SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

SonicWall Expands Capture Cloud Platform

November 12, 2020

SonicWall expanded its Capture Cloud Platform with the addition of the high-performance NSa 2700 firewall and three new cost-effective TZ firewall options. The company also debuted SonicWall Cloud Edge Secure Access that delivers easy-to-deploy, easy-to-use zero-trust security for organizations operating in a modern work-from-anywhere model.

“As emerging technologies mature, it’s imperative that companies make the necessary investments to ensure they are prepared for what is to come while making it seamless to the operation of their organizations,” said SonicWall President and CEO Bill Conner. “As remote users require more and more devices, the reliance upon IoT continues to rise and extended distributed networks are challenged with evolving security and connectivity measures, we look to provide tailored options to address growing needs.”

Multi-gigabit threat protection, SonicOS 7.0 arrive on NSa line
The new SonicWall NSa 2700 expands multi-gigabit threat performance to enterprises, MSSPs, government agencies, as well as key retail, healthcare and hospitality verticals. It’s also the company’s first mid-level appliance on the new SonicOS 7.0 platform, delivering a modern UX/UI, device views, advanced security control, plus critical networking and management capabilities.

Like the rest of SonicWall’s newest generation of firewall appliances, the NSa 2700 is ready to be managed by SonicWall’s cloud-native Network Security Manager (NSM), giving organizations a single, easy-to-use cloud interface for streamlined management, analytics and reporting.

New low-end TZ firewalls give more options for SD-Branch deployments
To secure increasingly relied upon SD-Branch solutions, SonicWall is adding more security choices for SMBs with new cost-effective TZ firewall options. The new TZ270, TZ370 and TZ470 were especially designed for mid-sized organizations and distributed enterprises with SD-WAN locations. 5G- and LTE-ready, the full line of TZ firewalls comes with a convenient USB 3.0 port to quickly and reliably add 5G connectivity.

“The performance of the new TZ firewall is a tremendous increase, which is necessary for DPI-SSL inspection,” said Data-Sec Senior IT Security Solutions Architect Daniel Franz. “It has awesome security features like Capture ATP and unified endpoint integration. And the ‘basic’ functions are working as expected.”

SonicWall’s new ZTNA offering protects work-from-anywhere environments
Leading a robust Secure Access Service Edge (SASE) offering, SonicWall is debuting its new zero-trust network access (ZTNA) solution. SonicWall Cloud Edge Secure Access enables organizations to control and protect network access to both managed and unmanaged devices based on identity, location and device parameters. The cloud-native solution provides a fast and safe authenticated on-ramp to any cloud and on-premise network using authorize-first, connect-later zero-trust model.

“Cloud Edge has been very impressive so far, and all functions have worked reliably and provided decent performance,” said Harry Boyne, Technical Director, Chalkline Solutions Limited (UK). “We’ve worked with SonicWall firewalls for the best part of a decade, and have found them to work consistently and been a key component of a client’s on-premise network boundary. We are really excited to work with Cloud Edge as it helps extend that same secure, reliable boundary to our clients’ home environments without the hardware or significant cost requirement.”

Cloud Edge Secure Access is easy to set up and easy to scale. An IT administrator can configure the zero-trust security solution in as little as 15 minutes; end-users can self-install the client application in just five minutes.

SonicWall Cloud Edge Secure Access joins SonicWall Secure Mobile Access and SSL-VPN technology in providing remote security that meets security standards established prior to responses made prior to ‘the new business normal’ set in motion in response to the COVID-19 pandemic.

SonicWall also updated key products with new enterprise and MSSP capabilities. Network Security Manager (NSM) 2.1 adds various options for NSM on-premises deployments to help SOCs run with greater ease and control. SonicWall Capture Client 3.5 endpoint protection helps organizations manage multiple tenants, translating to lower operational costs and faster response times.

SonicWall's Product Marketing, Senior Manager Sony Kogin added:

Last January, SonicWall announced a partnership with Perimeter 81, the leading Zero-Trust Secure Network-as-a-Service provider, to firmly establish our presence in SASE. And now we’re delivering on that promise — starting with the new worldwide Cloud Edge Secure Access service, designed to free businesses from the notion of fixed locations and rigid cybersecurity solutions.

Cloud Edge Secure Access enables a simple Network-as-a-Service (NaaS) for site-to-site and hybrid cloud connectivity with integrated Zero-Trust and Least-Privilege security. Organizations can now empower remote workforces outside the traditional perimeter while protecting high-value business assets, regardless of location.

Cloud Edge Secure Access effectively provides a dedicated and invisible “rail and fence” for every employee and partner device. It offers secure access to apps and data anywhere in the cloud, including private, AWS, Azure, Google and more.

The inherent Least-Privilege Access security allows users and devices access to what’s necessary and nothing more, similar to the concept of a “need-to-know basis.” By limiting the exposure to other sensitive areas of the network, organizations can prevent threats from moving laterally, thereby securing their resources without sacrificing their operational flexibility. The illustration below shows how the Zero-Trust security follows the user anywhere and gives choices to use any devices, as both managed and unmanaged.

Worldwide cloud-native service that takes minutes to deploy.

The global infrastructure of SonicWall Cloud Edge is supported by over 30 global points of presence (PoPs). The solution is built on the Software-Defined Perimeter (SDP) architecture, making Cloud Edge service impervious to common cyberattacks like DDoS, Slowloris and SYN Flood.

IT managers can take advantage of the powerful cloud-native service via a simple SaaS interface. Built with ease of use in mind, SonicWall Cloud Edge can be configured by IT managers in as little as 15 minutes, and self-installed by end users in just 5 minutes.

But this is just the beginning of how SonicWall Cloud Edge increases IT agility and accelerates employee productivity.

Instant, high-performance multi-regional private network service.

With Cloud Edge Secure Access’ NaaS, a geographically distributed enterprise can quickly interconnect with a single virtual multi-regional private network. This makes it an ideal solution for connecting nomadic kiosks, temporary retail stores, mobile point of sales or remote branch offices in areas underserved by telcos’ MPLS, where only commodity internet is available.

The ability to not be bounded by a telco’s service map is a big plus, because it allows you to use a location that aligns with strategic business objectives and can offer considerable cost savings.

If you have legacy firewalls and routers, SonicWall Cloud Edge Secure Access will inter-operate seamlessly regardless of their location and bridge them to the nearest PoP gateways via IPsec tunnels. However, SonicWall recommends the WireGuard tunnel, which can deliver up to four times faster performance. In this race, SonicWall leads the industry as the only incumbent security vendor to offer WireGuard support.

How does Zero-Trust network and application access work?

Here’s how easy it is to enable the Cloud Edge Secure Access service and enforce Zero-Trust security:

  • A home user can turn any desktop machine or notebook running macOS or Windows into a managed device with the SonicWall Cloud Edge app client. The client includes Wi-Fi security support that automatically enables a VPN connection in an unsecured public hotspot. When a Wi-Fi hijacking attempt is detected, the client will instantly disable the outbound internet connection to prevent any masquerade attack from exfiltrating data out of the target device.
  • A roaming user with an iOS or Android mobile device can install the lightweight version of SonicWall Cloud Edge app to benefit from the work-from-anywhere protection.
  • A business partner with an unmanaged device and a browser can also securely connect to the network and access authorized applications and data. This generic browser support is handy in public locations, such as libraries, airports or hotels where only a shared device is available.

In each of these scenarios, Cloud Edge Secure Access enforces Zero-Trust access, starting with a user login. Both internal and external logins will be directed to a centralized controller, which facilitates the interactions between the endpoint and the identity management system (such as LDAP, Okta, Azure Active Directory or Google Cloud Identity) for proper authentication.

Upon successful verification, the traffic will be relayed to one of the 30 gateways nearest the user to ensure optimal performance and the best application experience. The gateway brokers the connection by decrypting the incoming traffic and microsegmenting the traffic flow to prevent lateral movements.

An all-inclusive solution for enterprises with lean IT, and a revenue-generating platform for MSSPs.

Moving security and networking services to the cloud eliminates many hardware and software costs, such as purchasing network security appliances and security applications from several vendors.

SonicWall Cloud Edge Secure Access offers enterprises with lean IT an all-inclusive package. It integrates state-of-the-art WireGuard cryptography, built-in protection against volumetric DDoS attacks, Slowloris and SYN flood as well as Wi-Fi hijacking. It also offers service redundancy with automatic traffic load balancing, and it works seamlessly with SIEMs including Splunk and modern identity management providers (IdP).

The addition of a subscription model offered by Cloud Edge Secure Access means that services can be scaled up or down on demand, without waiting weeks or months for equipment to arrive and dedicated circuits to be installed.

Terms of Use | Copyright © 2002 - 2020 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement