What is SonicWall Advanced Protection Suite?

By Andrew Harmon

Posted On December 9, 2020

What is SonicWall Advanced Protection Suite?
advanced protection advanced security gen 7 security services sonicos SonicWALL totalsecure tz firewalls

What Is SonicWall Advanced Protection?

SonicWall Advanced Protection (aka; SonicWall TotalSecure – Advanced Edition) extends enterprise-grade security to small businesses and branch offices – and even home offices – by enabling advanced cloud security and management features. With the release of SonicWall’s Generation 7.0 TZ firewalls and the SonicOS 7 operating system, even desktop firewalls are able to deploy advanced security services. These new models feature modernized user interfaces, integrated SD-WAN, and cloud-based management in several new TotalSecure suites.

Blog Banner General Buy Now Red-High-Quality

Bundle your new hardware with the basic Threat Protection suite, the Essential Protection suite, or the Advanced Protection suite to make the most out of your security investment. This article cracks open the beefiest of these new TotalSecure bundles to examine what services are included in the SonicWall Advanced Protection suite.

SonicWall Advanced Protection, Threat Protection, & Essential Protection

SonicWall Advanced Protection Suite

The SonicWall Advanced Protection suite (available in the TotalSecure – Advanced Edition bundle) includes:

Gateway Anti-Virus & Anti-Spyware

Stop viruses and spyware with real-time scanning and multi-layered protection through the Reassembly Free Deep Packet Inspection (RFDPI) engine. The RFDPI engine scans all inbound, outbound, and intra-zone traffic for viruses, Trojans, key loggers, and other malware in files of unlimited length and size across all ports and TCP streams. Block advanced threats with machine learning and a worldwide network of security sensors that are constantly updating a cloud database of millions of threat signatures. On top of that, SonicWall Capture Client uses static AI engines to determine threats before they have an opportunity to execute.

Intrusion Prevention Service

Prevent outside threat actors from setting foot in your network! SonicWall IPS blocks malicious worms and remote code execution. It also bolsters your security by segmenting networks into individual security zones to stop threats from propagating across zone boundaries.

Blog Banner General Buy Now Red-High-Quality

Content Filtering

Want to block Netflix, Facebook, YouTube, and gaming sites from your network? Deny access to illegal, unproductive, and/or inappropriate sites by filtering content based on users, devices, groups, or time of day. Enforce acceptable use policies and block access to both HTTP and HTTPS websites containing content deemed objectionable.

24×7 SonicWall Support

Ensure you’re always armed with the latest firmware updates. Plus, get unfettered access to an intuitive web portal for round-the-clock support from the SonicWall team.

Capture Advanced Threat Protection

SonicWall Capture ATP is a multi-engine, cloud-based sandbox solution that prevents unknown attacks and advanced threats like ransomware and encrypted malware. Capture ATP even offers automated remediation and damage rollback in case of a breach.

Basic DNS Security

Provide authentication for the origin of Domain Name Service (DNS) data to safeguard against dangerous web content. Basic DNS protection adds a substantial layer of defense between your employees and the public Internet.

Network Topology with Host Info

Increased visibility lets network administrators monitor and control traffic at a granular level, leaving no doubt about whether your network is secure. Display hosts, access-points connected in a user’s network based on device name, mac addresses, IP addresses, and more.

Real-Time Deep Memory Inspection

Real-Time Deep Memory Inspection (RTDMI) detects malware and zero-day threats by inspecting directly in memory, offering analysis of every bit of network traffic in real time without adding latency.

Cloud Management & Reporting

The era of digital transformation is upon us and small businesses are ready to upgrade their cloud infrastructure. SonicWall cloud management allows admins to manage firewalls through the cloud via Network Security Manager or Capture Security Center. Plus, Network Security Manager Essentials, included with SonicWall Advanced Protection, features seven days of cloud-based reporting to easily analyze and understand how your network is performing.

Which Firewalls Offer SonicWall Advanced Protection?

SonicWall TotalSecure Advanced Protection (Note: For non-Gen 7 TZ Firewalls, TotalSecure Advanced Edition still refers to Advanced Gateway Security Suite) rolled out with SonicOS 7 and, as such, is only supported on Gen 7 SonicWall firewalls. This generation includes the SonicWall TZ270,  TZ370, TZ470, TZ570, and TZ670. SonicWall Advanced Protection will also be available on the SonicWall NSa 2700 when it is released in late 2020 or early 2021. And a final note, the basic Threat Protection bundle is only available on the TZ270, TZ370, & TZ470.

SonicWall Advanced Protection for Gen 7 TZ Firewalls

 

Blog Banner General Buy Now Red-High-Quality

Anatomy of a Phishing Email – How to spot social engineering emails targeting your small business

By Andrew Harmon

Posted On November 20, 2020

Anatomy of a Phishing Email – How to spot social engineering emails targeting your small business
email security phishing sandboxing social engineering spearphishing

The local fire department is reaching out to let our small business know that we’ve passed our inspection. Very important! Or is it? Let’s take a close look at an innocuous email that slipped into a Firewalls.com inbox in an article we’re calling “Anatomy of a Phishing Email.”

A Not So Convincing Phishing Attempt

How phishing attacks work

Building false trust – The above email was definitely targeted. By providing accurate information about our company, street address, and employee names, this attacker was attempting to build trust with the recipient. Social engineering attackers often attempt to impersonate legitimate mail senders by doing pre-emptive research on their targets.

Setting the bait – Phishing attackers are always on the lookout for some theme to build their scam around. This bait often relates to trending news topics, routine business processes, or impersonating someone you know. In this example, our phisher relied on quarterly fire inspections in an attempt to trick our recipient. Fire inspections are routine, but infrequent enough that the average employee will not have much knowledge about their last checkup. On top of that, the setup sounds critical to everyday business operations at first glance.

Springing the trap – Fortunately, our team was quick to spot the fake. This attacker wanted our recipient to visit a certain URL where something far more nefarious lies in wait. Here, the attackers provide a hyperlink that they know will not function properly and provide further instructions to manually enter a URL, rerouting victims to their intended trap.

Blog Banner General Buy Now Red-High-Quality

How can you spot a phishing attempt?

There are several questions you should ask yourself if you think you may be the target of social engineering. Here are a few things that stuck out to Firewalls.com that made us suspicious.

Sender legitimacy – Is your local fire department really going to send you an invoice by email? Have you ever received an email from this person/organization before? Most businesses and institutions won’t suddenly reach out to you via a new platform without some warning first. If the legitimacy of the senders gives you pause, you may be a target!

What information do they know about me? – Building trust by personalizing phishing emails to their target is common sense. You are more likely to believe hackers’ schemes if they seem to have accurate information about you. However, what exactly do they know? In this case, our attacker seems to know an email address, company name, and a physical address. Impressive at first sniff, but this is all publicly-available information! Never take the bait just because it has your name on it.

What is being asked of me? – While the initial setup seems believable enough, this ruse starts to fall apart when you peel back the layers. Why would the fire department send me a link that they know is broken? Why send complicated instructions on how to manually edit URLs to work around a defunct web portal?

Does it all match up? – If an email says it is from the local fire department, but the send domain contains something completely unrelated (mobile-eyes?), you may be onto something! In this example, the attacker is instructing our recipient to visit a web domain that has nothing to do with fire inspections. More like “mobile-eye-don’t-think-so.”

What to do if you think you received a phishing email

Never spring the trap – First and foremost, do not click anything! Links, attachments, replies, forwards—leave it all alone. You cannot be breached simply by receiving the email, so stop while you are ahead.

Get IT involved – Alert your IT team and immediate supervisors. If you have even an inkling of doubt about the legitimacy of an email, there’s no harm in getting a second opinion from an expert. Reach out to your IT department for further guidance.

Block the sender – If this is just one attempt in a more persistent or complex spearphishing campaign, there will be further emails brewing. Blocking the email domain of a bad actor prevents a future lapse in judgment or mistake from providing a second point of entry for foiled attackers.

Rely on defense-in-depth – Want to know the easiest way to sidestep an attempted phishing scam? Do not let it ever land in your inbox. Defense-in-depth network security strategies employ email encryption, cloud-based sandboxing, and Time-Of-Click protection to provide email security before, during, and after delivery of suspicious messages. Tools such as SonicWall Capture Advanced Threat Protection and Barracuda Essentials take the guesswork out of checking your mailbox.

Ransomware and malware delivered through phishing emails are more rampant than ever before. Whether hackers are relying on coronavirus scams, election news, Black Friday deals, fire inspections, or otherwise, there’s always some new social engineering scheme on the horizon. Protecting yourself starts with educating yourself against these attacks. Stay safe while holiday shopping by tuning into our podcast episode “Black Friday Becomes Cyber November 2020” featuring Dan Lohrmann.

Blog Banner General Buy Now Red-High-Quality

Want to learn more about phishing and social engineering?

Check out our podcast on Phishing with SonicWall’s Matt Brennan.

Check out our Firewalls.com Threat Dictionary entries on ransomware, phishing, and spearphishing.

3 Best Network Switches for Business 2020

By Andrew Harmon

Posted On November 5, 2020

3 Best Network Switches for Business 2020
cisco meraki fortinet fortiswitch MS Series network switch SonicWALL sonicwall switch switch

3 Best Network Switches for Business 2020

The best network switches make life easier for an IT team. Though network security can be maddeningly complicated, network switches ease the complexity. By connecting multiple devices across your network, switches allow secure data sharing over multiple appliances and endpoints.

Powerful centralized management lets administrators deep dive into network issues, deploy unified policies, and manage hundreds of sites through a single dashboard. Network switches are a bridge between devices, using MAC addresses to forward data through layer 2. In sum, they play a vital role in modern Local Area Network (LAN) deployments.

Blog Banner General Buy Now Red-High-Quality

What is a Network Switch?

secure network switch integrates all the devices on your network, allowing for seamless sharing and data transfer between them. This can include everything from firewalls and wireless access points to VoIP phones, printers, servers, and more. Further, these devices can be monitored and controlled through a centralized management platform, allowing admins to quickly and easily shift resources across the network to safeguard productivity for business-critical applications and services.

SonicWall Sonic Switch

Network switches are integral parts of a complex network, providing a wired or virtual connection to desktop computers, IoT devices, and more. For starters, every switch includes a set number of Ethernet ports which support a varying number of connected devices. On top of that, you can “stack” switches in a series, allowing your business to scale up and connect larger numbers of devices and users to the LAN.

What to Look for in a Network Switch

Network switches can be complicated, but they are necessary for seamless end-to-end network security and performance. Before deciding which network switch is best for any business, consider a few questions:

  • How many users are operating on the network? This user count includes all Internet-connected devices
  • How will the switch receive power? Power-over-Ethernet options make certain switches more appealing for complex deployments
  • What is the business’ Internet speed and how much is used? Multi-gigabit switches will help in utilizing the full ISP speeds

For more considerations to take into account, check out Buying a Network Switch: 5 Things to Consider.

Top 3 Network Switches in 2020

 

Cisco Meraki MS Series

Key Features:

  • Superior network transparency with granular visibility at the app & hostname level
  • Zero-touch provisioning allows for rapid deployment across the network
  • Packet capture & other remote diagnostic tools help troubleshoot network errors

What Makes Cisco Meraki MS Series Switches One of the Best Network Switches in 2020?

Cisco Meraki MS Switches are purpose-built for intuitive management and ease-of-use. Cisco Meraki network switches do not require a Command-Line Interface to manage ports or change configurations. As a result, network administrators get access to a centralized management platform with granular visibility and control by just plugging it in. On top of that, a simple dashboard helps admins sort through information and  track events with a detailed change and event log.

Cisco Meraki switches allow “virtual stacking.” In other words, switch port configuration changes can be made on the dashboard without the need to install and deploy additional on-premise switches. Therefore, you can start on-prem, then build up into the cloud!

 

Fortinet FortiSwitch network switchs

Fortinet FortiSwitch

Key Features:

  • Centralized access management from FortiGate firewall interface
  • Stack up to 300 switches per FortiGate
  • Great for converged environments with VoIP, data, & wireless traffic on a single network

What Makes FortiSwitch One of the Best Network Switches in 2020?

FortiSwitch secure access network switches integrate into Fortinet’s wider Security Fabric. That is to say, it ties together all Fortinet-family products on your network into a real-time threat response system managed directly through a FortiGate firewall. As a result, the single-pane-of-glass dashboard provides control over users and devices regardless of how they’re connected to your network.

Fortinet network switches support wire-speed switching protocols in addition to Store & Forward mode. On top of that, the FortiSwitch appliance is ideal for a SD-Branch deployment, further enabling businesses of any size to enjoy the benefits of digital transformation.

 

Blog Banner General Buy Now Red-High-Quality

 

SonicWall Switch (SWS)

Key Features:

  • Easy-to-manage network segmentation & compliance auditing
  • Ability to roll out devices across the network quickly & securely
  • Prioritize network traffic for superb Quality of Service for business-critical apps

What Makes SonicWall Switch One of the Best Network Switches in 2020?

When paired with a firewall, SonicWall Switches deliver end-to-end security that simplifies management and network troubleshooting. This tightly-knit security posture eliminates blind spots and gaps. In turn, it helps network administrators locate and eliminate weak points in their security infrastructure.

SonicWall Switches are flexible, high-performance networking appliances that provide high port density and Power-over-Ethernet capabilities. Additionally, they offer multi-gigabit performance at prices affordable even for small businesses.

 

But wait, there’s more…

Looking for the best protection for your small business?

Give us a call at 866-957-2975 to find the perfect fit!

Shopping for email security, endpoint, wireless access, or ransomware protection? Then you should check these out, too:

Top 4 Email Security Solutions of 2020

By Andrew Harmon

Posted On October 21, 2020

Top 4 Email Security Solutions of 2020
AntiSpam antivirus barracuda essentials email security fortimail malware phishing Ransomware sonicwall totalsecure Sophos

Top 4 Email Security Solutions of 2020

The best email security solution ends up pulling a lot more weight than most network security services in 2020. Unless you live under a rock, you are increasingly aware of the ransomware scourge plaguing small businesses and enterprises alike. Email security targets advanced threats where they’re most likely to attack: your inbox. Thanks to social engineering schemes, your small business email service is a big, flashing target for hackers looking to infiltrate the network. Business emails are exceedingly vulnerable to advanced threats, like:

  • Phishing & spearphishing
  • Domain squatting
  • Cloud-based malware droppers
  • Business Email Compromise & account takeover
  • Impersonation & fraud

What makes email-borne attacks so efficient and how can you stop them in their tracks? We’ll break down the four best email security solutions of 2020, explain how they rebuff the bad guys, and help you find the email security solution that best fits your network needs.

How does email security keep you safe?

Email security solutions are often multi-faceted platforms that integrate several moving pieces to form a cohesive, defense-in-depth strategy. Email security monitors both inbound and outbound email traffic, allowing networks to scan the contents of messages and attachments to determine their intentions. Pair this with other fail-safes such as a cloud-based sandbox, anti-spam, and anti-malware services, and you’ve got a robust system that can keep an eye out not just for viruses, but also for sensitive data exfiltration and impersonation attempts.

Modern email security appliances and services offer multi-layered security by scanning all email contents, URLs, attachments, and headers with advanced analysis techniques. These techniques recognize threats based on their behavior, NOT by relying on known threat signatures. Just as the bad guys train to imitate the way you write messages, the best email security solutions are experts at spotting subtle clues in messages that betray malicious intentions.

What to look for in an email security solution

Email security solutions need to be more than just effective; they also must be user-friendly. Simplifying the challenges of network security is crucial to a network security infrastructure that meets your business goals. The best email security solution for small businesses is one that’s easy to setup and manage.

Other factors to look for in the best email security solution for your needs include:

  • Email spooling that allows for business continuity even during Internet loss or power outages
  • Message archiving to make regulatory compliance audits easier
  • Real-time threat intelligence updates that keep your email security constantly evolving
  • Task automation & robust reporting to effortlessly manage addresses, accounts, & user groups

Top 4 Email Security Solutions for Small to Mid-Sized Businesses

 

SonicWall Ransomware Solutions 2020

SonicWall TotalSecure Email

Key Features:

  • Industry-validated Capture Advanced Threat Protection sandbox stops ransomware & zero-day threats from ever reaching your inbox
  • Users protected from clicking on malicious links across any device or location with time-of-click URL protection
  • Granular Data Loss Prevention & compliance policies protect data

What makes SonicWall TotalSecure one of the Best Email Security Services in 2020?

SonicWall Email Security appliances and software provide multi-layered protection from inbound and outbound email threats and compliance violations by scanning all inbound and outbound email content, URLs and attachments for sensitive data. What’s more, they deliver real-time protection against ransomware, targeted phishing attacks, spoofing, viruses, malicious URLs, zombies, directory harvest, denial-of-service and other attacks.

TotalSecure Email leverages multiple, patented SonicWall threat detection techniques and a unique, worldwide attack identification network.

 

Sophos Ransomware Solutions 2020

Sophos Advanced Email Protection

Key Features:

  • Sophos Synchronized Security connects Sophos Email security with endpoint protection, delivering automated detection & clean-up
  • Compromised Mailbox Detection services detect outbound spam & malware to safeguard send reputation
  • Sophos Phish Threat gives you tools to test & train employees on cybersecurity awareness

What Qualifies Sophos Advanced Email Protection as one of the Best Email Security Services in 2020?

Sophos Email integrates in real-time with Sophos Central, an intuitive console for managing all your Sophos products. By extending Sophos Synchronized Security to your inbox, you ensure email security integrates into your entire network security posture.

Only Sophos Central lets you build and manage multiple lines of defense from email-borne threats, allowing you to respond to threats faster. This includes secure email, cybersecurity awareness training, and next gen endpoint protection, all from a single mobile-optimized portal.

 

Barracuda Logo

Barracuda Essentials – Email Security & Compliance

Key Features:

  • Real-time detection of dynamic threats constantly updates with 24×7 threat intelligence
  • Outlook plug-ins & mobile apps for easy user access
  • Barracuda Cloud Email Archiving integrates with Exchange & other cloud-based email services to create an indexed archive

What Qualifies Barracuda Essentials as one of the Best Email Security Services in 2020?

Barracuda Essentials filters and sanitizes all messages before delivery to your mail server. This protects your network from email-borne threats and social engineering before users even have a chance to click a link. Barracuda Essentials combines virus scanning, reputation checks, URL protection, spam scoring, real-time intent analysis, and other techniques to monitor threats across all potential attack vectors.

 

Fortinet Email Security Solutions 2020

Fortinet FortiMail Appliances

Key Features:

  • Outbreak protection, content disarm & reconstruction, sandbox analysis, & impersonation detection combined into a single hardened appliance
  • Prevent data loss with powerful, identity-based email encryption
  • Integrate with full suite of Fortinet products as well as third-party Fortinet Fabric Partners by sharing Indicators of Compromise across Fortinet Security Fabric

What Qualifies Fortinet FortiMail as one of the Best Email Security Services in 2020?

FortiMail secure email gateways stop volumetric and targeted cyber threats to secure dynamic attack surfaces. FortiMail also prevents the loss of sensitive information and simplifies regulatory compliance. Offered as high-performance physical and virtual appliances, FortiMail is flexible enough to deploy on-site or in the public cloud to meet a wide range of business goals and security needs.

 

Looking for the best email protection for your small business?

Give us a call at 866-957-2975 to find the perfect fit!

Ransomware Attack Clapback: How to Prepare if You’re Targeted

By Andrew Harmon

Posted On October 9, 2020

Ransomware Attack Clapback: How to Prepare if You’re Targeted
barracuda backup intercept x phishing Ransomware Sophos sophos intercept x

Ransomware Attack 2020: Why Prepare

It seems like every week in 2020, we hear about another major ransomware attack. While volume continues to grow in recent years, more troubling is the fact that ransomware is getting more targeted. Why is this more troubling? Because of its more targeted nature, it’s also getting more effective. Many ransomware cells now study their targets to pinpoint weaknesses, then customize attacks to exploit them. Not only that, they select targets and set ransom amounts based on knowledge of what those victims can pay.

And one more troubling fact to keep you up at night: soft targets are particularly vulnerable. That is, bad actors are placing local governments, school systems, nonprofit organizations, and even healthcare providers in the crosshairs. So even if your business avoids attack, a successful breach of one of these targets has major effects on day to day life. Enough preamble though. If you made it this far, you know the situation is serious. Here are three ways to prepare to clapback, so an attack won’t stop you in your tracks.

Train Your Staff

Your employees can be either the point of entry or the first line of defense for a ransomware attack. The choice is yours. Among the most common ways for ransomware to infect your network is once again through phishing emails. If your network users don’t know what to look for, they may unsuspectingly click on an attachment that delivers the malicious payload. Simple training makes all the difference, sharing tips like:

  • Double-check the domain name that sent the email
  • Look for spelling errors as well as numbers replacing letters
  • Review the signature & legitimacy of the request
  • Hover over links – without clicking – to check where they lead
  • Don’t click on attachments unless you’re sure of the source

There are applications available to let you test your employees & reinforce training without the consequence being an actual breach. Check out Sophos Phish Threat and Barracuda PhishLine for a couple worthy examples. Oh and one other key piece of training? Teach your employees to report any suspicious contacts asking for a way into your network.

Layer Your Security

The best approach to network security in 2020 is a layered one. As we just noted, well-trained employees are one layer, but there are many others to consider. If you haven’t heard by now, it all starts with the firewall. Your firewall – operating the latest and greatest security services – should be the cornerstone of a protected network setup. A current generation firewall plus those security services protects against just about any threat that comes your way. Companies now commonly incorporate threat intelligence – both human and the artificial variety – plus machine learning into their security offerings. That means they’re on the cutting edge to recognize and stop ever evolving ransomware and malware varieties.

But with the workforce extended beyond the perimeter now more than ever, your security must do the same. That means endpoint protection and secure access to your network for remote employees are also musts. Endpoint protection not only gives you visibility into these remote devices, it also extends many of the same security services to them individually. Ensuring secure access via VPN then brings your teleworkers back under the security of your firewall and network setup. And the layering shouldn’t stop there. Ensure you have email security in place to filter out suspicious messages before they even reach the eyes of an employee. And segment your network so a breach of one device doesn’t extend throughout. This may sound like a lot, but bundling services is surprisingly reasonable, and security costs much less than a successful ransomware attack ever will.

Backup So You Can Rollback

This could easily fall under the layers above, but when it comes to a ransomware attack, backup deserves a spotlight all its own. If you are successfully breached and your files encrypted, the smart money isn’t on paying the ransom, it’s on rolling back. Regular backups of your data allow you to get right back to work with minimal interruption, even if a ransomware attack occurs. A Sophos survey of 5,000 IT managers found more than half of firms whose data was encrypted by ransomware restored it through backups. Why is that? There are no guarantees when you pay the ransom. Plus, you don’t really want to support a criminal enterprise. And on a more practical note, Sophos also found that paying the ransom resulted in twice the remediation costs of restoring data from backups. Even if the ransomware cell you’re working with gives you the encryption key when you pay up, you still have to dedicate time and effort to restoration. So why not just have the restoration already available in house. Learn about Barracuda Backup and Sophos Intercept X with CryptoGuard for a couple of options to ensure you’re not caught flat-footed when a ransomware attack comes.

← Older posts Newer posts →