SonicWall Announces Capture Cloud Platform
April 2018 by Marc Jacob
SonicWall introduces the SonicWall Capture Cloud Platform, which tightly integrates security, management, analytics and real-time threat intelligence across the company’s full portfolio of network, email, mobile and cloud security products. SonicWall also is introducing new and enhanced products in its portfolio of hardware, virtual appliances and endpoint clients.
The significance of the unified and connected SonicWall Capture Cloud Platform is highlighted by the escalating threat landscape. In the first quarter of 2018 alone, the average SonicWall customer faced 7,739 malware attacks, a year-over-year increase of 151 percent; 335 of these attacks were hidden using SSL/TLS encryption. The SonicWall Capture Cloud Platform also identified more than 49,800 new attack variants in the first quarter, with SonicWall Real-Time Deep Memory InspectionTM (RTDMI) identifying 3,500 never-before-seen variants.
To aid organizations in mitigating growing volumes and variants of cyberattacks, the SonicWall Capture Cloud Platform provides intelligence, management and analytics to supplement SonicWall’s complete portfolio of cybersecurity hardware, virtual appliances and endpoint clients for an efficient, easy-to-use and connected customer experience. The newly announced cloud platform includes:
Capture Security Center for customer-specific visibility, device management, advanced analytics and reporting
Capture Advanced Threat Protection (ATP), a cloud sandbox service that uses multiple analysis techniques, including SonicWall’s patent-pending RTDMITM technology, to block malware and zero-day threats until a verdict is reached
Capture Client, a unified, next-generation endpoint protection solution with ‘rollback’ capabilities
Hosted Email Security, a cloud-based security solution to protect organizations from email-borne threats such as ransomware, zero-day threats, spear phishing and business email compromise (BEC)
Capture Labs Threat Network to automate breach prevention and instantaneous sharing of threat intelligence across SonicWall firewalls, SonicWall Capture Client, Email Security and mobility solutions
SonicWall Capture Labs researchers pioneered the use of artificial intelligence for threat research and protection over a decade ago. Today, machine-learning algorithms are used to analyze data and classify and block known malware before it can infect the network. Unknown files are sent to the SonicWall Capture Cloud Platform where they are analyzed using a variety of techniques, including hypervisor analysis, emulation, virtualization and RTDMITM technology, blocking zero-day malware in near real time
Capture Security Center Offers Ultimate Visibility, Agility
One of the cornerstones of the SonicWall Capture Cloud Platform is the SonicWall Capture Security Center, originally released as SonicWall Cloud GMS. Delivered as a cost-effective service offering, the SonicWall Capture Security Center offers the ultimate in visibility, agility and capacity to govern entire SonicWall security operations and services with greater clarity, precision and speed — all from a single pane of glass.
By establishing a holistic and connected approach to security orchestration, the SonicWall Capture Security Center federates all operational aspects of the SonicWall network security ecosystem. The open, scalable center simplifies and, in many cases, automates various tasks to promote better security coordination while reducing the complexity, time and expense of performing security operations and administrations.
Introducing the SonicWall Virtual Firewall Series Extending SonicWall’s vision to the world of cloud and virtualization, SonicWall Network Security virtual (NSv) firewalls protect all critical components of private and public cloud environments. SonicWall NSv virtual firewalls deliver the security advantages of a physical firewall with the operational and economic benefits of virtualization, including system scalability and agility, speed of system provisioning, simple management and cost reduction. The new virtual firewalls help organizations:
Gain more visibility into intra-host communication between virtual machines for automated breach prevention
Ensure appropriate placement of security policies for applications throughout the virtual environment
Implement proper security zoning and isolation
Prevent unauthorized takeover of virtual systems
Stop unauthorized access to protected data
Block malicious and intrusive actions, such as spreading malware, executing operating system commands, file system browsing and command-and-control (C&C) communication
NSv virtual firewalls operate on the same feature-rich SonicOS operating system that powers the entire SonicWall firewall line. SonicOS offers advanced security, networking and management capabilities, plus tight integration with other SonicWall solutions.
SonicOS provides organizations with the network control and flexibility they require through application intelligence and control, real-time visualization, an intrusion prevention system (IPS) featuring sophisticated anti-evasion technology, high-speed virtual private networking (VPN) and other robust security features.
SonicWall WAF Protects Applications in Private, Public or Hybrid Cloud Environments The new SonicWall Web Application Firewall (WAF) delivers defense-in-depth capabilities to protect web applications running in private, public or hybrid cloud environments. Organizations in regulated industries gain a complete, out-of-box compliance solution for application-centric security that is easy to manage and deploy.
SonicWall WAF features advanced web security tools and services to keep compliance data unexposed and web properties safe, undisrupted and in peak performance. It employs a combination of signature-based and application profiling deep-packet inspection, and high-performance, real-time intrusion scanning engine using event-driven architecture to dynamically defend against evolving threats as outlined by the Open Web Application Security Project (OWASP), as well as more advanced web application threats like denial-of-service (DoS) attacks and context-aware exploits.
The SonicWall WAF behavior-based detection engine learns, interrogates and baselines regular web application usage behaviors and identifies anomalies that may be indicative of attempts to compromise the application, steal data and/or cause a denial-of-service. The WAF acceleration features apply Layer-7 application delivery capabilities that enable application-aware load balancing, SSL offloading and acceleration for resilience and an enhanced digital engagement and experience.
Like the SonicWall NSv series, SonicWall WAF can be deployed as a virtual appliance in private clouds based on VMWare or Microsoft Hyper-V, or in Amazon Web Services (AWS) or Microsoft Azure public cloud environments.
Unified, Next-Generation Endpoint Protection
The new SonicWall Capture Client extends an organization’s ability to defend endpoint devices that connect and interact with its networks, applications and data.
SonicWall Capture Client is a unified client platform that delivers multiple endpoint protection capabilities, including next-generation malware protection and support for visibility into encrypted traffic. It leverages layered protection technologies, comprehensive reporting and enforcement for endpoint protection. The new solution:
Extends advanced malware protection to endpoint devices
Delivers critical ‘rollback’ capabilities
Enables continuous behavioral monitoring
Uses machine learning for highly accurate determinations
Simplifies management via a cloud-based console
Integrates with SonicWall next-generation firewalls for easy rollout and client enforcement
SonicWall Capture Client also significantly simplifies DPI-SSL encrypted traffic analysis by solving one of the most difficult challenges: how to deploy certificates on all end points. SonicWall Capture Client simplifies this process by installing and helping manage trusted TLS certificates on all endpoints behind a firewall. With approximately 68 percent of all traffic being encrypted, it’s absolutely crucial that organizations activate DPI-SSL capabilities to ensure cyberattacks aren’t evading security controls to infiltrate their networks.
SonicWall Updates NSa Firewall Lineup
SonicWall also announces updates to its Network Security appliance (NSa) range of next-generation firewalls. The new NSa 3650, 4650 and 5650 models continue the evolution of SonicWall’s vision for a deeper level of network security without a performance penalty.
More than simply a replacement for their predecessors, this trio of NSa firewalls address the growing trends in web encryption, connected devices and high-speed mobility. The new NSa series models offer more than double the number of SPI connections (up to 4 million) and quadruple the number of DPI-SSL connections compared to their predecessors.
Built on a multi-core hardware architecture featuring 10-GbE and 2.5-GbE interfaces, the NSa series scales to meet the performance demands of mid-sized networks, branch offices and distributed enterprises.
The new SonicOS 6.5.1, an upgrade to 2017’s historic SonicOS 6.5.0 that offered more than 50 new features, delivers bi-directional APIs and up to 18 times the number of DPI-SSL connections over NSa firewall predecessors.
SonicWall Capture Security Center, Network Security virtual (NSv) firewalls, Network Security appliance (NSa) firewalls, SonicWall WAF and SonicWall Capture Client will be available to purchase in the first half of calendar year 2018.