Latest News

It's great when companies plan their growth and look to scale their operations due to continued increases in sales and revenues.

However, with this growth comes a requirement to increase the speed at which IT security and, in particular, firewalls need deploying.

Protecting your systems and networks is vital, and firewalls act as the perfect barrier to prevent such cyber-attacks from slipping through the net.

As your business, networks, and systems grow, you need to have robust measures in place to manage these firewall operations, allowing you to respond to risks and continued daily challenges.

Some of the main reasons why companies move from managing individual firewalls to managing a more centralised system (such as the SonicWall NSM) include:

• IT teams are overwhelmed with the management of fragmented firewall silos.
• Inconsistent firewall policies are causing various security vulnerabilities.
• Due to the fragmented approach, IT teams aren't able to respond to threats promptly.
• Internal security audits have identified potential gaps that need attention.

To help, SonicWall is on hand!

The latest Network Security Manager (NSM) is primarily designed for the cloud and offers a multi-tenant centralised firewall system that puts you in control.

You can now take command of firewalls across your network, managing and seeing instantly risks coming your way.

Easy to use, the NSM allows you to centrally orchestrate your firewall management and reduce the chances of human error and policy misconfigurations.

The system is also much more intuitive and visually pleasing, with menus, navigation, and workflows all simplified, organised, and above all, streamlined.

Now, with NSM, you and your IT teams are more effective, aware, and in control.

Security control

With NSM, companies will be in a position to scale on demand. Using its more effective visibility, tenant-level manageability, and group-based device control, those utilising NSM will be in a position to deploy and manage unlimited firewall devices, removing firewall silos altogether.

The platform also allows you to create consistency in your approach to IT security and cyber threats.

Developing synchronised policies across all cloud environments.

And of course, operating on the cloud means you can achieve all of this from anywhere using any browser-enabled device.

Effectiveness guaranteed

With NSM, you have the tools to work smarter. To have the time to think, plan, and implement faster without taking up too much of your time or effort.

You can now automate workflow processes to help simplify processes and tasks, allowing your security operations to run smoothly without you manually instructing systems, carrying out all of these activities from one unified device table.

These automated processes include:

• Tracking all firewalls under your management from one single view.
• Synchronising firewalls, keeping them all in line.
• Upgrading all firewalls simultaneously and carrying out audits and backup configurations as and when required.
• Scheduling reports for management.
• Onboarding and operationalising as many firewalls as required, through zero-touch deployment.
• Implementing changes to configuration easier and more intuitively. And,
• Automating firewall operations such as performing system health checks and audit configurations, etc., through the REST API service available.

Increase Awareness

The NSM's intuitive dashboard boasts real-time monitoring that provides you with the best and most comprehensive reporting and analytical data around.

This level of detail and one glance view allows security operators to troubleshoot problems instantly, investigate potential risks, and take smart, effective security actions as outlined in policies and procedures.

The dashboard should help decision-making, planning, and be used in the development of cyber policies. Providing a company-wide view of all current activities and potential threats, companies can now have a more detailed understanding of whether their internal security requirements can be met or if more needs to be done.

Having this level of awareness relating to your company's security infrastructure is vital.

More reasons to opt for SonicWall's NSM

• With its cloud-native SaaS offering, it can help lower TCO.
• There's no maintenance schedule to adhere to
• No configurations or upgrades are required.
• No downtime (a big benefit to business)
• And no depreciation or retirement costs.

Instead, through a cost-effective yearly subscription, you can simplify your management workflows and increase your overall efficiency.

Scalable to support various business environments, you can have one firewall or a hundred, as setting up network infrastructures and multiple device groups have never been easier to deploy and manage.

You are in complete control.

From the templates, you apply to the consistent security measures you enforce.

To find out more, check us out online or call us on 0330 1340 230; we'd be happy to help!

On the heels of a banner year, marked by the introduction of the Boundless Cybersecurity model and an unprecedented number of new product launches, SonicWall is pleased to announce it has won six prestigious awards in the 15th annual Network Product Guide’s 2020 IT World Awards event:

• SonicWall GRAND TROPHY WINNER
• Enterprise Network Firewalls: GOLD WINNER, NSsp 15700
• Firewalls: SILVER WINNER, TZ570/TZ670
• Information Security and Risk Management: BRONZE WINNER, SonicWall Network Security Manager
• Security Hardware: GOLD WINNER, SonicWall Capture Security appliance 1000
• Unified or Integrated Security: GOLD WINNER, SonicOSX 7

Based on its demonstration of overall excellence in a range of categories, as well as the quality of its entry submissions and content, SonicWall was awarded the coveted Grand Trophy distinction. This excellence was reflected in the latest SonicWall releases, from SonicOSX7 and the growing lineup of firewalls running it, to improvements in Network Security Manager (NSM) and the introduction of our brand-new Capture Security appliance (CSa) technology.

SonicOSX 7 took home the gold for its revolutionary architecture, which was designed to enable the latest features necessary for modern enterprises. These include Unified Policy, which combines Layer Three through Seven rules into a single rule base for an easier and more intuitive configuration, along with support for a true multi-instance architecture, which allows customers to provide tenants with dedicated resources to enable support for unique configurations and software versions.

The introduction of true multi-instance architecture is essential for our high-end Next-Generation Firewall (NGFW) line and helps distinguish it in the enterprise firewall market. This capability, as well as its comparative price/performance, port density and the availability of 100GbE ports are just some of the features that propelled the NSsp 15700 to the top, earning it a Gold award in Enterprise Network Firewalls category.

Our November product launch introduced a full Gen 7 TZ Series refresh — but only the TZ570 and TZ670 were ready to be judged by the submission deadline. With only two models in the line, the Gen 7 TZ line still won a Silver award for Firewalls.

(It’s worth noting that the NSa 2700 NGFW was also part of the November launch, and was released after the window for review. As the natural successor to the NSa 2650 — which was named “Best UTM” in early 2020 by SC Awards Magazine — we expect the NSa 2700 to start winning similar awards in the future.)

To complement our firewalls and help maintain compliance for those who can’t use Capture Advanced Threat Prevention (Capture ATP) for unknown malware detection, we created CSa 1000, which uses the memory-based RTDMI engine and features an improved UI. Network Products Guide was able to review the benefits that the on-premise CSa 1000 brings to compliance-sensitive customers that need advanced threat detection technology, and they proudly awarded it the gold medal for security hardware.

As SonicWall introduced greater and stronger capabilities and a growing number of security options, our customers began requesting a way to improve firewall management across even the largest and most distributed enterprises. The SonicWall NSM 2.0 SaaS was designed to better control, manage and monitor tens of thousands of network security devices — including firewalls, managed switches and secure wireless access points — from anywhere via a simple cloud interface. Network Product Guide recognized SonicWall’s ability to effectively manage this ecosystem by awarding it the Bronze award for Information Security and Risk Management.

If you would like to talk with our team about these solution sets and how they can work together to build a better security ecosystem for you, email our team. In the meantime, if you’d like to see how SonicWall solutions are used in real life, I recommend reading our solution brief, “Securing Smart Cities Over Distributed Networks.”

Unfortunately, just because the world is in the midst of a pandemic does not mean that cyber-attacks cease.

On the contrary.

We typically find an increase in the volume of cyber-attacks as they use vulnerability and fear to their advantage.

Cybersecurity during COVID 19 has seen business across all industries, tested. With reports of significant increases in malicious activity volume, exploiting the pandemic, and using uncertainty as a driver for a cyber-attack opportunity.

Phishing attacks are currently the most common cyber threats businesses, and individuals face. These and official-looking, specially designed apps that promote virus tracking maps, where once users click on these apps and data, their computers and phones are instantly infected with malicious software.

Plus, with more and more people now working from home than ever before, and potentially using their own devices and personal systems; the level of protection and security setup may not be as high as what endpoints at work are.

With an increase in the scope and severity of cyber-attacks since March and a marked increase in remote desktop protocol exploitation, we need to continue to educate ourselves and our teams about the reality of cyber threats, what to look out for, and how to stay safe online.

So, now that we have everyone paranoid about downloading malicious content onto their smartphones or computers, below we've highlighted in our cybersecurity guide some best practice security tips to help keep your networks and systems safe.

Keeping security high while working through a new `normal`

Top tips to stop a cyber-attack from reaching your systems:

Be wary of unknown or unexpected emails – even if the email looks as if it has come from a friend, make sure to check these emails out, looking specifically at their email address to make sure they haven't been spoofed!

Verify the email address – check out the sender's email address – may be the start of the email address looks official, but how does it end? Aol.com? Or maybe there's a slight spelling mistake in there somewhere to throw you off the scent. Get ready to do some proofreading!

Ransomware attacks are luring people using COVID 19 – these must be stopped by using firewall software like SonicWall firewall systems and backing up your data regularly.

Never open an unknown attachment – this is one of the first rules we all have drummed into us when using emails. Opening malicious PDF files is one of the most common forms of cyber-attacks used against businesses. Make sure to always know where your attachments are coming from and never open an attachment from an unknown sender.

Tread with caution when an email states it requires urgent attention – beware of the emails where you need to click on a link because new details have come to light regarding COVID, or where you have to subscribe with your personal details just to receive an announcement. These types of emails should all set alarm bells ringing that this is a potential scam!

Be wary of embedded links – always use official websites and navigate to the page from here rather than clicking the link embedded in the email.

Be careful of the increase in distributed denial of service (DDOS) attacks as more users try to access remote systems simultaneously. To help, companies should look to increase bandwidth allocations, disable any unused services, and discourage the streaming of videos and music, etc.

Only use your work laptop to access work and your company's network and systems. Using only the approved, secure remote access connection that has been provided.

Don't disable security features such as anti-malware or, indeed, your firewalls! And ensure all passwords and credentials are secure, and please don't reuse the same password across multiple accounts.

Signs you have fallen victim to a cyber-attack

There are a few signs that may indicate if your computer has fallen foul of a cyber-attack. If you feel any of the below applies to you, we'd advise you to speak with your IT team as soon as possible.

• Pop up windows have now started to appear
• Your browser's homepage has changed
• Your computer slows down
• Anti-virus software has become disabled
• Your system and applications start behaving strangely
• Unknown programmes start running on your system automatically.

Working in the new `normal`

There is no best way of operating cybersecurity in these times, as every company is different and, of course, every company will have individual approaches to their security procedures.

What we would suggest as minimum requirements are:

• Carry out regular system backups and perform complete system backups more often.
• Ensure that all work-related business is carried out through a VPN.
• Enable automatic updates across all of your systems and networks where possible.
• Enable the SonicWall firewall and configure the firewall with unique passwords.
• Turn off WPS and UPnP and turn on WPA2 or WP3.

With the increase in data-driven technologies and the increase in attacks due to potentially reduced IT staffing or the use of insecure networks, maintaining and monitoring your IT security systems and software has never been so important.

Implementing and deploying the right software such as firewalls, anti-virus, anti-malware, spyware, and more help keep your business and teams operating in the safest way possible.

Keeping on top of encryption and patch maintenance and circulating policy controls, and safeguarding company information and data is what SonicWall systems and software do best.

To understand more how we can help support your online security through these times, call us on 0330 1340 230; we'd be happy to help.

Read next post: Managing a centralised and scalable firewall platform

Reference video: UNSW Business School

The latest SonicWall TZ series, are the first desktop form factor next generation firewalls (NGFW) with 10 or 5 Gigabit Ethernet interfaces. The series consist of a wide range of products to suit a variety of use cases.

Designed for small, mid-sized organizations and distributed enterprise with SD-Branch locations, the 7th generation (Gen 7) TZ series delivers industry-validated security effectiveness with best-in-class price performance. These NGFWs address the growing trends in web encryption, connected devices and high-speed mobility by delivering a solution that meets the need for automated, realtime breach detection and prevention.

New full Gen7 firewall range datasheet: SonicWall TZ270 TZ370 TZ470 TZ570 TZ670 Gen7 TZ Series Datasheet

This article lists all the popular SonicWall configurations that are common in most firewall deployments.

• Configuring LAN Interface
• Configuring the WAN (X1) connection
• Configuring other interfaces (X2, X3 or DMZ etc)
• Port forwarding to a server behind SONICWALL
• Configuring remote VPN connections (GroupVPN, GVC, SSL-VPN, L2TP, etc.)
• Site to Site VPN and Route Based VPN configuration
• Configuring Wireless
• Connect via Console
• Resetting the SonicWall and Uploading firmware
• Enabling SonicWall Security Services (Content Filter, IPS, GAV, etc.)
• Configuring user authentication
• Configuring High Availability
• Installing GMS/Analyzer

RESOLUTION:

Configuring LAN Interface

• Accessing the SonicWall Management Interface

Configuring SonicWall DHCP server settings

• Configuring the DHCP Server
• How to create a static DHCP entry

Configuring the WAN (X1) Interface

• How to configure the WAN / X1 Interface with PPPoE Connection?
• How to configure the WAN / X1 Interface with Dynamic / DHCP IP address?
• How to configure the WAN / X1 Interface with Static IP address?
• How to configure the WAN / X1 Interface with L2TP Connection ?
• How to configure the WAN / X1 Interface with PPTP Connection?
• How to change the MTU size?

• WWAN/3G/4G Mode
  • How to configure 3G/4G/dialup modems for WAN Failover

Configuring other interfaces (X2, X3 or DMZ etc)

• Configuring the DMZ / OPT Interface in NAT Mode
• How to Configure an interface as Secondary WAN port in SonicOS
• Configuring VLAN's with the SonicWall appliances with Cisco L2 Switch

Upgrading to latest Firmware

• Procedure to upgrade the SonicWall firmware Image with Current Preferences
• Registering the SonicWall UTM Appliance with MySonicWall.com
• How to download the latest SonicOS Firmware Version?

Port forwarding to a server behind SonicWall

• How to Enable Port Forwarding and Allow Access to a Server Through the SonicWall
• How to Open ports on the Firewall using the Configuration Wizard
• How to Enable Port Forwarding and Allow Access to a Server Through the SonicWall via the CLI

Configuring remote VPN connections. (GroupVPN, GVC, SSL-VPN, L2TP, etc.)

• How to Configure WAN GroupVPN to connect using Global VPN Client?
• How to setup SSL-VPN feature (NetExtender Access)
• How to create Bookmarks for specific users for the SSL VPN service
• Configuring L2TP Server
• How to configure the WAN / X1 Interface with L2TP Connection?

Site to Site VPN and Route Based VPN configuration

• Configuring a Site to Site VPN Policy using Main Mode (Static IP address on both sites)
• Configuring Site to Site VPN when a Site has Dynamic WAN IP address (Aggressive Mode)
• How to configure numbered Tunnel Interface VPN (Route-Based VPN)
• How to configure NAT over VPN in a site to site VPN with overlapping networks

Configuring Wireless

• How to configure WGS (Wireless Guest Services) in SonicWall TZ devices with built-in Wireless
• How to configure WEP Encryption in SonicWall TZ devices with built-in Wireless?
• How to configure WPA Encryption in SonicWall TZ devices with built-in Wireless?
• With SonicPoints
  • How to manage SonicPoint Access Points and upgrade SonicPoint firmware
  • How to configure Wireless with SonicPoint using WPA encryption
  • How to configure Wireless with SonicPoint using WEP encryptionVirtual Access Points (VAP)
  • Configuring a Virtual Access Point (VAP) Profile for Wireless Corporate Users using SonicPoints

Diagnostic tools

• How to use the Network Settings Check tool

Resetting the SonicWall, Diagnostic Files and Uploading firmware

• How To Put the SonicWall into Safe Mode
• How to Upgrade SonicOS Firmware
• Understanding and resolving preferences corruption after an attempted "downgrade" of firmware
• Can Settings be Exported/Imported from one SonicWall to Another? (Support Matrix)

Enabling SonicWall Security Services (Content Filter, IPS, GAV, etc.) and configuring user authentication

CFS:

• Using custom Content Filter policies to block Internet access to a specific group (CFS + ULA + local groups)
• Integration of LDAP and multiple/Custom CFS policies for different user groups (ULA + CFS + LDAP)
• Using Multiple Custom content Filter policies with LDAP and SSO to restrict Internet access (CFS + LDAP + SSO)
• Upgrade from CFS 3.0 App Rules Mode to CFS 4.0
• Upgrade from CFS 3.0 Zones and Users Mode to CFS 4.0
• Content Filtering Service (CFS) 4.0 Overview - SonicOS 6.2.6 and above

GAV/IPS/ASW

• How to enable the Security Services?

Capture ATP

• How to license and setup Capture Advance Threat Protection in SonicOS 6.2.6.x and above

Application Firewall:

• Types of App Rules (Application Firewall) Configuration

RBL

• Configuring SMTP Real-Time Black List (RBL) Filtering

Geo-IP:

• How to Configure SonicWall Geo-IP Filter using Firewall Access Rules

Configuring user authentication

• How to configure IAS RADIUS Authentication
• Integration of LDAP and multiple/Custom CFS policies for different user groups - ULA + CFS + LDAP
• Configuring Single Sign-On

Configuring High Availability

• How to Configure High Availability (HA)
• Stateful and Non-Stateful High Availability Prerequisites
• Tips for High Availability (HA) setup

Installing GMS/Analyzer

• How to Backup/restore the configuration and data from Analyzer (Windows)
• How do I install a fresh instance of Analyzer?
• How to install GMS/Analyzer Software on a Windows System

Original article: https://www.sonicwall.com/support/knowledge-base/popular-sonicwall-firewall-configurations/170503358114735/

To keep your security appliance updated against known threats you need review and update your current software and firmware. This week SonicWall announced an update to fix a potential issue with SSLVPN.

Please read the attached link and download & apply firmware as detailed.

https://www.sonicwall.com/support/product-notifica...

SonicWall have just updated the list of support SFP and SFP+ modules that work with SonicWall firewalls - including the new Gen7.

https://www.sonicwall.com/support/knowledge-base/supported-sonicwall-and-3rd-party-sfp-and-sfp-modules-that-can-be-used-with-sonicwall-firewalls/170504548236211/

Official SonicWall page for comparing the different model groups.

TZ Entry-Level Firewall Compare: https://www.sonicwall.com/tz-entry-level-firewall-series-products-compare-2/

Mid-Range Firewall Comparison: https://www.sonicwall.com/mid-range-products-compare/

What is the SonicWall ‘3 & Free’ Promotion?

The limited-time SonicWall ‘3 & Free’ promotion is the easy, cost-effective way for customers to upgrade to the very latest SonicWall next-generation firewall appliance for free.

Through Oct. 31, 2020, eligible customers may receive a complimentary NSa 2650, TZ350 or SOHO 250 appliance by purchasing a bundle that includes a three-year subscription of the SonicWall Advanced Gateway Security Suite from their authorized SonicWall SecureFirst partner.

This security suite includes everything you need to stay protected against today’s modern attacks, including advanced malware, ransomware, encrypted threats, viruses, spyware, zero-day exploits and more. This complete service includes:

• Capture Advanced Threat Protection (ATP) sandbox
• Gateway Anti-Virus and Anti-Spyware
• Intrusion Prevention Service
• Application Control
• Content Filtering Service
• 24×7 Support

SonicWall’s exclusive security subscription service also includes SonicWall Real-Time Deep Memory Inspection (RTDMI). A patent-pending technology, RTDMI™ enables Capture ATP to detect and block malware that does not exhibit any malicious behavior or hides weaponry via encryption. This protects your organization from zero-day attacks, malicious PDFs and Microsoft Office files.

https://blog.sonicwall.com/en-us/2020/10/3-and-fre...

SSL VPN license ultimately allows users who are working or operating remotely to connect to internal networks and resources safely and securely through the SonicWall.

Setup of SSL VPN is through the software solutions; SonicWall SSL VPN client, NetExtender, and the SonicWall mobile connect client.

Configuring SSL VPN on the 7.X SonicOS

For the address ranges within SSL VPN IP v4, you first need to create your address object.

An administrator will need to log in to your UI firewall management and choose object from the menu.

Look for match objects and addresses, and then click add.

A second window will appear where you can then include the identified range for SSL VPN.

You then need to configure the SSL VPN by navigating to within the server settings to network SSL VPN and opting for SSL VPN status on zones.

From here, you can change SSL VPN access by switching to enable or disable (note, green indicates an active status).

Within the SSL VPN server settings, you then have the option to select domain and SSL VPN port.

(Note: the port option will be required if you connect using the NetExtender and mobile connect methods. The domain will be necessary for the user to gain access to the networks and log in.)

From the client settings – SSL VPN Network, choose default device profile and set the SSL VPN for zone IP v4 and set the address object generated previously as the Network address IP v4.

The tab across the top of the window labelled client routes allows you to manage what levels of network access remote users can be permitted via their connection.

The last tab, client settings, allows administrators to input suffix, WINS, and DNS information and control the caching passwords, behaviour of NetExtender clients, and usernames.

Change create client connection profile to enable and save all changes.

Adding additional SSL VPN users

NetExtender users can authenticate SonicWall for local users, or if they’re listed within a known group, this can be done through LDAP.

To add local users, you need to be within local users and groups, which can be found within devices and users. You can now add new users by simply clicking add.

Moving to the tab labelled groups, click SSL VPN services, and move this across to member of, section.

Moving across to VPN access, you can now add all relevant areas that the user will need access to.

Again, make sure to click save before closing the window.

For the zones of SSL VPN, it’s important to check access rule information.

To do this you need to access, access rules by following policy – rules and policies, then choose SSL VPN – LAN rules. If a user requires access to other zones to obtain resources, this can all be managed in this area by verifying and adding additional access rules as you go.

Configuring SSL VPN for the 6.5 SonicOS

Similar to the SonicOS 7.x, administrators will need to log in to the management platform of SonicWall and within the navigation menu choose manage and then address objects.

From here, click add.

A second window will appear where you now have the option to add your range for SSL VPN.

To configure these settings, click on SSL VPN on the settings page and go to WAN, changing it from red to green to show it is now active.

Now all SSL VPN configurations will be enabled in this particular zone.

You can then set the domain and ports for SSL VPN as you require.

Move across to client settings where, as administrator, you can configure the range of client addresses and NetExtender settings.

For the default device profile, click on configure.

Here you can set the network address v4 IP as your address object from before and set the zone v4 IP as SSL VPN.

The tab labelled client routes will allow administrators to manage the level of access users have to two networks.

It’s essential to set the VPN appropriately as all users will be able to see the routes but may not necessarily be authorised to access all network resources.

In the settings, administrators should also enter all required DNS and WINS data and create client profile connections by enabling this action.

Adding additional users

To add new users, click on users and local users and groups. Within groups, click add SSL VPN services to move the field to member of.

Moving to VPN access, you can then add all the relevant IP addresses and objects identified to the users requirements, in terms of access via NetExtender.

Note: Client routes and VPN access must match for users to have authority to access network resources.

Remember to click save, to save all changes before closing.

SSL VPN zones access rule details

Within access rules, you can access SSL VPN LAN rules with drop-lists available.

Access rules allow access to intended end devices through SSL VPN IPs which are also required for the firewalls to understand that such traffic is allowed through.

You can also test all connections and configurations by installing the SonicWall NetExtender.

Two final points to note:

Remember, within the user’s section of the menu toolbar, you must add in however many users that will have login credentials. Each user then must become a member of SSL VPN services group and have to subnet added to VPN access within the allow list.

In-network interfaces make sure to click on configure on the WAN interface and tick the HTTPS box beside the user login – this helps to minimise login failed attempts occurring when users access SSL VPN via a web portal.

For further information on a SonicWall VPN licence and more call 0330 1340 230, today.

Read the next article: Best Practices for SSL VPNs

SonicWall's security appliance features SSL VPN, providing secure remote access to networks using the NetExtender client.

COVID19 has had a dramatic effect on the world. With companies changing the way they operate and work and teams are looking at different ways to communicate and access information.