Latest News

Today, SonicWall announce the following new technology that simplifies proven security for newly extended distributed enterprises, governments and MSSPs; expand breakthrough economics to high-security environments; maximize investments by delivering proven, future-proof security; and make security administration easier and more accessible to more organizations.

• New SonicOS 7.0 simplifies the security experience with an all-new user interface and experience (UI/UX), which is smartly organized, includes intelligent device dashboards, re-designed topologies, SonicExpress mobile app support, and simplified policy creation and management.
  
  
• New SonicOSX 7.0 lets governments and enterprises scale faster, protect more and maintain control. The enhanced OS simplifies complex policy, audit and management controls — all while delivering the fresh, modern and easy-to-use UI/UX available on the new SonicOS 7.0 offering.
• New SonicWall Network Security Manager (NSM) 2.0 helps organizations re-gain visibility for sprawling, mass-scale environments. Optimize, control, monitor and manage tens of thousands of network security devices, including firewalls, managed switches and access points. A cloud-native management platform, NSM is designed for speed, scalability and reliability across the largest distributed enterprises.
• New SonicWall NSsp 15700 high-end firewalls, with multiple 100/40/10 GbE interfaces, TLS 1.3 support and compute-cluster-like processing capacity, help enterprises, governments, data centers and MSSPs get more from their investments as resource utilization and connection requirements grow with the explosion of connected devices and users.
• New SonicWall TZ570 and TZ670 next-generation firewalls are the first desktop firewall form factor to offer multi-gigabit (5/10G) interfaces for connectivity with SonicWall Switches or other networking devices in SD-Branch deployments — all with more than three times the threat performance and TLS 1.3 support.
• New SonicWall NSv 270, 470 and 870 virtual firewalls simplify protection of private and public cloud assets with scalable, virtual and cost-effective security.
• New SonicWall SonicExpress allows administrations to manage security on the go. Complete the most common management tasks, including firewall registration, setup, configuration and monitoring, and easily onboard new firewalls within minutes with three easy steps: register, connect and manage.
• New SonicWall CSa 1000 stops advanced cyberattacks that target large networks via an all-new on-premise appliance. CSa includes access to RTDMITM, which provides network-based protection against the future of side-channel attacks such as Meltdown, Spectre, Foreshadow, PortSmash, Spoiler, MDS and TPM-Fail.

For the full announcement, please read the press release, explore additional details on the SonicWall blog and see the new line of NSsp firewalls, TZ firewalls, NSv firewalls, NSM 2.0 and CSa 1000. SonicWall’s commitment has always been to help protect you, your business and your brand in the new business normal. Today, it’s never been easier to realize true cybersecurity by breaking free from the constraints of the past.

Using the SonicOS 6.2.5.3 or earlier versions of these firewalls, we’ll take a look at how you can block unwanted HTTPS websites, the steps and procedures to follow as well as some of the advanced features to implement.

Starting at the very beginning….

In earlier versions of the HTTPS traffic filtering, IP addresses would carry out the work, and filtering would be carried out based on these IP server addresses.

When we talk about Content Filtering, this applies to all domains entered within lists you create as well as those that match these lists (Match Objects), which can all be entered in your Allowed and Forbidden lists.

These points can be found with the Firewall application pages.

Ultimately, what this means is that when you enable Filtering for HTTPS Content, the information will be scrutinised under CFS, Configure, CFS window.

This CFS setting is globally applied and relates to:

• Forbidden Domains
• Allow Domains
• CFS Allow/Forbidden List (App Rules)
• CFS Category List (App Rules)

Keyword Blocking

From here you can get hostnames in two particular ways:

1. Finding the hostname to get rating info, by examining SSL Hello. If upon examination, you discover it supports the SSL server name and extension, you will be able to find the hostname in SSL Hello Client.

2. Finding the Common Name, again, by examining the Server Hello certificate.

How to block HTTPS Content

To ensure that the content you want to block is 100% blocked, you also need to configure this for HTTPS.

To do this, you need to log in to your SonicWall management system and choose the Security Services and Content Filter tab.

From here, within the Content-Type, make sure SonicWall CFS is selected and click on Configure.

Finally, change this to Enable and to make sure all changes are saved, click OK.

Users and Zone Screens

Within the SonicWall firewall settings, you can also add the custom list for Allow or Forbidden in CFS by selecting zone and user screens through CFS Policy Assignment heading.

Once this has been changed, make sure to click accept.

Within the Content-Type, click Configure once, and only once, SonicWall CFS has been selected.

Then you can move on to the Custom tab list.

To add custom lists, click on the Add button below the Forbidden Domains box and enter the sites/apps that you would like to block.

When you’re finished, click OK to save changes.

How to configure your custom policies to include your Allow/Forbidden list

Whatever has been included within the Forbidden box automatically applies to default policies.

However, to ensure the same applies to the Custom CFS policy, this needs to be manually agreed and input.

To do this, locate the Customs CFS Policy, Edit, and click on the Settings tab.

Change the field Source to Global for Forbidden Domains and click OK.

How, using App rules, you can add Allow and Forbidden Customised Lists to CFS

Going back into Security Services and locating the Content Filtering Page, make sure to choose App Rules found in CFS Policy Assignment – then click on Accept.

To match objects…

Open up your SonicWall firewall settings and find Match Objects. Choose the option Add New.

Here you will then be able to add your customised list of forbidden and allowed websites and domain names by selecting CFS Allow or Forbid.

You also have the option of loading such lists from files containing the names of your chosen domains – however, note, each domain should be on a separate line to the previous for it to be recognised, and there is a maximum file size of 8192 bytes.

Custom List Objects differ from CFS zones and users as it can’t be used as a standalone as it will only appear with a CFS Category List.

In these instances, it’s important to set your App Rules.

To do this, you need to go into your SonicWall application control and look for the App Rules.

Here you can tick the box to Enable and choose to Add New to create your own App Rules.

All messages recorded

SonicWall firewalls are sophisticated security applications used to provide you with maximum protection.

As such, they also provide you with detailed log messages showing users when CFS has blocked HTTPS websites.

Note: Users can’t and won’t see full logs, only that the page they have requested is not permitted at this time.

To find out more about SonicWall and how we can help protect you and your users further, call us on 0333 2405667 or visit this page.

Read the next article: How your SonicWall Firewall can protect you against even the worst cyber attacks

SonicOS 7.0 is the upcoming unified feature release that runs on all Gen 7 firewalls. Key highlights of the upcoming SonicOS are:

• New UX/UI (Dashboard, Device information, API, Topology view, Optimized policy engine)
• Storage support
• TLS 1.3 support
• Global search for static data
• Gen7 Connections scalability (SPI, DPI, DPI SSL)
• WWAN USB card support (5G/LTE/4G/3G)
• Gen7 SonicExpress Mobile app support
• SonicWall Switch Integration support
• NSM 2.0 support (Gen7 Zero-Touch Registration and Provisioning)

One of the most common questions we get asked is how to use the controlled features within firewall software to block pop-ups and apps such as YouTube etc.

Using SonicWall firewall software, we’ll talk you through how to block a program, as well as use some of the advanced features within the operating system.

Blocking programs using SonicWall Firewall

Our step by step guide below is based on the SonicWall management system.

Firstly, you need to login to your firewall system and click on Manage displayed across the top of the bar.

Then look for Rules Advanced Application Control (in some operating systems this page can be found under Security Services.

On this page, you then need to choose and tick the box that states Enable App Control, and for these changes to be accepted, click the Accept button to enable this control feature.

Then within the App Control Advanced and category, choose Multimedia, and click Configure.

Finally, within the Edit App Category window, within the Log and Block criteria, choose to Enable for both of these.

Once complete, click, OK.

If there is a multimedia site or a specific app that you would like to block, for example, YouTube the steps to block individual apps are as follows:

Go into App Control Advanced and look for Advanced Application Control.

Within this section, you can then choose the app or multimedia site in question, i.e., YouTube.

You then need to click Configure.

Again, within the Edit App section, and under the Log and Block criteria, you need to choose the option Enable for the individual site you have selected to be blocked from your network.

To ensure all changes are saved, click OK.

SonicWall Application Control

The SonicWall firewall has several signatures covering a variety of multimedia sites and apps, providing you with the option of whether you would like these programs blocked or not.

It’s important to know how to block unwanted apps and programs on an individual level, but it is also worth noting the signatures included within SonicWALL’s App Control.

The list of most up to date signatures can be found HERE.

Local Area Networks and Application Control

In some instances, it may be applicable to enable application control if you are operating using a Local Area Network (LAN).

To do this, on the top bar, locate Manage, and scroll to Navigate to Network / Zones.

From here, you can simply click on the configure button located under the network zone that you wish to enable the App Control for.

Make sure that you tick the box labelled, Enable App Control Service (found at the bottom right of the pop-up page).

Click OK so all changes can be saved.

Does it work?

This is a good question, and if we’re honest, the only way to truly find out is to test it!

To test, we’d advise you to log in to a site or app that you have recently blocked, such as the YouTube example we mentioned above – and do this from a host behind the SonicWall.

When logging in, use either HTTP or HTTPS, so you get the message reading, `the connection was reset page`. A message will also be logged in the SonicWall, which states that the connection was reset and that ultimately the site you are trying to access is unavailable at the moment.

If you use the HTTPS route, YouTube will display on your screen; however, you won’t be able to see anything or play any videos or content, and a further error message will also be displayed on the screen.

Within your SonicWall firewall, these attempted logins will be recorded for you to see.

If you are using earlier versions of SonicWall

If you are using earlier versions of firmware and SonicOS 6.2, the steps below will allow you to block apps and sites similar to what we have mentioned above.

Firstly, you need to login to your SonicWall management and locate your firewall within the App Control Advanced tab (this page may also be named Security Services).

Make sure to tick the box named Enable App Control - click Accept for all changes to be saved.

Then, in App Control Advanced, View Style, choose within the category, Multimedia.

Click Configure and move to Edit App Category, wherein the Log and Block criteria, change these to Enable.

Finally, hit OK.

Blocking specific and individual apps and sites

Again, we’ll use the example of YouTube as the app to block. Within the App Control Advanced page, look for the View Style Application.

Here you will be able to select the individual site or app you are looking to block/restrict.

Once you have chosen the site, click configure and move to Edit App Control App, change the Log and Block criteria to Enable.

Again, make sure to click OK, so all changes are saved.

SonicWall Firewall settings are designed with users in mind, so you will find them to be straightforward and easy to manoeuvre.

If you want any further information on SonicWall, Firewalls, and how to ensure your networks are 100% protected, call us on

Packed with features, these stackable switches are available in a compact form factor with an energy-efficient design. Available in seven models, ranging from eight to 48, with gigabit and 10 gigabit Ethernet ports, the switches work seamlessly with SonicWall next-generation firewalls and SonicWave APs to create an end-to-end multi-gigabit secure network. The Ethernet ports provide PoE options to power on various devices such as APs, VOIP phones and IP cameras.

Learn more: https://www.sonicwall.com/resources/videos/sonicwa...

See here for a list of products.

SonicWall have released the SonicWall Secure Mobile Access firmware 10.0.0.5.

SonicWall SMA 10.0.0.5 is a maintenance release that increases maximum connection capacity and fixes issues found in previous releases. See the Enhancements and Resolved Issues sections for more information (Release Notes).

This release supports all the features and resolved issues from previous SMA 10.0 releases.

You must have an active support agreement on your SMA device in order to download and install updates. SMA appliances and subscriptions can be found here

Just a quick update to let everyone know that we are still working 'as normal' and processing orders. Any hardware orders are still being despatched within our standard times and generally still being delivered next working day. Software orders are emailed, and taking about 2 to 3 hours on average, but please allow 24 hours just in case.

Thanks.

Due to the current Coronavirus (Covid-19) disease pandemic we are pre-generating many of the common licenses required for secure remote access so we can respond to orders quickly.

Different type of clients:

For firewall VPN remote access licenses we will endeavour to get your activation keys to you within the hour during business hours, but we are also periodically checking out-of-hours as well.

SonicWall VPN Clients: https://www.sonicwall.com/products/remote-access/vpn-clients/

Remote working and flexible working are now a big part of the way we work, and businesses and their teams operate.

Manage user licences better

Recent flaws in the design of WPA2 found by Belgian security researchers have publicly shown that more and more cybercrime regarding wireless networks is inevitable.

To find out more about the security solutions available to you, call us on 0333 2405667 or email enquiries@sonicwall-sales.com

For cybercriminals and threat actors, the digital frontier is a lawless panorama of targets and opportunity. Despite the best intentions of government agencies, law enforcement and oversight groups, the modern cyber threat landscape is more agile and evasive than ever before.

For this reason, SonicWall Capture Labs threat researchers work tirelessly to arm organizations, enterprises, governments and businesses with actionable threat intelligence to stay ahead in the global cyber arms race.

And part of that dedication starts with the 2020 SonicWall Cyber Threat Report, which provides critical threat intelligence to help you better understand how cybercriminals think — and be fully prepared for what they’ll do next.

Global Malware Dips, But More Targeted

For the last five years, cybercriminals overwhelmed organizations with sheer volume. But as cyber defenses evolved, more volume was not resulting in higher paydays. A change was in order.

In 2018, cybercriminals began to leverage more evasive and pointed attacks against “softer” targets. In 2019, global malware volume dipped, but attacks were more targeted with higher degrees of success, particularly against the healthcare industry, and state, provincial and local governments.

All told, SonicWall Capture Labs threat researchers recorded 9.9 billion malware attacks* in 2019 — a slight 6% year-over-year decrease.

Ransomware targets state, provincial and local governments

‘Spray and pray’ is over. Cybercriminals are using ransomware to surgically target victims that are more likely to pay given the sensitive data they possess or funds at their disposal (or both). Now it’s all about ‘big-game hunting.’

The report outlines the most egregious ransomware attacks of 2019, while also painting a picture of the evolution of ransomware families and signatures, including Cerber, GandCrab, HiddenTear and more.

Fileless malware spikes in Q3

Fileless malware is a type of malicious software that exists exclusively as a memory-based artifact (i.e., RAM). It does not write any part of its activity to the computer’s hard drive, making it very resistant to existing computer forensic strategies.

The use of fileless malware ebbed and flowed in 2019. But exclusive SonicWall data shows a massive mid-year spike for this savvy technique.

Encrypted threats growing consistently

Another year, another jump in the use of encrypted threats. Until more organizations proactively and responsibly inspect TLS/SSL traffic, this attack vector will only expand.

IoT malware volume rising

From hacked doorbell cameras to rogue nanny cams, 2019 was an alarming year for the security and privacy of IoT devices. Trending data suggests more IoT-based attacks are on the horizon.

Cryptojacking crumbles

In early 2019, the price of bitcoin and complementary cryptocurrencies created an untenable situation between Coinhive-based cryptojacking malware and the legitimate Coinhive mining service. The shuttering of the latter led to the virtual disappearance of one the year’s hottest malware.

Service Co-termination allows you to adjust the expiration dates of all Service Contracts to expire on the same date. Service Co-termination is provided as a free service to SonicWall customers who have active service contracts. Expired services must be renewed before they can be included.

Services covered in Co-termination

• Comprehensive Gateway Security Suite (CGSS) - CGSS will be shown as the individual services that make up the suite
• Gateway Anti-Virus & Intrusion Prevention Service
• Content Filtering Service - Premium
• Content Filtering Service - Standard
• Dynamic 24x7 Support (all products)
• Dynamic 8x5 Support (all products)
• Capture Client

Services Covered under Zero Pound/Dollar Co-term

• Dynamic 8x5 Support (all products)
• Dynamic 24x7 Support (all products)
• Gateway AV
• IPS
• Content Filtering Service - Premium
• Content Filtering Service - Standard
• Comprehensive Gateway Security Suite (CGSS) will be shown as the individual services that make up the suite

Services not currently covered

• Comprehensive GMS
• GMS SW Support
• CASS
• Email Security
• CDP Site-to-Site
• CDP Off-Site
• Antispam Desktop
• Software & Firmware-only" updates

Services not applicable to Co-termination

• Aventail Support for Advanced Reporting
• ViewPoint

How Service Co-termination is calculated

The value of the selected services in the MySonicWall account is calculated and averaged between the chosen items so that all services expire on the same date.

MySonicWallCo-termination calculates a common expiration date for the selected services in the following way:

1. The number of days remaining until expiration is determined for each service (DR).
2. The cost per day is calculated for each service (CPD). This is determined by dividing the price of the service by its duration).
3. The Days Remaining times the Cost Per Day yields the Remaining Cost of the service (RC).
4. The sum of remaining cost of the services divided by the sum of the costs per day yield the Days Variance (DR).
5. The Coterm Date is Today’s date + Days Variance.

Coterm Date = Today + DV

DV = Days Variance ( (Sum of RC for all services) / (Sum of CPD for all services) )
Coterm Date = Today’s date + Days Variance

Cost-per-day is the amount a specific service on a specific devices costs for a single day. In terms of co-termination, the cost-per-day for a given service is directly related to the MSRP of the service divided by the number of days in the duration (1 year = 365 days, 2 years = 730 days, 3 years = 1095 days).

EXAMPLE:

• On the NSA E7500, Dynamic Support services for 1 year cost $4,859. The cost-per-day for Support on the NSA E7500 is:$4,859 / 365 = $13.31
• In comparison, the TZ 150 Unlimited’s Dynamic Support services for 1 year cost $89. The cost-per-day for Support on the TZ 150 Unlimited is: $89 / 365 = $0.24

How Co-termination is performed

• Select the devices and services you wish to modify and click the appropriate checkboxes.
• Click Co-Term Services when you have selected the services to be co-terminated. At least two services must be selected.
• Products can be grouped or filtered by Product, Service Name, Expiration Date, or days until service expiration, allowing you to narrow the choices to the most relevant products.
• After Co-termination dates have been calculated, they appear in the Co-term Date column.
• If you agree to this date, select the checkbox and click Complete. Otherwise, click the Back button to revise the co-termination order.
  
  

Co-termination Frequently Asked Questions (FAQ)

What Is Co-termination?

• Co-termination is the process of consolidating many service contracts to produce a common expiration date.

Do I need to buy anything?

• No purchase is needed. SonicWall offers the Co-termination feature free of charge to customers with active service contracts.

How does it work?

• MySonicWall will survey services chosen by the user, calculate the dollar value of the time remaining for those services, then spread that value across the devices so the services all end on the same date.

Can I co-term services on multiple devices?

• Yes. You can co-terminate services on a single device or all the devices in your MySonicWall account.

My company has multiple accounts with SonicWall. Can I co-terminate services for devices in all of them?

• You can run the Co-termination feature only for devices registered to your MySonicWall account. If your company has multiple accounts, you can transfer devices to a single account, then run the Co-termination feature.

How can I coterminate services for only a few select devices?

• Yes. The Co-termination feature will let you easily filter and group your devices. You can explicitly choose which services you would like to co-terminate.

Some of my services have expired, why can’t I select them for Co-termination?

• The Co-termination feature is available only to active services. If a service has expired, you will need to purchase a license and activate it through MySonicWall before it can be co-termed.