Latest News

Virtual Private Network plays a vital role in developing an encrypted and secure connection to a less secure network such as the internet. VPN offers encrypted tunnels which look after network traffic and maintains the confidentiality of communications. It is mostly used to provide secure access to end-user devices that mainly include laptops, tablets, Smartphone and personal computers. There are several service providers available in the market that offer the functionality of VPN. Go through following points to check out the comparison of business firewall VPN services:

The licensing structure of all above firewall VPN services mentioned above is quite complex and it mainly depends upon the platform which has been deployed. So before making any decision to choose VPN solution for your business, make sure you seek valuable inputs from an expert in the field.

Virtual Private Network plays an important role to bring in advanced security to your network using highly advanced security methods. VPN looks after your data safety when you use any public network to transfer data from one device to other. VPN is extremely handy when it is practically unviable to use any unique device to protect your network. When we talk about VPN for business security, it definitely has a crucial role to play in its varied range of applications:

At times, VPNs can be bit complex to configure and install in your system. So make sure the person who is looking after the entire VPN set up have proper knowledge of issues related to your network security. Though Virtual Private Network (VPN) brings many advantages for your business security, it also comes with few limitations. To identify all these limitations and try to fill the loopholes involved in the system by taking some vital steps. To browse our available VPN’s, click here.

When you talk about protecting a system from hackers, viruses and other threats, the first thing that comes to mind is a firewall. SonicWall is one of the most famous companies when it comes to firewalls. It is one of the known companies working towards preventing cyber crime for more than 25 years. They have served more than 500,000 businesses spread across 150 countries through their innovation, products and partnerships. One of their most popular products is the SonicWall VPN. This VPN gives users secure access to applications and files at remote locations. If you are new to SonicWall VPN, you will surely have some questions regarding its setup.

Well, setting up a SonicWall VPN is not complicated. You simply need to follow a series of steps and it is done.

Site-to-site VPN connections with SonicWall is fast and easy! It can be done in many ways, so choose a method that suits you.

Read next article: how to create a professional cold email without going to recepient's spam folder

ith a Sonicwall SSL virtual private network (VPN), it is possible for you to use VPN solutions that make it possible for you to access corporate assets remotely through broadband in a dependable and safe manner. When a network administrator wants to install a certificate to enable the device to be accessed with a certificate error, they will need to request for the certificate and import it from its authority. In order to do that, you will need to create a request for certificate signing using your appliance. Here is a detailed guide to use when applying for certificates for SonicWall firewall connections.

Steps to Apply for A Sonicwall VPN Connections Certificate

• First, you will need to log into your appliance. You can then click on System>Certificate>New Signing request
• Fill Fully Qualified Domain Name (FQDN) that you intend to use for SSL and fill out the Certificate Signing Request.
• You can now download CSR. Use the text editor to make any edits. One of the best options that you can use is Notepad++. This is because it keeps a format that will make it easy to copy the CSR request over to the Certificate authority.
• Contact the certificate authority and ask them for the SSL. Provide the CSR when they request for it. Take note that when you are downloading the already signed certificate from a Certificate Authority like Thawte or GoDaddy, you will need to choose a server platform such as Apache SSL.
• Once the Certificate Authority has been given a certificate, you will need to upload it to Pending Request.

Installing the SSL Certificate

• The Certificate Authority (CA) will send the SSL certificate via email and will be included in a zip file. All you will need to do is to download that zip file before extracting it to the server directory. You can then create a fresh zip file using the name certkey.zip. These two files should be inserted in “server.ley” or “server.crt” into the specific folder.
• A pop-up window will appear. Click on the button marked “Browse” and choose a server.zip file to get into your email. Then click on the “Upload” button. This will bring up the certificate on the list of certificates under the certificate page.

Setting up the SSL certificate

• Click on System > Certificate page > Server certificate. This is usually at the right side of the SSL certificate, showing pending request. Then click on the icon dubbed Configuration.
• You will be required to input the password that you created during the CSR generation.
• You should then click Submit.

Making Changes

• You will once again need to click on System > Certificate page > Server Certificates. Now you need to choose the certificate that you would like to make active.
• On the page of System > Certificate page, you will need to click on the button marked Apply.
• You should then restart your appliance
• In order to restart it, you should expand the table under System>Certificates>Restart

With these steps, you would have completed the installation of your SSL certificate.

It is usually considered to be more secure to use digital certificates for the purposes of authentication rather than using the VPNs pre-shared keys. One of the methods that are commonly used to authenticate 2 peer devices while establishing an IPsec VPN tunnel is through the digital certificate. Another option is through IKE that uses pre-shared keys. Some of the features that come with IKE authentication that is certificated in the SonicWall VPN connection includes:

• A digital certificate that is provided by a third party CA such as Verisign.
• The administrator at SonicWall can create a CSR and have this signed by the CA.
• There is a need for the two parties to trust the certificate’s issuer.

This article will guide you on acquiring certificates the from Sonicwall VPN connection. This certificate signing process that we are guiding you through uses the Windows Server 2008 CA.

Creating A Certificate Signing Request

• You will need to start by logging into SonicWall’s management GUI.
• Click on System and then Certificate page.
• Navigate to New Signing Request in order to create the same CSR
• Click Generate in order to save
• Refresh that page
• Click download

How to Get A Certificate For The Wan Groupvpn Configuration

• On your browser, you will need to go to the enrollment page on Microsoft Windows. You can find it on http:///CertSrv
• You will be prompted to authenticate. You will need to enter your username as well as the password.
• You can now go to Request a certificate > Advanced certificate request
• Use the Saved Request box to copy the CSR’s content.
• Click on Certificate Template and choose Administrator. You should take note that the web server or user template can also end up chosen.
• You can enter san:email=<local-part@domain.com or san:dns=yourdomainname.com. After clicking Submit, you will go to the next page where you can now click on Download Certificate. This will make it possible for you to save the already signed certificate to the disk.

Downloading CA Certificate

• Visit the enrolment page of Microsoft Windows on http:///CertSrv
• Click on Download CA certificate
• Move to the next page and again click Download CA certificate. You can save in on your disk

You can visit SonicWall VPN connection and use the button under CSR pending request to upload the already signed certificate. In order to gain trust and to validate the already signed certificate, you can import it.

Getting Certificate for The GVC Clients

• You will need to go to http:///CertSrv. This is the certificate enrollment page for Microsoft Windows.
• You will be asked to authenticate details. You will need to enter your username as well as password of the domain user
• You can request the certificate
• Click under the advanced certificate request
• Go to certificate template and choose User or Administrator

You should bear in mind that if you need a site to site GVC or VPN that has Key Usage, where present, you should have digital Signature as well as Non-Repudiation and an Extended key Usage (EKU). Where this is present, there is a need for Client Authentication, if it works. If you are using L2PT or IPSec VPN and there is Key Usage, ensure that you make use of Digital Signature or/and Non-repudiation.

At SonicWall University, you will get access to sophisticated online courses that are designed to provide you with certifications that are up-to-date. Once you join the courses, you will have access to a wide range of e-learning certification modules, certification examples and authorised training partners.

The SonicWall training programs are suitable for network administrators and security experts who are aiming to improve their knowledge as well as increase the investment they have made in the SonicWall network Security Products and applications. With the NSAA (Network Security Advanced Administration), it becomes possible for students to configure, optimise, monitor and manage firewall appliances that run using SonicOS.

Trainings Offered by Sonicwall

The SonicWall training makes it possible for system administrators to deal with many evolving network challenges and threats to the cybersecurity space. Some of the courses leading to SonicWall certification include:

• Network Security Advanced Administration (NSAA). This is a training that makes it possible for system administrators to deal with many evolving network challenges and threats to the cybersecurity space. This is a course that is recommended for system administrators and networking professionals that are involved in the day to day operation of security gadgets. After completing this course, the graduate will be in a better position to configure SonicWall firewalls to ensure a Secure as well as Remote connectivity. This is on top of preventing advanced threats and Network Optimization. After completing the NSAA course, you become eligible to enrol for the CSPP (Certified SonicWall Security Professional) exam. One of the SonicWall training essentials is to have completed the (SNSA) certification or at least the legacy CSSA. In order to sit for the CSSP exam, you need to have successfully completed the CSSA or the SNSA after a period of 2 years study.
• SNSA. This is a course that is recommended for the networking professionals whose role is to handle the day to day operation of different security gadgets. The course was created to help students understand technology in network security that is SonicWall-specific. This course has been built to serve the SonicOS .65 firmware that was recently released. It consists of only 20% classroom lecture and 80% hands-on training in the labs. This is an upgrade from the NSBA which has been retired.
• CSPP. This is a more advanced course that is the right choice for individuals that optimise, deploy and troubleshoot all the features of a product.

Conclusion

The Network Security Basic Administration(NSBA) was based on the right understanding of different security issues with a bias against the administration. The goal of the training was mostly to train network security administrators. However, it was noted that students did not get in-depth training on the Sonicwall firewall, but the training emphasised on giving a general overview of network security.

The new SNSA has now been designed to fill this gap. Its goal is to teach students network security technology that is SonicWall specific, and the skills necessary for the implementation and the configuration of firewall appliances. Therefore, there are some good reasons for enrolling in SonicWall training and certification.

So long, Sophos - Defend your organization at every point.

Switch to SonicWall for modern, integrated endpoint protection and breach prevention designed for today’s hybrid environments.

Frustrated trying to protect your entire organization with solutions from an endpoint-focused vendor? Don’t settle for a collection of siloed, loosely synchronized point products.

Make the move to a comprehensive security portfolio - from a network security pioneer - with end-to-end breach prevention and malware protection across your endpoints and wired, wireless and mobile networks.

To find out more go to https://www.sonicwall.com/en-us/lp/switch-to-sonic...

About Phishing Emails

Okay, so most of us know something about phishing emails. We’ve been warned many times about how criminals use emails that look almost exactly like the real thing to get us to click on a link that allows them to capture sensitive password information.

We know that we should never click on a link provided in an email. If the link is legitimate, you can access the same information by going through the company’s actual web address that you looked up yourself, and then signing in from there.

If it’s a real email from the company concerned, there’s no harm. If it is a malicious email, at least you’re not putting yourself at risk.

However, are you fully prepared for the kinds of attacks modern phishers launch? What if you get a request from someone you know who is sharing a Google doc with you? That’s got to be safe, right?

Well, the reason that we bring it up is because of a phishing scam that was carried out this way. It caught many unsuspecting people off guard.

The signs were there if you knew to look for them. The email looked benign and seemed to be from Google. In fact, it even directed you to the “Choose an Account Screen.” However, it was the next step of the process that was the top clue.

You were asked to allow Google to manage your contact and read your emails. You didn’t have to enter your password, so it seemed okay. If you authorized that app, it got instant access to your emails and contacts. It even sent out emails to your contacts to run the scam again on new victims.

In retrospect, it was a pretty obvious scam, but considering how many people fell for it, it proved pretty successful. It should serve as a wakeup call, though — the phishers are out there, and they’re pretty good at what they do.

What can you do to protect yourself?

SonicWall Protection

Your best defence is to block phishing emails before they even get to you. Installing Sonicwall security for phishing emails is an excellent place to start. This program goes beyond simple anti-virus scans and analyses each message being sent to your system.

With the Sonicwall email protection system in place, you’re protected from many different types of threats including phishing, ransomware, spam and viruses. If it’s a threat that’s coming in through email, the Sonicwall phishing protection programs will pick it up and stop it.

There’s no need to worry about a staff member or anyone else accidentally clicking on a link in an email and exposing your whole system. The system is cost-effective. You need only buy one license per server and, at about £200 (VAT included), that’s really good value for money.

It runs automatic updates so that you can always be assured of the most up to date protection. Best of all, it integrates seamlessly into your existing system, providing real-time protection against a varied range of threats.

Cybercrime is big business, and the criminals are getting more sophisticated by the day. There are countless threats out there, and all it takes is for one person to click on the wrong link to expose your systems.

When you consider the reputational risk and liability issues that a data breach exposes your company to, a couple of hundred dollars is a very small investment to protect your system. Contact SonicWall Sales to find out what the right solution for your business is.

What else can you do?

Even with the Sonicwall Email Security system, it’s good practice to take some basic steps to protect yourself against these kinds of requests. Here are some quick tips:

• Never click a link in an email unless you know exactly where the link will take you. Some of these site names will look like the real thing, but there’ll usually be something off. Maybe a slightly different spelling or something similar
• To be perfectly safe, if you receive an email purporting to be from a company like Microsoft and asking you to confirm something, ignore the link and go to the website. If you need to download or check anything, do it from the vendor’s site
• Where you can, enable 2-factor authentication. It’s a pain, but it provides excellent security

Finally, ask yourself these questions.

Does it make sense for the company to have sent that email? Have they ever sent similar emails before?

If you’re not sure, look up the vendor’s contact information and ask them directly.

dministrator Course 

Are you interested in pursuing a career in the cyber security world? Considering that there’s a serious skills shortage in this field, it’s a pretty clever career move. One thing we know — cybercriminals are not going anywhere soon. If there’s a system to exploit, they’ll be right there.

You might be wondering where to start, however. The latest Sonicwall training and certification course is an excellent place to begin your career. We’ve designed this new Sonicwall SNSA Certification course based on feedback received from our NSBA class.

We’ve ramped up Sonicwall training specific to our network security tech and focused the course on implementing and configuring our security services and firewall appliances.

What You Get

The complete Sonicwall SNSA Guide and intensive training that consists of:

• Two days training in a classroom-based environment and pro instructor. This training is focused more on labs to give you some hands-on experience. The lectures only constitute 20% of the program, with the rest of the time being practical exercises.
• You’ll get six hours of training modules that can be completed at your own pace either before you come in for the classroom training or afterwards.
• The course focusses on the latest SonicOS 6.5 firmware.
• Training focused solely on Sonic systems. All generic theory has been replaced with more targeted training material
• A complete global support structure to assist you with the training

Has the NSBA Qualification Fallen Away?

This qualification was our core training for the last decade. The key focus here, though, was to ensure that those taking the exams had a basic understanding of network security in general. This training was a broader version of the new qualifications.

What we have found since then, though, is that the training was fine as an introduction, but students felt that they needed extra technical training once the course was complete.

We also found that a student’s experience of the course was dependent on where they were located. As a result, we felt that a more standardised, targeted approach was required to provide a more in-depth learning experience that was the same across the globe.

How Long Will My NSBA Qualification Be Valid?

If you’ve already passed the NSBA exam and have a valid CSSA certification, this will still be acknowledged as valid by us until March of 2020. If your CSSA certification has expired, you’ll need to complete the new course before being recertified.

Bringing it All Together

In short, the new qualification takes the feedback that we’ve received from previous students to create a more effective certification. You’ll get more training on our systems to ensure your future success.

It is our feeling that this will be more useful to industry professionals going forward. The certification will not only prove you have the requisite skills but will also give you some hands-on experience as well. If you want to learn more about the program, contact SonicWall Sales to get the full details.

Read next article: Applying for SSL Certificates using Sonicwall VPN Connections

Importance

The digital landscape has changed significantly over the last few years, and criminals are taking full advantage of this. New tech has made it possible for employees to work remotely and to use their personal devices.

This has made things easier for employees who prefer to work flexible hours, but it’s also made it easier for cybercriminals. Your office systems might be extremely secure when it comes to hacking attempts, but how secure are your employee’s devices?

More importantly, how aware are they of the importance of cybersecurity? Do they understand how to recognise a phishing attack? Moreover, are they naively going to click on a link in an email? Also, before you say something like, “Phishing attacks are easy to spot,” think again.

These attacks are becoming more sophisticated, and they look good enough to fool many people. It only takes one employee to fall for the attempt, and your systems are at risk. This makes it increasingly important for you to educate your employees about cybersecurity.

Spotting a Phishing Attack

The simple fact is that phishing is becoming more difficult to spot. Your first line of defence is to install SonicWall Email Security systems. The SonicWall hosted email security software will analyse all emails coming into the organisation and remove those that it deems to be a threat.

We can assist with other aspects of cybersecurity as well. The SonicWall, an email encryption software, will keep your outgoing emails safe from prying eyes. The SonicWall internet security software will help to protect your systems from online attacks.

A good defence, from the start, is the best way to protect your company from any form of online threats. If the attacks are identified before they hit your servers, they cannot do any damage. SonicWall’s software will catch most attacks before they get anywhere near your business data.

If you’re interested in learning more, contact the SonicWall Sales team.

Your next step is to alert your employees of the potential risks and provide them with training to help them recognise phishing attacks. Here are some quick tips to get you started:

Online security is everyone’s responsibility. Don’t let employees think, “It’s not my responsibility to check.”

Employees must question any requests that seem out of the ordinary. Such as an email request for a funds transfer that hasn’t come through official channels

Your employees should adopt the view that all emails are suspicious until verified. Encourage them in this thinking and don’t punish them at a later stage for trying to prove the legitimacy of a request.

Requests for fund transfers or confidential information must always be verified by checking the email address and signature carefully. Employees should also check the domain names that requests are coming from

If an email is from a free web-based service, like Gmail, it’s important to be suspicious. Employees should never reply directly to these emails. Instead, they should use the “Forward” option and use the email address on the record.

Phishing emails often contain typos and grammatical errors. This is not always an indication that the email is a phishing attempt, but it could be a sign to be cautious.

Sonicwall Email Security systems can tackle these concerns for you. That said, drum it into your employee’s heads that there are many different cyber risks out there. Make sure that they check and recheck any requests, especially if these are out of the ordinary. It might entail a little more effort, but the increased security is essential to survive malicious attacks.

Happy New Year to all our customers - and those just looking!

Current Issue: Cyber Security Talent Shortage

Cybersecurity is a field that is becoming more important by the day. Cyber-criminals are getting bold and more innovative as technology advances. With businesses relying more and more on new tech, like smartphones and tablets, the level of cyber-attacks has never been higher.

Companies are looking for ways to up the ante and protect their valuable data from outside attacks, which has created a need for trained professionals who can guard against attacks.

Therefore the cybersecurity industry is booming at the moment. There’s just one small issue — there are a large demand and a serious skills shortage, especially in the U.K.

It’s been seen as a severe issue that according to Wired, the shortage has led the government to institute a program to teach kids about cybersecurity in their spare time.

For the job-seeker, it’s fantastic news. There’s a definite call for skills in this area, and if you have the requisite training, you can just about name your price.

However, where do you start? Which training should you be considering?

In the second part of this post, we’ll go through exactly what you need to get your career off to a good start.

How to Get Started

The catch is that you can’t just do some random firewall training course and call yourself an expert. You need to consider more formalised CSSA certification training if you want companies to take you seriously.

Sonicwall training and certification courses are designed to give you the skills that you need to succeed in this arena. Sonicwall training focuses not only on the basic computer skills that you’ll need but also practical problem-solving solutions so that you can get to the root of the issue fast.

You can take your Sonicwall certification as far as you like. The SNSA Sonicwall is the ideal starting point for a networking pro who is going to oversee running the security procedures in a company. Once you’ve passed your Sonicwall SNSA exam, consider your career started.

You can opt to stop there or to move on to the CSSP qualification. This consists of courses that are more advanced and will enable you not only to operate security systems, but also to set them up, optimise them, and find out why they’re not working as well as they should.

Qualifications in this industry are extremely important, but it’s also essential to ensure that you practice your newly learned skills. Companies want to see qualifications, but more importantly, they want to understand how you approach problem-solving.

After all, there’s going to be a steep learning curve once you’re in a real-world environment. Companies want to know that you can tackle any unexpected challenge.

That’s why it may be a smart move to take a lower paid job when after earning your credentials. Make sure that it’s a position that will offer you a decent level of hands-on experience to learn as much as you can. This also gives you a good grounding in the field and shows employers that you have the right attributes as well.

Being a cyber-security professional means being able to think outside the box and react quickly to threats. Getting first-hand experience is the only real way to prove that you know how to apply your training.

Check out www.sonicwall-sales.com for a more in-depth overview of the training we offer.