
To help keep your business protected, most organisations will install firewall applications. Applications that are both the most cost-effective and the most recent to be launched to market. Coupling these with security services that also offer real-time detection.
Now, SonicWall is looking to take this one step further by offering a `3 & Free` promotion.
What does this mean to you?
You can now upgrade your old firewall to the new firewall from SonicWall, including NSa 2650, SOHO 250, or TZ350 – the choice is yours.
Not only is it simple and straightforward to do when you do choose to upgrade, but you will also have the next-generation firewall technology available for your use too. Furthermore, SonicWall is also offering its renowned SonicWall Capture ATP (Advanced Threat Protection) Service. A multi-engine, cloud-based sandboxing platform that prevents cyberattacks, stopping them in their tracks and preventing them from negatively affecting your business operations.
`3 & Free` SonicWall promotion – it’s all in the detail
Ultimately, we like to think of it as an easy and competitively priced way to upgrade your firewalls to the next-generation firewall, (the latest SonicWall firewall on the market), all for free!
With the upgrade helping to protect:
- Your brand
- Your customers
- Your data
As well as providing protection against:
- Advanced threats and attacks
- Encrypted threats
All through filtering out dangerous content and offering around the clock support.
The NSa 2650, SOHO 250, or TZ350 will be available for all eligible customers when purchasing an appliance bundle that includes the SonicWall Advanced Gateway Security Suite three-year subscription package. (All which can be accessed via your authorised SonicWall reseller).
This particular security package offers you everything you need and more to keep your computers, networks, and systems completely protected.
Protecting against all modern cyber-attacks such as advanced malware, encrypted threats, ransomware, spyware, viruses, zero-day exploits, and more.
Your complete package will also include features such as:
- Gateway anti-spyware and anti-virus
- Application control
- Capture Advanced Threat Protection Sandbox
- Intrusion Prevention Service, and
- Content Filtering Service.
Of course, one of the most important and beneficial features that our customers find useful is 24-hour support, seven days a week, 365 days a year!
This is an exclusive security subscription offer from SonicWall-Sales that we would also like to enhance by offering the SonicWall Real-Time Deep Memory Inspection (RTDMI).
This is an innovative, patent-pending technology that enables Capture Advanced Threat Protection to not only pick up but to block any piece of malware that hides weaponry via encryption or does not show any malevolent behaviour.
Ideally, this piece of the security puzzle helps to protect your company from zero-day attacks, malicious or corrupt Microsoft Office files, and damaging PDFs.
Upgrade your SonicWall Firewall today
If you’re ready to upgrade now, great! SonicWall’s `3 & Free` promotion is ready and waiting to be taken advantage of, providing all eligible customers with the latest and the best SonicWall next-generation firewall systems…all for free!
To find out more and to get started, call us on 0330 1340 230 or drop us an email with your details and specifications, and we’ll be happy to help.
Read the next article: Don't forget cybersecurity during the holidays
Why upgrade to a SonicWall Gen 7 TZ Series firewall
10 REASONS TO UPGRADE
- 1. Multi-gigabit support in desktop form factor, fiber interface and high port density
- Benefit: Organizations that require increased throughput to support bandwidth-intensive applications and data transfer need multi-gigabit ports. Multi-gig firewalls work seamlessly with SonicWave APs and SonicWall Switches to deliver end-to-end multi-gigabit performance. In addition, having greater number of ports allows organizations to connect more devices directly to the firewall.
- Difference: The TZ470/570/670 series next-generation firewalls are the first desktop form factor to bring multigigabit (2.5/5/10G) interfaces or fiber (SFP+, SFP) interfaces, while the rest support only gigabit interfaces. Gen 7 TZs supports a minimum of 8 ports while Gen 6 supports 5.
- 2. Superior hardware upgrades with expandable storage and redundant power supply
- Benefit: Gen 7 TZs come an expandable storage that enables various features including logging, reporting, caching, firmware backup and more. Secondary power supply is available for redundancy in case of failure, providing business continuity.
- Difference: TZ570/670 series come with an expandable storage slot on the bottom of the device that provides the ability to expand up to 256GB, while Gen 6 does not. TZ670 comes preloaded with 32GB expandable storage and TZ570/670 series firewalls support two AC power supplies for redundancy. The optional redundant power supply is available for purchase, while other models excluding the TZ570/670 series, support just one power supply.
- 3. Groundbreaking firewall inspection, DPI performance and IPSec VPN performance
- Benefit: With increased network bandwidth requirements from IT trends such as apps, HD video streaming and social media, faster firewall inspection, DPI and IPSec VPN performance provides a secure network without performance degradation. Having a faster firewall performance provides organizations with a greater capacity to utilize higher internet speeds and support more concurrent and remote users.
- Difference: Gen 7 TZs offer up to 4 times firewall, DPI and IPSec VPN performance over Gen 6 firewalls.
- 4. Scale higher with increased connection count (per second, SPI, DPI, DPI-SSL)
- Benefit: Having a higher number of concurrent connections provides greater scalability by enabling more simultaneous user sessions to be active and tracked by the firewall.
- Difference: Gen 7 TZs offer up to 15 times maximum connections over Gen 6 firewalls.
- 5. More single sign-on (SSO) users
- Benefit: The single sign-on feature improves employee productivity and reduces IT support costs by enabling users to gain access to connected systems with a single ID and password.
- Difference: Gen 7 firewalls allows up to 5 times more SSO users than Gen 6 series to benefit from the use of single sign-on.
- 6. Increased VPN connectivity
- Benefit: For organizations with remote and branch locations such as Retail POS businesses, the ability to create a larger number of site-to-site VPN tunnels to connect distributed networks together and securely share data is essential.
- Difference: Gen 7 offers up to 8 times more site-to-site VPN tunnels than Gen 6 firewalls.
- 7. High VLAN interfaces
- Benefit: VLANs support the logical grouping of network devices, reduce broadcast traffic and allow more control when implementing security policies. It provides logical separation of devices on the same network. High VLAN interfaces signify better segmentation and performance for organizations.
- Difference: Gen 7 TZ series offers up to 5 times more VLAN interfaces than Gen 6 TZ series.
- 8. 802.11ac Wave 2 technology with increase in max number of access points supported
- Benefit: The latest 802.11ac Wave 2 technology enhances WiFi user experience by supporting MU-MIMO technology. Integrated WiFi option enables organizations to extend their wireless network farther without purchasing additional hardware. Alternatively, high number of APs supported by the firewall provide better scalability of the WiFi network.
- Difference: Gen 7 TZs with the exception of TZ670, offers integrated 802.11ac Wave 2 support while Gen 6 supports only 802.11ac Wave 1 or 802.11n technologies. Gen 7 TZs support up to 4 times more number of access points over Gen 6 series.
- 9. Brand-new SonicOS 7.0 support
- Benefit: The feature-rich SonicOS 7.0 operating system features modern UI/UX, topology view, enhanced policy, advanced security, networking and management capabilities, along with TLS 1.3 and default support for BGP routing without the need for additional license.
- Difference: SonicOS 7.0 support is available on Gen 7 series and not available on Gen 6 series. Gen 6 series require an additional expanded license to be purchased to enable BGP support while the Gen 7 include BGP support as default with every firewall purchase. Stateful HA support is available on Gen 7 TZs and not available on Gen 6 TZ series.
- 10. 5G USB Modem Support
- Benefit: USB 3.0 port could be used to plug in a 5G dongle for 5G connectivity. It is also backward compatible with 4G/LTE/3G technologies with the use of corresponding dongles.
- Difference: 5G technology support is available on Gen 7 TZ series and not available on Gen 6 TZ series.
ALL UPGRADE MODELS: https://www.sonicwall-sales.comsecure-upgrade-plu...
Managing a centralised and scalable firewall platform
It's great when companies plan their growth and look to scale their operations due to continued increases in sales and revenues.
However, with this growth comes a requirement to increase the speed at which IT security and, in particular, firewalls need deploying.
Protecting your systems and networks is vital, and firewalls act as the perfect barrier to prevent such cyber-attacks from slipping through the net.
As your business, networks, and systems grow, you need to have robust measures in place to manage these firewall operations, allowing you to respond to risks and continued daily challenges.
Some of the main reasons why companies move from managing individual firewalls to managing a more centralised system (such as the SonicWall NSM) include:
- IT teams are overwhelmed with the management of fragmented firewall silos.
- Inconsistent firewall policies are causing various security vulnerabilities.
- Due to the fragmented approach, IT teams aren't able to respond to threats promptly.
- Internal security audits have identified potential gaps that need attention.
To help, SonicWall is on hand!
The latest Network Security Manager (NSM) is primarily designed for the cloud and offers a multi-tenant centralised firewall system that puts you in control.
You can now take command of firewalls across your network, managing and seeing instantly risks coming your way.
Easy to use, the NSM allows you to centrally orchestrate your firewall management and reduce the chances of human error and policy misconfigurations.
The system is also much more intuitive and visually pleasing, with menus, navigation, and workflows all simplified, organised, and above all, streamlined.
Now, with NSM, you and your IT teams are more effective, aware, and in control.
Security control
With NSM, companies will be in a position to scale on demand. Using its more effective visibility, tenant-level manageability, and group-based device control, those utilising NSM will be in a position to deploy and manage unlimited firewall devices, removing firewall silos altogether.
The platform also allows you to create consistency in your approach to IT security and cyber threats.
Developing synchronised policies across all cloud environments.
And of course, operating on the cloud means you can achieve all of this from anywhere using any browser-enabled device.
Effectiveness guaranteed
With NSM, you have the tools to work smarter. To have the time to think, plan, and implement faster without taking up too much of your time or effort.
You can now automate workflow processes to help simplify processes and tasks, allowing your security operations to run smoothly without you manually instructing systems, carrying out all of these activities from one unified device table.
These automated processes include:
- Tracking all firewalls under your management from one single view.
- Synchronising firewalls, keeping them all in line.
- Upgrading all firewalls simultaneously and carrying out audits and backup configurations as and when required.
- Scheduling reports for management.
- Onboarding and operationalising as many firewalls as required, through zero-touch deployment.
- Implementing changes to configuration easier and more intuitively. And,
- Automating firewall operations such as performing system health checks and audit configurations, etc., through the REST API service available.
Increase Awareness
The NSM's intuitive dashboard boasts real-time monitoring that provides you with the best and most comprehensive reporting and analytical data around.
This level of detail and one glance view allows security operators to troubleshoot problems instantly, investigate potential risks, and take smart, effective security actions as outlined in policies and procedures.
The dashboard should help decision-making, planning, and be used in the development of cyber policies. Providing a company-wide view of all current activities and potential threats, companies can now have a more detailed understanding of whether their internal security requirements can be met or if more needs to be done.
Having this level of awareness relating to your company's security infrastructure is vital.
More reasons to opt for SonicWall's NSM
- With its cloud-native SaaS offering, it can help lower TCO.
- There's no maintenance schedule to adhere to
- No configurations or upgrades are required.
- No downtime (a big benefit to business)
- And no depreciation or retirement costs.
Instead, through a cost-effective yearly subscription, you can simplify your management workflows and increase your overall efficiency.
Scalable to support various business environments, you can have one firewall or a hundred, as setting up network infrastructures and multiple device groups have never been easier to deploy and manage.
You are in complete control.
From the templates, you apply to the consistent security measures you enforce.
To find out more, check us out online or call us on 0330 1340 230; we'd be happy to help!
SonicWall Sweeps Six Industry Awards, Including Grand Trophy, at Network Product Guide 2020 IT World Awards
On the heels of a banner year, marked by the introduction of the Boundless Cybersecurity model and an unprecedented number of new product launches, SonicWall is pleased to announce it has won six prestigious awards in the 15th annual Network Product Guide’s 2020 IT World Awards event:
- SonicWall GRAND TROPHY WINNER
- Enterprise Network Firewalls: GOLD WINNER, NSsp 15700
- Firewalls: SILVER WINNER, TZ570/TZ670
- Information Security and Risk Management: BRONZE WINNER, SonicWall Network Security Manager
- Security Hardware: GOLD WINNER, SonicWall Capture Security appliance 1000
- Unified or Integrated Security: GOLD WINNER, SonicOSX 7
Based on its demonstration of overall excellence in a range of categories, as well as the quality of its entry submissions and content, SonicWall was awarded the coveted Grand Trophy distinction. This excellence was reflected in the latest SonicWall releases, from SonicOSX7 and the growing lineup of firewalls running it, to improvements in Network Security Manager (NSM) and the introduction of our brand-new Capture Security appliance (CSa) technology.
SonicOSX 7 took home the gold for its revolutionary architecture, which was designed to enable the latest features necessary for modern enterprises. These include Unified Policy, which combines Layer Three through Seven rules into a single rule base for an easier and more intuitive configuration, along with support for a true multi-instance architecture, which allows customers to provide tenants with dedicated resources to enable support for unique configurations and software versions.
The introduction of true multi-instance architecture is essential for our high-end Next-Generation Firewall (NGFW) line and helps distinguish it in the enterprise firewall market. This capability, as well as its comparative price/performance, port density and the availability of 100GbE ports are just some of the features that propelled the NSsp 15700 to the top, earning it a Gold award in Enterprise Network Firewalls category.
Our November product launch introduced a full Gen 7 TZ Series refresh — but only the TZ570 and TZ670 were ready to be judged by the submission deadline. With only two models in the line, the Gen 7 TZ line still won a Silver award for Firewalls.
(It’s worth noting that the NSa 2700 NGFW was also part of the November launch, and was released after the window for review. As the natural successor to the NSa 2650 — which was named “Best UTM†in early 2020 by SC Awards Magazine — we expect the NSa 2700 to start winning similar awards in the future.)
To complement our firewalls and help maintain compliance for those who can’t use Capture Advanced Threat Prevention (Capture ATP) for unknown malware detection, we created CSa 1000, which uses the memory-based RTDMI engine and features an improved UI. Network Products Guide was able to review the benefits that the on-premise CSa 1000 brings to compliance-sensitive customers that need advanced threat detection technology, and they proudly awarded it the gold medal for security hardware.
As SonicWall introduced greater and stronger capabilities and a growing number of security options, our customers began requesting a way to improve firewall management across even the largest and most distributed enterprises. The SonicWall NSM 2.0 SaaS was designed to better control, manage and monitor tens of thousands of network security devices — including firewalls, managed switches and secure wireless access points — from anywhere via a simple cloud interface. Network Product Guide recognized SonicWall’s ability to effectively manage this ecosystem by awarding it the Bronze award for Information Security and Risk Management.
If you would like to talk with our team about these solution sets and how they can work together to build a better security ecosystem for you, email our team. In the meantime, if you’d like to see how SonicWall solutions are used in real life, I recommend reading our solution brief, “Securing Smart Cities Over Distributed Networks.â€
Cybersecurity during a pandemic
Unfortunately, just because the world is in the midst of a pandemic does not mean that cyber-attacks cease.
On the contrary.
We typically find an increase in the volume of cyber-attacks as they use vulnerability and fear to their advantage.
Cybersecurity during COVID 19 has seen business across all industries, tested. With reports of significant increases in malicious activity volume, exploiting the pandemic, and using uncertainty as a driver for a cyber-attack opportunity.
Phishing attacks are currently the most common cyber threats businesses, and individuals face. These and official-looking, specially designed apps that promote virus tracking maps, where once users click on these apps and data, their computers and phones are instantly infected with malicious software.
Plus, with more and more people now working from home than ever before, and potentially using their own devices and personal systems; the level of protection and security setup may not be as high as what endpoints at work are.
With an increase in the scope and severity of cyber-attacks since March and a marked increase in remote desktop protocol exploitation, we need to continue to educate ourselves and our teams about the reality of cyber threats, what to look out for, and how to stay safe online.
So, now that we have everyone paranoid about downloading malicious content onto their smartphones or computers, below we've highlighted in our cybersecurity guide some best practice security tips to help keep your networks and systems safe.
Keeping security high while working through a new `normal`
Top tips to stop a cyber-attack from reaching your systems:
Be wary of unknown or unexpected emails – even if the email looks as if it has come from a friend, make sure to check these emails out, looking specifically at their email address to make sure they haven't been spoofed!
Verify the email address – check out the sender's email address – may be the start of the email address looks official, but how does it end? Aol.com? Or maybe there's a slight spelling mistake in there somewhere to throw you off the scent. Get ready to do some proofreading!
Ransomware attacks are luring people using COVID 19 – these must be stopped by using firewall software like SonicWall firewall systems and backing up your data regularly.
Never open an unknown attachment – this is one of the first rules we all have drummed into us when using emails. Opening malicious PDF files is one of the most common forms of cyber-attacks used against businesses. Make sure to always know where your attachments are coming from and never open an attachment from an unknown sender.
Tread with caution when an email states it requires urgent attention – beware of the emails where you need to click on a link because new details have come to light regarding COVID, or where you have to subscribe with your personal details just to receive an announcement. These types of emails should all set alarm bells ringing that this is a potential scam!
Be wary of embedded links – always use official websites and navigate to the page from here rather than clicking the link embedded in the email.
Be careful of the increase in distributed denial of service (DDOS) attacks as more users try to access remote systems simultaneously. To help, companies should look to increase bandwidth allocations, disable any unused services, and discourage the streaming of videos and music, etc.
Only use your work laptop to access work and your company's network and systems. Using only the approved, secure remote access connection that has been provided.
Don't disable security features such as anti-malware or, indeed, your firewalls! And ensure all passwords and credentials are secure, and please don't reuse the same password across multiple accounts.
Signs you have fallen victim to a cyber-attack
There are a few signs that may indicate if your computer has fallen foul of a cyber-attack. If you feel any of the below applies to you, we'd advise you to speak with your IT team as soon as possible.
- Pop up windows have now started to appear
- Your browser's homepage has changed
- Your computer slows down
- Anti-virus software has become disabled
- Your system and applications start behaving strangely
- Unknown programmes start running on your system automatically.
Working in the new `normal`
There is no best way of operating cybersecurity in these times, as every company is different and, of course, every company will have individual approaches to their security procedures.
What we would suggest as minimum requirements are:
- Carry out regular system backups and perform complete system backups more often.
- Ensure that all work-related business is carried out through a VPN.
- Enable automatic updates across all of your systems and networks where possible.
- Enable the SonicWall firewall and configure the firewall with unique passwords.
- Turn off WPS and UPnP and turn on WPA2 or WP3.
With the increase in data-driven technologies and the increase in attacks due to potentially reduced IT staffing or the use of insecure networks, maintaining and monitoring your IT security systems and software has never been so important.
Implementing and deploying the right software such as firewalls, anti-virus, anti-malware, spyware, and more help keep your business and teams operating in the safest way possible.
Keeping on top of encryption and patch maintenance and circulating policy controls, and safeguarding company information and data is what SonicWall systems and software do best.
To understand more how we can help support your online security through these times, call us on 0330 1340 230; we'd be happy to help.
Read next post: Managing a centralised and scalable firewall platform
Reference video: UNSW Business School
SonicWall Announce New Gen7 TZ270, TZ370 & TZ470 Series
The latest SonicWall TZ series, are the first desktop form factor next generation firewalls (NGFW) with 10 or 5 Gigabit Ethernet interfaces. The series consist of a wide range of products to suit a variety of use cases.
Designed for small, mid-sized organizations and distributed enterprise with SD-Branch locations, the 7th generation (Gen 7) TZ series delivers industry-validated security effectiveness with best-in-class price performance. These NGFWs address the growing trends in web encryption, connected devices and high-speed mobility by delivering a solution that meets the need for automated, realtime breach detection and prevention.
New full Gen7 firewall range datasheet: SonicWall TZ270 TZ370 TZ470 TZ570 TZ670 Gen7 TZ Series Datasheet
Popular SonicWall Firewall Configurations
This article lists all the popular SonicWall configurations that are common in most firewall deployments.
- Configuring LAN Interface
- Configuring the WAN (X1) connection
- Configuring other interfaces (X2, X3 or DMZ etc)
- Port forwarding to a server behind SONICWALL
- Configuring remote VPN connections (GroupVPN, GVC, SSL-VPN, L2TP, etc.)
- Site to Site VPN and Route Based VPN configuration
- Configuring Wireless
- Connect via Console
- Resetting the SonicWall and Uploading firmware
- Enabling SonicWall Security Services (Content Filter, IPS, GAV, etc.)
- Configuring user authentication
- Configuring High Availability
- Installing GMS/Analyzer
RESOLUTION:
Configuring LAN Interface
Configuring SonicWall DHCP server settings
Configuring the WAN (X1) Interface
- How to configure the WAN / X1 Interface with PPPoE Connection?
- How to configure the WAN / X1 Interface with Dynamic / DHCP IP address?
- How to configure the WAN / X1 Interface with Static IP address?
- How to configure the WAN / X1 Interface with L2TP Connection ?
- How to configure the WAN / X1 Interface with PPTP Connection?
- How to change the MTU size?
- WWAN/3G/4G Mode
Configuring other interfaces (X2, X3 or DMZ etc)
- Configuring the DMZ / OPT Interface in NAT Mode
- How to Configure an interface as Secondary WAN port in SonicOS
- Configuring VLAN's with the SonicWall appliances with Cisco L2 Switch
Upgrading to latest Firmware
- Procedure to upgrade the SonicWall firmware Image with Current Preferences
- Registering the SonicWall UTM Appliance with MySonicWall.com
- How to download the latest SonicOS Firmware Version?
Port forwarding to a server behind SonicWall
- How to Enable Port Forwarding and Allow Access to a Server Through the SonicWall
- How to Open ports on the Firewall using the Configuration Wizard
- How to Enable Port Forwarding and Allow Access to a Server Through the SonicWall via the CLI
Configuring remote VPN connections. (GroupVPN, GVC, SSL-VPN, L2TP, etc.)
- How to Configure WAN GroupVPN to connect using Global VPN Client?
- How to setup SSL-VPN feature (NetExtender Access)
- How to create Bookmarks for specific users for the SSL VPN service
- Configuring L2TP Server
- How to configure the WAN / X1 Interface with L2TP Connection?
Site to Site VPN and Route Based VPN configuration
- Configuring a Site to Site VPN Policy using Main Mode (Static IP address on both sites)
- Configuring Site to Site VPN when a Site has Dynamic WAN IP address (Aggressive Mode)
- How to configure numbered Tunnel Interface VPN (Route-Based VPN)
- How to configure NAT over VPN in a site to site VPN with overlapping networks
Configuring Wireless
- How to configure WGS (Wireless Guest Services) in SonicWall TZ devices with built-in Wireless
- How to configure WEP Encryption in SonicWall TZ devices with built-in Wireless?
- How to configure WPA Encryption in SonicWall TZ devices with built-in Wireless?
- With SonicPoints
- How to manage SonicPoint Access Points and upgrade SonicPoint firmware
- How to configure Wireless with SonicPoint using WPA encryption
- How to configure Wireless with SonicPoint using WEP encryptionVirtual Access Points (VAP)
- Configuring a Virtual Access Point (VAP) Profile for Wireless Corporate Users using SonicPoints
Diagnostic tools
Resetting the SonicWall, Diagnostic Files and Uploading firmware
- How To Put the SonicWall into Safe Mode
- How to Upgrade SonicOS Firmware
- Understanding and resolving preferences corruption after an attempted "downgrade" of firmware
- Can Settings be Exported/Imported from one SonicWall to Another? (Support Matrix)
Enabling SonicWall Security Services (Content Filter, IPS, GAV, etc.) and configuring user authentication
CFS:
- Using custom Content Filter policies to block Internet access to a specific group (CFS + ULA + local groups)
- Integration of LDAP and multiple/Custom CFS policies for different user groups (ULA + CFS + LDAP)
- Using Multiple Custom content Filter policies with LDAP and SSO to restrict Internet access (CFS + LDAP + SSO)
- Upgrade from CFS 3.0 App Rules Mode to CFS 4.0
- Upgrade from CFS 3.0 Zones and Users Mode to CFS 4.0
- Content Filtering Service (CFS) 4.0 Overview - SonicOS 6.2.6 and above
GAV/IPS/ASW
Capture ATP
Application Firewall:
RBL
Geo-IP:
Configuring user authentication
- How to configure IAS RADIUS Authentication
- Integration of LDAP and multiple/Custom CFS policies for different user groups - ULA + CFS + LDAP
- Configuring Single Sign-On
Configuring High Availability
- How to Configure High Availability (HA)
- Stateful and Non-Stateful High Availability Prerequisites
- Tips for High Availability (HA) setup
Installing GMS/Analyzer
- How to Backup/restore the configuration and data from Analyzer (Windows)
- How do I install a fresh instance of Analyzer?
- How to install GMS/Analyzer Software on a Windows System
Original article: https://www.sonicwall.com/support/knowledge-base/popular-sonicwall-firewall-configurations/170503358114735/