Latest News

It is usually considered to be more secure to use digital certificates for the purposes of authentication rather than using the VPNs pre-shared keys. One of the methods that are commonly used to authenticate 2 peer devices while establishing an IPsec VPN tunnel is through the digital certificate. Another option is through IKE that uses pre-shared keys. Some of the features that come with IKE authentication that is certificated in the SonicWall VPN connection includes:

• A digital certificate that is provided by a third party CA such as Verisign.
• The administrator at SonicWall can create a CSR and have this signed by the CA.
• There is a need for the two parties to trust the certificate’s issuer.

This article will guide you on acquiring certificates the from Sonicwall VPN connection. This certificate signing process that we are guiding you through uses the Windows Server 2008 CA.

Creating A Certificate Signing Request

• You will need to start by logging into SonicWall’s management GUI.
• Click on System and then Certificate page.
• Navigate to New Signing Request in order to create the same CSR
• Click Generate in order to save
• Refresh that page
• Click download

How to Get A Certificate For The Wan Groupvpn Configuration

• On your browser, you will need to go to the enrollment page on Microsoft Windows. You can find it on http:///CertSrv
• You will be prompted to authenticate. You will need to enter your username as well as the password.
• You can now go to Request a certificate > Advanced certificate request
• Use the Saved Request box to copy the CSR’s content.
• Click on Certificate Template and choose Administrator. You should take note that the web server or user template can also end up chosen.
• You can enter san:email=<local-part@domain.com or san:dns=yourdomainname.com. After clicking Submit, you will go to the next page where you can now click on Download Certificate. This will make it possible for you to save the already signed certificate to the disk.

Downloading CA Certificate

• Visit the enrolment page of Microsoft Windows on http:///CertSrv
• Click on Download CA certificate
• Move to the next page and again click Download CA certificate. You can save in on your disk

You can visit SonicWall VPN connection and use the button under CSR pending request to upload the already signed certificate. In order to gain trust and to validate the already signed certificate, you can import it.

Getting Certificate for The GVC Clients

• You will need to go to http:///CertSrv. This is the certificate enrollment page for Microsoft Windows.
• You will be asked to authenticate details. You will need to enter your username as well as password of the domain user
• You can request the certificate
• Click under the advanced certificate request
• Go to certificate template and choose User or Administrator

You should bear in mind that if you need a site to site GVC or VPN that has Key Usage, where present, you should have digital Signature as well as Non-Repudiation and an Extended key Usage (EKU). Where this is present, there is a need for Client Authentication, if it works. If you are using L2PT or IPSec VPN and there is Key Usage, ensure that you make use of Digital Signature or/and Non-repudiation.

At SonicWall University, you will get access to sophisticated online courses that are designed to provide you with certifications that are up-to-date. Once you join the courses, you will have access to a wide range of e-learning certification modules, certification examples and authorised training partners.

The SonicWall training programs are suitable for network administrators and security experts who are aiming to improve their knowledge as well as increase the investment they have made in the SonicWall network Security Products and applications. With the NSAA (Network Security Advanced Administration), it becomes possible for students to configure, optimise, monitor and manage firewall appliances that run using SonicOS.

Trainings Offered by Sonicwall

The SonicWall training makes it possible for system administrators to deal with many evolving network challenges and threats to the cybersecurity space. Some of the courses leading to SonicWall certification include:

• Network Security Advanced Administration (NSAA). This is a training that makes it possible for system administrators to deal with many evolving network challenges and threats to the cybersecurity space. This is a course that is recommended for system administrators and networking professionals that are involved in the day to day operation of security gadgets. After completing this course, the graduate will be in a better position to configure SonicWall firewalls to ensure a Secure as well as Remote connectivity. This is on top of preventing advanced threats and Network Optimization. After completing the NSAA course, you become eligible to enrol for the CSPP (Certified SonicWall Security Professional) exam. One of the SonicWall training essentials is to have completed the (SNSA) certification or at least the legacy CSSA. In order to sit for the CSSP exam, you need to have successfully completed the CSSA or the SNSA after a period of 2 years study.
• SNSA. This is a course that is recommended for the networking professionals whose role is to handle the day to day operation of different security gadgets. The course was created to help students understand technology in network security that is SonicWall-specific. This course has been built to serve the SonicOS .65 firmware that was recently released. It consists of only 20% classroom lecture and 80% hands-on training in the labs. This is an upgrade from the NSBA which has been retired.
• CSPP. This is a more advanced course that is the right choice for individuals that optimise, deploy and troubleshoot all the features of a product.

Conclusion

The Network Security Basic Administration(NSBA) was based on the right understanding of different security issues with a bias against the administration. The goal of the training was mostly to train network security administrators. However, it was noted that students did not get in-depth training on the Sonicwall firewall, but the training emphasised on giving a general overview of network security.

The new SNSA has now been designed to fill this gap. Its goal is to teach students network security technology that is SonicWall specific, and the skills necessary for the implementation and the configuration of firewall appliances. Therefore, there are some good reasons for enrolling in SonicWall training and certification.

So long, Sophos - Defend your organization at every point.

Switch to SonicWall for modern, integrated endpoint protection and breach prevention designed for today’s hybrid environments.

Frustrated trying to protect your entire organization with solutions from an endpoint-focused vendor? Don’t settle for a collection of siloed, loosely synchronized point products.

Make the move to a comprehensive security portfolio - from a network security pioneer - with end-to-end breach prevention and malware protection across your endpoints and wired, wireless and mobile networks.

To find out more go to https://www.sonicwall.com/en-us/lp/switch-to-sonic...

About Phishing Emails

Okay, so most of us know something about phishing emails. We’ve been warned many times about how criminals use emails that look almost exactly like the real thing to get us to click on a link that allows them to capture sensitive password information.

We know that we should never click on a link provided in an email. If the link is legitimate, you can access the same information by going through the company’s actual web address that you looked up yourself, and then signing in from there.

If it’s a real email from the company concerned, there’s no harm. If it is a malicious email, at least you’re not putting yourself at risk.

However, are you fully prepared for the kinds of attacks modern phishers launch? What if you get a request from someone you know who is sharing a Google doc with you? That’s got to be safe, right?

Well, the reason that we bring it up is because of a phishing scam that was carried out this way. It caught many unsuspecting people off guard.

The signs were there if you knew to look for them. The email looked benign and seemed to be from Google. In fact, it even directed you to the “Choose an Account Screen.” However, it was the next step of the process that was the top clue.

You were asked to allow Google to manage your contact and read your emails. You didn’t have to enter your password, so it seemed okay. If you authorized that app, it got instant access to your emails and contacts. It even sent out emails to your contacts to run the scam again on new victims.

In retrospect, it was a pretty obvious scam, but considering how many people fell for it, it proved pretty successful. It should serve as a wakeup call, though — the phishers are out there, and they’re pretty good at what they do.

What can you do to protect yourself?

SonicWall Protection

Your best defence is to block phishing emails before they even get to you. Installing Sonicwall security for phishing emails is an excellent place to start. This program goes beyond simple anti-virus scans and analyses each message being sent to your system.

With the Sonicwall email protection system in place, you’re protected from many different types of threats including phishing, ransomware, spam and viruses. If it’s a threat that’s coming in through email, the Sonicwall phishing protection programs will pick it up and stop it.

There’s no need to worry about a staff member or anyone else accidentally clicking on a link in an email and exposing your whole system. The system is cost-effective. You need only buy one license per server and, at about £200 (VAT included), that’s really good value for money.

It runs automatic updates so that you can always be assured of the most up to date protection. Best of all, it integrates seamlessly into your existing system, providing real-time protection against a varied range of threats.

Cybercrime is big business, and the criminals are getting more sophisticated by the day. There are countless threats out there, and all it takes is for one person to click on the wrong link to expose your systems.

When you consider the reputational risk and liability issues that a data breach exposes your company to, a couple of hundred dollars is a very small investment to protect your system. Contact SonicWall Sales to find out what the right solution for your business is.

What else can you do?

Even with the Sonicwall Email Security system, it’s good practice to take some basic steps to protect yourself against these kinds of requests. Here are some quick tips:

• Never click a link in an email unless you know exactly where the link will take you. Some of these site names will look like the real thing, but there’ll usually be something off. Maybe a slightly different spelling or something similar
• To be perfectly safe, if you receive an email purporting to be from a company like Microsoft and asking you to confirm something, ignore the link and go to the website. If you need to download or check anything, do it from the vendor’s site
• Where you can, enable 2-factor authentication. It’s a pain, but it provides excellent security

Finally, ask yourself these questions.

Does it make sense for the company to have sent that email? Have they ever sent similar emails before?

If you’re not sure, look up the vendor’s contact information and ask them directly.

dministrator Course 

Are you interested in pursuing a career in the cyber security world? Considering that there’s a serious skills shortage in this field, it’s a pretty clever career move. One thing we know — cybercriminals are not going anywhere soon. If there’s a system to exploit, they’ll be right there.

You might be wondering where to start, however. The latest Sonicwall training and certification course is an excellent place to begin your career. We’ve designed this new Sonicwall SNSA Certification course based on feedback received from our NSBA class.

We’ve ramped up Sonicwall training specific to our network security tech and focused the course on implementing and configuring our security services and firewall appliances.

What You Get

The complete Sonicwall SNSA Guide and intensive training that consists of:

• Two days training in a classroom-based environment and pro instructor. This training is focused more on labs to give you some hands-on experience. The lectures only constitute 20% of the program, with the rest of the time being practical exercises.
• You’ll get six hours of training modules that can be completed at your own pace either before you come in for the classroom training or afterwards.
• The course focusses on the latest SonicOS 6.5 firmware.
• Training focused solely on Sonic systems. All generic theory has been replaced with more targeted training material
• A complete global support structure to assist you with the training

Has the NSBA Qualification Fallen Away?

This qualification was our core training for the last decade. The key focus here, though, was to ensure that those taking the exams had a basic understanding of network security in general. This training was a broader version of the new qualifications.

What we have found since then, though, is that the training was fine as an introduction, but students felt that they needed extra technical training once the course was complete.

We also found that a student’s experience of the course was dependent on where they were located. As a result, we felt that a more standardised, targeted approach was required to provide a more in-depth learning experience that was the same across the globe.

How Long Will My NSBA Qualification Be Valid?

If you’ve already passed the NSBA exam and have a valid CSSA certification, this will still be acknowledged as valid by us until March of 2020. If your CSSA certification has expired, you’ll need to complete the new course before being recertified.

Bringing it All Together

In short, the new qualification takes the feedback that we’ve received from previous students to create a more effective certification. You’ll get more training on our systems to ensure your future success.

It is our feeling that this will be more useful to industry professionals going forward. The certification will not only prove you have the requisite skills but will also give you some hands-on experience as well. If you want to learn more about the program, contact SonicWall Sales to get the full details.

Read next article: Applying for SSL Certificates using Sonicwall VPN Connections

Importance

The digital landscape has changed significantly over the last few years, and criminals are taking full advantage of this. New tech has made it possible for employees to work remotely and to use their personal devices.

This has made things easier for employees who prefer to work flexible hours, but it’s also made it easier for cybercriminals. Your office systems might be extremely secure when it comes to hacking attempts, but how secure are your employee’s devices?

More importantly, how aware are they of the importance of cybersecurity? Do they understand how to recognise a phishing attack? Moreover, are they naively going to click on a link in an email? Also, before you say something like, “Phishing attacks are easy to spot,” think again.

These attacks are becoming more sophisticated, and they look good enough to fool many people. It only takes one employee to fall for the attempt, and your systems are at risk. This makes it increasingly important for you to educate your employees about cybersecurity.

Spotting a Phishing Attack

The simple fact is that phishing is becoming more difficult to spot. Your first line of defence is to install SonicWall Email Security systems. The SonicWall hosted email security software will analyse all emails coming into the organisation and remove those that it deems to be a threat.

We can assist with other aspects of cybersecurity as well. The SonicWall, an email encryption software, will keep your outgoing emails safe from prying eyes. The SonicWall internet security software will help to protect your systems from online attacks.

A good defence, from the start, is the best way to protect your company from any form of online threats. If the attacks are identified before they hit your servers, they cannot do any damage. SonicWall’s software will catch most attacks before they get anywhere near your business data.

If you’re interested in learning more, contact the SonicWall Sales team.

Your next step is to alert your employees of the potential risks and provide them with training to help them recognise phishing attacks. Here are some quick tips to get you started:

Online security is everyone’s responsibility. Don’t let employees think, “It’s not my responsibility to check.”

Employees must question any requests that seem out of the ordinary. Such as an email request for a funds transfer that hasn’t come through official channels

Your employees should adopt the view that all emails are suspicious until verified. Encourage them in this thinking and don’t punish them at a later stage for trying to prove the legitimacy of a request.

Requests for fund transfers or confidential information must always be verified by checking the email address and signature carefully. Employees should also check the domain names that requests are coming from

If an email is from a free web-based service, like Gmail, it’s important to be suspicious. Employees should never reply directly to these emails. Instead, they should use the “Forward” option and use the email address on the record.

Phishing emails often contain typos and grammatical errors. This is not always an indication that the email is a phishing attempt, but it could be a sign to be cautious.

Sonicwall Email Security systems can tackle these concerns for you. That said, drum it into your employee’s heads that there are many different cyber risks out there. Make sure that they check and recheck any requests, especially if these are out of the ordinary. It might entail a little more effort, but the increased security is essential to survive malicious attacks.

Happy New Year to all our customers - and those just looking!

Current Issue: Cyber Security Talent Shortage

Cybersecurity is a field that is becoming more important by the day. Cyber-criminals are getting bold and more innovative as technology advances. With businesses relying more and more on new tech, like smartphones and tablets, the level of cyber-attacks has never been higher.

Companies are looking for ways to up the ante and protect their valuable data from outside attacks, which has created a need for trained professionals who can guard against attacks.

Therefore the cybersecurity industry is booming at the moment. There’s just one small issue — there are a large demand and a serious skills shortage, especially in the U.K.

It’s been seen as a severe issue that according to Wired, the shortage has led the government to institute a program to teach kids about cybersecurity in their spare time.

For the job-seeker, it’s fantastic news. There’s a definite call for skills in this area, and if you have the requisite training, you can just about name your price.

However, where do you start? Which training should you be considering?

In the second part of this post, we’ll go through exactly what you need to get your career off to a good start.

How to Get Started

The catch is that you can’t just do some random firewall training course and call yourself an expert. You need to consider more formalised CSSA certification training if you want companies to take you seriously.

Sonicwall training and certification courses are designed to give you the skills that you need to succeed in this arena. Sonicwall training focuses not only on the basic computer skills that you’ll need but also practical problem-solving solutions so that you can get to the root of the issue fast.

You can take your Sonicwall certification as far as you like. The SNSA Sonicwall is the ideal starting point for a networking pro who is going to oversee running the security procedures in a company. Once you’ve passed your Sonicwall SNSA exam, consider your career started.

You can opt to stop there or to move on to the CSSP qualification. This consists of courses that are more advanced and will enable you not only to operate security systems, but also to set them up, optimise them, and find out why they’re not working as well as they should.

Qualifications in this industry are extremely important, but it’s also essential to ensure that you practice your newly learned skills. Companies want to see qualifications, but more importantly, they want to understand how you approach problem-solving.

After all, there’s going to be a steep learning curve once you’re in a real-world environment. Companies want to know that you can tackle any unexpected challenge.

That’s why it may be a smart move to take a lower paid job when after earning your credentials. Make sure that it’s a position that will offer you a decent level of hands-on experience to learn as much as you can. This also gives you a good grounding in the field and shows employers that you have the right attributes as well.

Being a cyber-security professional means being able to think outside the box and react quickly to threats. Getting first-hand experience is the only real way to prove that you know how to apply your training.

Check out www.sonicwall-sales.com for a more in-depth overview of the training we offer.

hishing is a fraudulent method of sending emails that are purported to be from the reputable companies in a bid to encourage the receiver to reveal their personal information such as credit card number and password. In most cases, phishing is done via email communications.

The good news is that there are certain ways that you can use, to distinguish suspicious emails from the loss of other sensitive data. One of these is the use of Sonicwall email protection. In most cases, these data leaks happen as a result of employees not being armed with information that helps to protect the critical data of a company. Here are some common indicators of a phishing attempt and how to avoid phishing attacks.

Poor Grammar or Spelling Mistakes

It is rare for a communication department of a big corporate to send a message to its customers without going through it several times to check for grammatical and spelling errors, proofreading and editing. Therefore, when you get an email with these errors, it could be a sign that you are dealing with a phishing attempt. Also, be wary of those generic greetings such as “Dear Member” or “Dear customer”. All these are reflagged, as many of the legitimate companies will use your name in their communication.

Look Out for Threats

You will be warned of things like your account getting closed or the need for immediate action. You may even be told that the account has been compromised. In most cases, these are tactics to intimidate you, as they take advantage of any concern and anxiety you get, to provide your personal information. If there is something that doesn’t add up, feel free to contact your bank. Remember that scammers are not only using credit cards, banks and email providers to cover for the scams; many are still using the threat of a government agency such as the FBI and the IRS to scare their targets.

Be Wary of Documents

Many organisations report that some of the successful phishing attacks are disguised as something that an employee was expecting. This could be a confirmation for shipping, HR document or even a request for the change of password that appears like it is from the IT department. Be sure to scrutinise such kinds of emails before you can download any attachments or even click on any links that are included.

Check the Name

If you get a message or email from someone you don’t know giving you directions for signing on a website, you will need to be very careful. This is particularly the case if the person is asking for your social security number as well as your password. Any legitimate company will not ask for this kind of information using emails or instant messages. Therefore, this needs to be a red flag. You will not be asked by your bank to send your account number as this is information that is already in their hands. Also, double-click the email on the sender.

Conclusion

Bear in mind that many phishing attempts will use the name, address and logo of a company, similar to a big brands name. However, with closer scrutiny, you will realise that the email is not from the genuine company. You can use SonicWall email security software or install a reliable firewall like Sonicwall Firewall to protect yourself.

Read next article: How firewalls work against threats?

Designed for small organizations and distributed enterprises with remote and branch offices, the SonicWall TZ600P and TZ300P integrate support for PoE and PoE+ devices. These Unified Threat Management (UTM) firewalls help reduce both the cost and complexity associated with PoE injectors and switches by providing power directly to connected PoE-enabled devices, such as wireless access points, POS terminals, printers, cameras and other IP devices.

Instead of two cables, there’s one. And you don’t need to place the device near an outlet, which helps when you’re designing your office or store layout. Plus, you don’t need to spend your budget on a PoE switch. Both firewalls support the IEEE 802.3af (PoE) and more powerful 802.3at (PoE+) standards, which newer devices require.

PoE/PoE+ support is just one of the many features included with TZ series firewalls. In addition, the TZ600P and TZ300P consolidate a host of essential security and networking features. For example, small organizations, including retail shops, can utilize high-speed 802.11ac wireless for internal and customer/guest connectivity while segmenting traffic for each group using virtual LANs.

Original article here (with links)

No matter your type of organization — large or small, public or private — cutting expenses is always a key initiative. After all, reducing your OpEx looks good on the books and enables the company to invest in other meaningful initiatives.

One cost every organization faces is internet connectivity. Access to the internet is essential for communications, website hosting, sharing files, serving up apps and a host of other activities. But it can be expensive, especially if your organization has multiple offices, branches or stores.

Today’s broadband users, whether employees or customers, define their experience by performance rather than availability. We don’t just expect to have access to apps and videos, we demand that they perform in real time. Any delay is met with complaints and a call for more bandwidth, which increases expenses.

How to Securely Connect, Network Remote Locations

When you have a distributed network with branch or remote locations, they need to be securely connected with each other and the corporate headquarters. This can be done using several techniques. One common method is multiprotocol label switching (MPLS). Using MPLS, organizations can create a private wide-area network (WAN) to securely send data between locations via the shortest path available without going through the public internet.

MPLS supports multiple connection types, including T1 and frame relay. The problem? These connections have to support an increasing number of connected devices and bandwidth-intensive applications that demand higher speeds, which means they’re expensive. That’s why many distributed organizations are moving to SD-WAN (software-defined wide-area network).

“For SD-WAN to be a viable alternative to private WANs, enterprises need to ensure they have the same level of inspection and enforcement at the branch and remote sites as they have at the data center,” said Mike Fratto, analyst at 451, in SonicWall’s official launch announcement. “Integrated security features with SD-WAN are table stakes for most enterprises adopting the technology.”

Reduce Costs with Secure SD-WAN

To help organizations reduce their costs while still receiving secure and consistent performance for business-critical applications, SonicWall offers Secure SD-WAN. A feature of SonicOS 6.5.3, the operating system for SonicWall TZ and NSa firewalls, Secure SD-WAN technology enables distributed organizations to build, operate and manage secure, high-performance networks using readily-available, low-cost public internet services, such as DSL, cable and 3G/4G.

An alternative to more expensive WAN connection technologies, including MPLS, Secure SD-WAN enables virtually any organization — retailers, banks, manufacturers and others — to connect sites spread over great distances for the purpose of sharing data, applications and services. Features such as intelligent failover and load balancing help ensure consistent performance and availability of critical business and SaaS applications.

And, unlike solutions from pure-play SD-WAN providers, Secure SD-WAN doesn’t require you to purchase additional hardware or licenses.

Secure SD-WAN: Safe, Fast & Reliable

Reducing expenses is always a priority for every organization. What else is? Here are some other key issues Secure SD-WAN helps distributed enterprises solve:

1. Protect your network from cyber criminals. Both encrypted and unencrypted traffic run through a SonicWall next-generation firewall to be scanned for threats, such as malware and ransomware, ensuring maximum threat detection and prevention. If you have a separate SD-WAN-only solution, you’ll need to make sure you also have a way to protect data from modern cyberattacks, such as encrypted threats and ransomware.
2. Achieve consistent, optimized application performance. Realize faster, more consistent performance for SaaS and business-critical applications, such as VoIP, video and unified communications, through capabilities such as deterministic application performance, which steers the apps over less-congested links to overcome jitter, latency, packet loss and other unfavorable network conditions.
3. Enhance agility. Using SonicWall Zero-Touch Deployment, bringing up new sites is greatly simplified. Provisioning hardware remotely removes the need to have onsite IT personnel perform the task. In addition, IT administrators can manage the entire network, including devices at SD-WAN-enabled branch/remote locations, through a single pane of glass using Capture Security Center, SonicWall’s cloud-based management and analytics platform.

Original article here (with links)

Introduction

Attackers often control infected devices remotely to carry specific function, to obtain certain information, or to generate malicious traffic for distributed denial of service attacks. One of the ways to carry out this malicious conduct is with botnets. In itself, botnets are not malicious technology, but it is used in ways that are detrimental to systems, networks, or computers. There are many different ways an attacker can use botnets to add your computer to their network.

Companies that have access to sensitive information are often targeted by botnets as infected devices will follow the orders of any user that has control over the botnet. Companies like these often have an in-house specialist that actively work toward safeguarding their networks against this malicious malware.

Botnets Explained

There are many botnet definitions, but, in essence, it is a network of Internet-connected devices that can consist of personal computers, servers, or mobile devices that are infected and controlled by means of a specific type of malware.

The word botnet is derived from the words “robot” and “network”. Once a device that is connected to the internet is infected, it becomes part of a network that is being controlled by the attacker. In many cases, the primary user of the device is not aware that this malware is targeting them.

When creating a botnet, an attacker’s objective is usually to add as many infected devices to the network as possible. There may be many reasons for this. An ad fraud botnet, for example, aims to take partial control of all infected devices’ web browsers in order to send traffic to online advertisements to make money. The reason the botnet doesn’t take complete control over the web browsers is that they don’t want to be detected by the user’s device or security software. This means that your individual device on its own won’t be enough for the attacks purposes, but in combination with millions of other infected devices, your device will play its part in ensuring that the attacker can commit ad fraud or engage in some other illegal online activity.

Botnet malware can spread in many different ways. Primarily, it scans systems and devices for weaknesses and outdated security products before infecting a device with other malware such as a Trojan horse.

Solution

Protecting yourself against botnets is incredibly important, especially since you may be unaware that this malware infects your device.

Your first line of defence against botnet is an updated operating system. If you are running an old and outdated operating system, attackers will find it easier to install botnets as your system doesn’t have the necessary patches. Enable automatic updates in your device’s settings.

Don’t click on download links or save attachments from unfamiliar sources. This includes emails, links in your browser, or in chat rooms.

Use an updated and trusted firewall like Sonicwall Firewall when browsing the internet. If your device is using Windows, you can install a windows product or third-party software. Finally, stay away from websites that distribute malware. Your security software may also warn you against specific sites.