Preparing for the Tempest: SonicWall’s 2020 Cyber Threat Report

By Andrew Harmon

Posted On February 28, 2020

Preparing for the Tempest: SonicWall’s 2020 Cyber Threat Report
cyber threat cyber threats IoT Ransomware SonicWALL

The Past is Prologue

As Shakespeare once wrote, “the past is prologue.” When it comes to cybersecurity, knowing the recent past – and trends in the threat landscape – is vital to protecting your network against the latest and greatest hazards. And so the past – as in 2019 – is prologue in the 2020 SonicWall Cyber Threat Report. The report is prepared by SonicWall’s Capture Labs threat research team. It provides an in depth look at the cyber threats of 2019 to help businesses, governments, and organizations of all sizes better prepare to stop the threats of 2020. Let’s take a look at some of the highlights of the Cyber Threat Report.

SonicWall 2020 Cyber Threat Report

Ransomware Shifts Strategy

The good news: Ransomware attacks were down in 2019 – 6% in fact – from the all-time high recorded in 2018. There were a grand total of 187.9 million last year. The less good news? Well, you probably saw it in the news. There was an increase in targeted attacks, hitting government networks, power grids, and even schools & hospitals. Attackers more and more are focusing on quality over quantity, looking for targets that are most likely to pay rather than blanketing all corners of the connected world.

Just how many of these targets were hit last year? It’s probably under-reported because victims can be hesitant to reveal a breach. But more than 140 state and local governments were successfully targeted for the year, and over 600 schools and hospitals – just through September. The Cyber Threat Report warns, however, that the average individual can still be a target, too. Researchers note that ransomware operators are more willing than ever to have a dialog and negotiate with their victims to get a payout. They’ll even use things like sextortion scams, a form of blackmail that suggests the attacker has compromising information or images that they’ll release unless the victim pays.

IoT Malware on the Rise

You down with I-o-T? Yeah, probably! While internet of things devices are hardly Naughty By Nature, they’re becoming more and more ubiquitous. As in, if you’re reading this, there’s virtually zero chance you don’t use some type of IoT device(s) in your everyday life. But with that popularity comes greater exposure. In 2019, the Cyber Threat Report indicates there were 34.3 million IoT malware attacks. Oh, and those attack numbers – much like the number of IoT devices – are trending up.

Security has not initially been a priority for most IoT device manufacturers. With no standards in place, devices commonly come with out-of-the-box vulnerabilities like weak or hard-coded passwords, unsecured interfaces, and a lack of secure update mechanisms. An otherwise secure network with vulnerable IoT devices may be leaving a backdoor wide open for hackers to access data.

Encrypted Threats Continue Growth

While transport layer security (TLS) and its predecessor, secure sockets layer (SSL) encryption standards are largely meant for good, bad actors are always looking to spoil the fun. Encryption when used for wholesome purposes ensures privacy and protects data. But hackers use this encryption against a network, sending malicious packers to obfuscate malware files. That can get them through a network’s standard defenses. The Cyber Threat Report shows our aforementioned bad actors sent 3.7 million malware attacks over TLS/SSL traffic in 2019, 27.3% more than the year prior. Why is this technique on the rise? Many firewall appliances don’t have the capability or power to detect, inspect, and stop attacks sent through encrypted traffic.

Defenses Are Improving, Too

Most of this Cyber Threat Report analysis is probably giving you anxiety, so let’s end on a positive note. The forces for good are continually improving their (which also means your) defenses against these hazards. Security advances include faster identification – and in turn faster mitigation – of zero-day threats. For instance, SonicWall is able to ID never-before-seen malware variants about 2 days before malware repository VirusTotal receives samples. Also noted are advancements made in deep memory inspection technology to combat side-channel attacks among others. In SonicWall’s case, that technology is a part of its Real-Time Deep Memory Inspection (RTDMI) engine. You can get a taste of it with a new SOHO 250 or TZ350 bundle. The report additionally spotlights growing momentum of perimeter-less security as traditional boundaries go by the wayside. This includes the introduction of the secure access service edge (SASE), which would combine software and service-based security solutions.

Want to Learn More?

Visit our Threat Dictionary to get updated on some of the latest cyber threats out there today. Shop for SonicWall security solutions like firewalls, web application firewalls, and cloud app security to name a few. And get your very own copy of the full 2020 Cyber Threat Report to dig into all the nitty gritty details yourself.

WatchGuard AP327X brings trusted wireless environments out of the server room

By Andrew Harmon

Posted On February 24, 2020

WatchGuard AP327X brings trusted wireless environments out of the server room
watchguard watchguard ap

WatchGuard is extending their Trusted Wireless Environment pledge to the great outdoors and now is a great time to snag the new WatchGuard AP327X. A trusted wireless environment means more than unique SSIDs and complex passwords. With Wi-Fi touching everyone’s lives in some way or another these days, it has become clear that wireless networks need to be more than just fast; Wi-Fi should be safe and trustworthy for the users that connect to it.

The WatchGuard AP327X is designed for any and all outdoor conditions, with an IP67-rated enclosure that lets it stand up to abuse including temperatures as low as -40 degrees Fahrenheit and as high as 149 degrees. Steamy weather more your problem? It withstands humidity up to 95% thanks to a sealed chassis that can be mounted with direct exposure to the elements. No overhangs, shelters, awnings, or other protective housing are required. That means you can bring a secure wireless network to campuses, warehouses, manufacturing yards, malls, public hotspots, parks, festivals, fairgrounds, camp sites, arenas, and more.

WatchGuard AP327X Outdoor Wireless Access Point

WatchGuard AP327X

Medium-density, outdoor deployment

Radios: 2×2:2 MU-MIMO Wave 2

Antennas: 4 N-Type External Connectors

Maximum Data Rate (5/2.4Ghz): 867 Mbps/400 Mbps

PoE: 802.3at PoE+

Processor: Qualcomm IPQ4029-1-583 MSP

Memory: 512MB RAM & 128MB Flash

 

Antennas to fit any deployment

The WatchGuard AP327X includes 4 N-Type connectors of antennas, allowing greater flexibility in deployment and signal steering. 360-degree omni-directional coverage is the best choice for installations in which the WatchGuard AP327X is centrally located. In this configuration, the AP327X provides stable, secure wireless for outdoor recreation areas, pools, manufacturing buildings, and public hotspots where wireless signals are necessary in all directions. A variety of alternative external antenna choices leaves plenty of customization for complex deployments where flexible coverage patterns can prove a challenge. Built-in smart steering ensures that roaming clients are automatically shifted to the closest access point.

“Why isn’t the Wi-Fi working?”

If you’re an IT administrator, you may be very familiar with the question: “Why isn’t my Wi-Fi working?” When users lose connectivity or experience slowdowns, they come looking for explanations that admins may not readily have. WatchGuard’s Wi-Fi Cloud management provides answers for these Wi-Fi coverage mysteries, boasting a robust suite of Wi-Fi visibility, troubleshooting, and baselining capabilities that allows admins to pinpoint network and application errors whenever or wherever anomalies occur. Plus, the WatchGuard AP327X continuously scans for wireless threats and enforces security policies even if connection to the Wi-Fi cloud is lost or interrupted.

Join the Trusted Wireless Environment Movement

WatchGuard recognizes the importance and pervasiveness of wireless Internet in 2020. Users are increasingly demanding more connectivity, faster speeds, and, most importantly, Wi-Fi networks that they can trust to keep their data safe. With advanced threats like ransomware, malware cocktails, and zero-day vulnerabilities looking to exploit the rapid growth of wireless technologies, it is more important today than ever before to ensure you’re protecting your network and the users that rely on it. Check out Episode 13 of Ping: the Firewalls.com Podcast to learn how the Emotet malware is scanning wireless networks to spread to connected devices.

 

Fortinet Cyber Threat Assessment for SD-WAN, FortiGate, & FortiMail

By Andrew Harmon

Posted On February 14, 2020

Fortinet Cyber Threat Assessment for SD-WAN, FortiGate, & FortiMail
ctap fortigate fortimail fortinet sd-wan

The Cyber Threat Assessment Program

There are exactly two ways to test your network’s security against cyber threats: run validation testing to assess precisely how your network performs or wait for the real thing to happen and draw conclusions while you’re picking up the pieces in the aftermath. While trial-by-fire is certainly a conclusive way to assess your network security, Firewalls.com strongly recommends the former option. Fortinet’s Cyber Threat Assessment Program is a convenient and non-intrusive process that lets you see where your network stands without interrupting day-to-day operations.

The assessment is free of charge, requires little to no legwork on your part, and yields results in just over a week. Check out the infographic below to see how it works, or listen to our recent podcast episode where we discuss Cyber Threat Assessments with Fortinet’s Ben Bolen.

See How Fortinet’s Secure SD-WAN Can Save You Time & Money

Been curious about SD-WAN? The very same process described in the infographic above can be used for an SD-WAN assessment as well! Fortinet’s Secure SD-WAN allows for high-speed application performance at the WAN edge, intelligently determining the ideal routes for MPLS, 3G/4G, or broadband traffic. Since traditional WAN architectures are not equipped to accommodate the high-demand workloads modern organizations who may be using applications spanning multiple cloud environments. Now you’re one FREE assessment away from seeing exactly how Secure SD-WAN can transform your network.

 

What Information Is Included In CTAP Report?

The Fortinet Cyber Threat Assessment focuses on three key areas: Security, User Productivity, & Network Utilization.

  • Security: Details network vulnerabilities and helps to identify which devices and applications are at an elevated risk so that they can be properly secured. In this section of the report you’ll get to see which vulnerabilities and threats were observed bypassing your existing security solutions.
  • User Productivity: Provides extensive visibility into peer-to-peer, messaging, and other application usage to see how users are using your network in their daily work. In this section you’ll see how spam, newsletters, and other cyber nuisances impact how your users navigate the network.
  • Utilization: Provides real-world numbers about throughput and bandwidth usage during peak traffic. In this section, you’ll get to see when your network resources are needed most and where waste can be eliminated.

No Risk, No Extra Work, No Commitments

The infographic above outlines the basic process for receiving, setting up, and reviewing your results. At no point in the process are you required to make any purchases, change any settings, or meet any deadlines. Fortinet’s Cyber Threat Assessment is a risk-free program that requires no more extra work than plugging in a cord. If at any point you decide you want to end the test, pull the cord back out! That’s it. No money changes hands, no contracts are signed, and no network settings are changed. If you want to dump your final assessment in the trash, no problem. The report is yours to use as you see fit.

Ready For Your Free Assessment?

Getting your Cyber Threat Assessment is as easy as filling out a form on our Fortinet Cyber Threat Assessment Program page. Leave us your contact info and Firewalls.com will work behind the scenes to get a test set up for you. We work closely with Fortinet to make sure the test requires as little effort on your part is possible.

 

FortiGate 40F – Secure SD-WAN for the Small Business

By Andrew Harmon

Posted On February 10, 2020

FortiGate 40F – Secure SD-WAN for the Small Business
fortigate 40f fortinet sd-wan

FortiGate 40F – Secure SD-WAN for the Small Business

Compact. Fanless. Affordable. Secure. The new FortiGate 40F from Fortinet hits all the marks when it comes to arming small businesses and branch offices with the fast, secure access necessary in 2020. Fortinet is an industry standout in the SD-WAN arena thanks to their innovative SoC4 SD-WAN ASIC processor. You may recognize this mighty, mini-sized processor from Fortinet’s other recent additions: the FortiGate 100F & FortiGate 60F. Fortinet’s best-of-breed SD-WAN allows for intelligent application steering, scalable VPN capabilities, and other advanced networking capabilities.

Blog Banner General Buy Now Red-High-Quality

The best part? While boasting all of the SD-WAN capabilities of its larger cousins, the tiny FortiGate 40F also reaches maximum throughput speeds up to 5.0 Gbps. For an appliance built with small offices in mind, those speeds are insane!

Learn more in our 40F feature review video:

FortiGate 40F Spec Snapshot

FortiGate 40F with Secure SD-WAN

Fortinet FortiGate 40F

Max Firewall Throughput: 5.0 Gbps

Threat Protection Throughput: 600 Mbps

Network Interface Ports: Multiple GE RJ45

Maximum Connections (TCP): 700,000

New Connections/Second (TCP): 35,000

Maximum Supported Wireless Access Points: 10/5 (Total/Tunnel Mode)

Hardware-Only MSRP: $495

 

“Do-It-Yourself” SD-WAN Deployments

Fortinet makes life for small business owners easy. All FortiGate Secure SD-WAN appliances are easily managed through Fortinet’s Security Fabric in the Fabric Management Center. Paired with zero touch deployment, the FG-40F is user friendly even for businesses with limited IT staff, letting you skip a burdensome manual configuration.

Blog Banner General Buy Now Red-High-Quality

Looking for More Small Business Solutions from Fortinet?

Our website is now bursting with Fortinet network security options for you to shop!

Shop FortiGate Firewalls if you’re looking for enterprise-grade protection at SMB prices.

Extend fast, secure WiFi with Fortinet’s FortiAP access points with integrated WLAN controllers.

Future-proof your setup with secure, scalable FortiSwitch Network Switches.

Or browse all of our Fortinet products to find the perfect solution for your unique network needs.

What are the Differences Between the FortiGate 60F and FortiGate 60E?

By Andrew Harmon

Posted On November 14, 2019

What are the Differences Between the FortiGate 60F and FortiGate 60E?
fg-60e fg-60f fortigate fortinet

The FortiGate 60F arrived just last month and the network security community is already abuzz with praise for this high-tech security appliance. With its SoC4 security processor, application-specific chip set, and WAN edge capabilities, there’s a lot to get excited for. However, because firewall manufacturers tend to design and launch firewalls in successive series, there can be a bit of confusion when it comes to understanding the key differences between the FortiGate 60F and it’s predecessor, the FortiGate 60E. While the FG-60E is still one of the fastest and most secure (and most popular) firewalls in the industry, let us take a closer look at what new potential the FG-60F has in store.

 

FortiGate 60E Tech Specs at a Glance

Firewall Throughput: 3 Gbps

IPS Throughput: 400 Mbps

NGFW Throughput: 250 Mbps

SSL VPN Throughput: 150 Mbps

Concurrent Sessions (TCP): 1,300,000

New Connections per Second: 30,000

Firewall Latency: 3 μs

Blog Banner General Buy Now Red-High-Quality

FortiGate 60E Overview

The FortiGate 60E is one of the most secure Next Generation Firewalls ever designed, propelled by tons of industry awards and accolades. In fact, the FortiGate 60 series is the #1 selling firewall in the world with over 1.5 million units sold globally. Originally hitting the market in 2016, the FortiGate 60E includes a SoC3 (System-on-a-Chip) architecture that further accelerates networking performance well past the potential of previous generations. The FortiGate 60E was among the first Fortinet firewalls to be integrated into the then-emerging Fortinet Security Fabric infrastructure.

The FortiGate 60E is a Unified Threat Management (UTM) platform that delivers integrate wired and wireless networking for medium-sized organizations. This model includes built-in dual-band, dual-stream wireless with integrated internal antennas providing fast 802.11ac wireless. Further, a USB port located on the rear of the appliance allows for compatibility with 3G or 4G USB modems for additional WAN connectivity.

Though this Next Generation Firewall is a few years old, it continues to stand at the front of the pack when compared to its competitors. For any small business not particularly concerned with SD-WAN considerations, the FortiGate 60E still makes for an excellent option as a primary network firewall.

 

FortiGate 60F Tech Specs at a Glance

Firewall Throughput: 10 Gbps

IPS Throughput: 1.4 Gbps

NGFW Throughput: 1 Gbps

SSL VPN Throughput: 900 Mbps

Concurrent Sessions (TCP): 700,000

New Connections per Second: 35,000

Firewall Latency: 4 μs

Blog Banner General Buy Now Red-High-Quality

FortiGate 60F Overview

The FortiGate 60F is a high-performance SD-WAN solution in a compact fanless form factor. Designed for branch offices, remote outposts, and mid-sized businesses, the FG-60F simplifies remote access issues and helps organizations reduce long-term expenses by phasing out expensive MPLS connections. SD-WAN provides secure, direct Internet access for the kinds of cloud-connected applications that businesses now depend on like Dropbox, GitHub, Salesforce, Office 365, and more.

This security-focused WAN edge networking is made possible by Fortinet’s SD-WAN Application-Specific Integrated Circuit (ASIC). The first-of-its-kind SOC4 – first introduced in the more port-heavy, rack-mountable FortiGate 100F – delivers blazing fast application identification and steering for over 5,000 known cloud applications. Fortinet’s advanced routing capabilities mean that modern connected businesses achieve superb user experience without worrying about performance loss.

The FortiGate 60F joins its F-Series big brother the 100F as kings of the growing SD-WAN arms race and the industry’s news face of digital transformation. For any organization looking to deploy applications, devices, or cloud environments across multiple branch locations, the WAN edge efficiency of these models are just too great put them at the top of the shortlist.

Take a deeper dive into the FortiGate 60F with our video review on Youtube!

Try SD-WAN Yourself, For Free

Curious what all the hubbub about SD-WAN is about? Fortinet’s Cyber Threat Assessment Program allows you to test these new technologies in a real-world setting: your network! Get your hands on a free SD-WAN test drive and see how much time, money, and productivity your network is leaving on the table. Sign up for a free Cyber Threat Assessment today.

← Older posts Newer posts →