Latest News

Importance

The digital landscape has changed significantly over the last few years, and criminals are taking full advantage of this. New tech has made it possible for employees to work remotely and to use their personal devices.

This has made things easier for employees who prefer to work flexible hours, but it’s also made it easier for cybercriminals. Your office systems might be extremely secure when it comes to hacking attempts, but how secure are your employee’s devices?

More importantly, how aware are they of the importance of cybersecurity? Do they understand how to recognise a phishing attack? Moreover, are they naively going to click on a link in an email? Also, before you say something like, “Phishing attacks are easy to spot,” think again.

These attacks are becoming more sophisticated, and they look good enough to fool many people. It only takes one employee to fall for the attempt, and your systems are at risk. This makes it increasingly important for you to educate your employees about cybersecurity.

Spotting a Phishing Attack

The simple fact is that phishing is becoming more difficult to spot. Your first line of defence is to install SonicWall Email Security systems. The SonicWall hosted email security software will analyse all emails coming into the organisation and remove those that it deems to be a threat.

We can assist with other aspects of cybersecurity as well. The SonicWall, an email encryption software, will keep your outgoing emails safe from prying eyes. The SonicWall internet security software will help to protect your systems from online attacks.

A good defence, from the start, is the best way to protect your company from any form of online threats. If the attacks are identified before they hit your servers, they cannot do any damage. SonicWall’s software will catch most attacks before they get anywhere near your business data.

If you’re interested in learning more, contact the SonicWall Sales team.

Your next step is to alert your employees of the potential risks and provide them with training to help them recognise phishing attacks. Here are some quick tips to get you started:

Online security is everyone’s responsibility. Don’t let employees think, “It’s not my responsibility to check.”

Employees must question any requests that seem out of the ordinary. Such as an email request for a funds transfer that hasn’t come through official channels

Your employees should adopt the view that all emails are suspicious until verified. Encourage them in this thinking and don’t punish them at a later stage for trying to prove the legitimacy of a request.

Requests for fund transfers or confidential information must always be verified by checking the email address and signature carefully. Employees should also check the domain names that requests are coming from

If an email is from a free web-based service, like Gmail, it’s important to be suspicious. Employees should never reply directly to these emails. Instead, they should use the “Forward” option and use the email address on the record.

Phishing emails often contain typos and grammatical errors. This is not always an indication that the email is a phishing attempt, but it could be a sign to be cautious.

Sonicwall Email Security systems can tackle these concerns for you. That said, drum it into your employee’s heads that there are many different cyber risks out there. Make sure that they check and recheck any requests, especially if these are out of the ordinary. It might entail a little more effort, but the increased security is essential to survive malicious attacks.

Happy New Year to all our customers - and those just looking!

Current Issue: Cyber Security Talent Shortage

Cybersecurity is a field that is becoming more important by the day. Cyber-criminals are getting bold and more innovative as technology advances. With businesses relying more and more on new tech, like smartphones and tablets, the level of cyber-attacks has never been higher.

Companies are looking for ways to up the ante and protect their valuable data from outside attacks, which has created a need for trained professionals who can guard against attacks.

Therefore the cybersecurity industry is booming at the moment. There’s just one small issue — there are a large demand and a serious skills shortage, especially in the U.K.

It’s been seen as a severe issue that according to Wired, the shortage has led the government to institute a program to teach kids about cybersecurity in their spare time.

For the job-seeker, it’s fantastic news. There’s a definite call for skills in this area, and if you have the requisite training, you can just about name your price.

However, where do you start? Which training should you be considering?

In the second part of this post, we’ll go through exactly what you need to get your career off to a good start.

How to Get Started

The catch is that you can’t just do some random firewall training course and call yourself an expert. You need to consider more formalised CSSA certification training if you want companies to take you seriously.

Sonicwall training and certification courses are designed to give you the skills that you need to succeed in this arena. Sonicwall training focuses not only on the basic computer skills that you’ll need but also practical problem-solving solutions so that you can get to the root of the issue fast.

You can take your Sonicwall certification as far as you like. The SNSA Sonicwall is the ideal starting point for a networking pro who is going to oversee running the security procedures in a company. Once you’ve passed your Sonicwall SNSA exam, consider your career started.

You can opt to stop there or to move on to the CSSP qualification. This consists of courses that are more advanced and will enable you not only to operate security systems, but also to set them up, optimise them, and find out why they’re not working as well as they should.

Qualifications in this industry are extremely important, but it’s also essential to ensure that you practice your newly learned skills. Companies want to see qualifications, but more importantly, they want to understand how you approach problem-solving.

After all, there’s going to be a steep learning curve once you’re in a real-world environment. Companies want to know that you can tackle any unexpected challenge.

That’s why it may be a smart move to take a lower paid job when after earning your credentials. Make sure that it’s a position that will offer you a decent level of hands-on experience to learn as much as you can. This also gives you a good grounding in the field and shows employers that you have the right attributes as well.

Being a cyber-security professional means being able to think outside the box and react quickly to threats. Getting first-hand experience is the only real way to prove that you know how to apply your training.

Check out www.sonicwall-sales.com for a more in-depth overview of the training we offer.

hishing is a fraudulent method of sending emails that are purported to be from the reputable companies in a bid to encourage the receiver to reveal their personal information such as credit card number and password. In most cases, phishing is done via email communications.

The good news is that there are certain ways that you can use, to distinguish suspicious emails from the loss of other sensitive data. One of these is the use of Sonicwall email protection. In most cases, these data leaks happen as a result of employees not being armed with information that helps to protect the critical data of a company. Here are some common indicators of a phishing attempt and how to avoid phishing attacks.

Poor Grammar or Spelling Mistakes

It is rare for a communication department of a big corporate to send a message to its customers without going through it several times to check for grammatical and spelling errors, proofreading and editing. Therefore, when you get an email with these errors, it could be a sign that you are dealing with a phishing attempt. Also, be wary of those generic greetings such as “Dear Member” or “Dear customer”. All these are reflagged, as many of the legitimate companies will use your name in their communication.

Look Out for Threats

You will be warned of things like your account getting closed or the need for immediate action. You may even be told that the account has been compromised. In most cases, these are tactics to intimidate you, as they take advantage of any concern and anxiety you get, to provide your personal information. If there is something that doesn’t add up, feel free to contact your bank. Remember that scammers are not only using credit cards, banks and email providers to cover for the scams; many are still using the threat of a government agency such as the FBI and the IRS to scare their targets.

Be Wary of Documents

Many organisations report that some of the successful phishing attacks are disguised as something that an employee was expecting. This could be a confirmation for shipping, HR document or even a request for the change of password that appears like it is from the IT department. Be sure to scrutinise such kinds of emails before you can download any attachments or even click on any links that are included.

Check the Name

If you get a message or email from someone you don’t know giving you directions for signing on a website, you will need to be very careful. This is particularly the case if the person is asking for your social security number as well as your password. Any legitimate company will not ask for this kind of information using emails or instant messages. Therefore, this needs to be a red flag. You will not be asked by your bank to send your account number as this is information that is already in their hands. Also, double-click the email on the sender.

Conclusion

Bear in mind that many phishing attempts will use the name, address and logo of a company, similar to a big brands name. However, with closer scrutiny, you will realise that the email is not from the genuine company. You can use SonicWall email security software or install a reliable firewall like Sonicwall Firewall to protect yourself.

Read next article: How firewalls work against threats?

Designed for small organizations and distributed enterprises with remote and branch offices, the SonicWall TZ600P and TZ300P integrate support for PoE and PoE+ devices. These Unified Threat Management (UTM) firewalls help reduce both the cost and complexity associated with PoE injectors and switches by providing power directly to connected PoE-enabled devices, such as wireless access points, POS terminals, printers, cameras and other IP devices.

Instead of two cables, there’s one. And you don’t need to place the device near an outlet, which helps when you’re designing your office or store layout. Plus, you don’t need to spend your budget on a PoE switch. Both firewalls support the IEEE 802.3af (PoE) and more powerful 802.3at (PoE+) standards, which newer devices require.

PoE/PoE+ support is just one of the many features included with TZ series firewalls. In addition, the TZ600P and TZ300P consolidate a host of essential security and networking features. For example, small organizations, including retail shops, can utilize high-speed 802.11ac wireless for internal and customer/guest connectivity while segmenting traffic for each group using virtual LANs.

Original article here (with links)

No matter your type of organization — large or small, public or private — cutting expenses is always a key initiative. After all, reducing your OpEx looks good on the books and enables the company to invest in other meaningful initiatives.

One cost every organization faces is internet connectivity. Access to the internet is essential for communications, website hosting, sharing files, serving up apps and a host of other activities. But it can be expensive, especially if your organization has multiple offices, branches or stores.

Today’s broadband users, whether employees or customers, define their experience by performance rather than availability. We don’t just expect to have access to apps and videos, we demand that they perform in real time. Any delay is met with complaints and a call for more bandwidth, which increases expenses.

How to Securely Connect, Network Remote Locations

When you have a distributed network with branch or remote locations, they need to be securely connected with each other and the corporate headquarters. This can be done using several techniques. One common method is multiprotocol label switching (MPLS). Using MPLS, organizations can create a private wide-area network (WAN) to securely send data between locations via the shortest path available without going through the public internet.

MPLS supports multiple connection types, including T1 and frame relay. The problem? These connections have to support an increasing number of connected devices and bandwidth-intensive applications that demand higher speeds, which means they’re expensive. That’s why many distributed organizations are moving to SD-WAN (software-defined wide-area network).

“For SD-WAN to be a viable alternative to private WANs, enterprises need to ensure they have the same level of inspection and enforcement at the branch and remote sites as they have at the data center,” said Mike Fratto, analyst at 451, in SonicWall’s official launch announcement. “Integrated security features with SD-WAN are table stakes for most enterprises adopting the technology.”

Reduce Costs with Secure SD-WAN

To help organizations reduce their costs while still receiving secure and consistent performance for business-critical applications, SonicWall offers Secure SD-WAN. A feature of SonicOS 6.5.3, the operating system for SonicWall TZ and NSa firewalls, Secure SD-WAN technology enables distributed organizations to build, operate and manage secure, high-performance networks using readily-available, low-cost public internet services, such as DSL, cable and 3G/4G.

An alternative to more expensive WAN connection technologies, including MPLS, Secure SD-WAN enables virtually any organization — retailers, banks, manufacturers and others — to connect sites spread over great distances for the purpose of sharing data, applications and services. Features such as intelligent failover and load balancing help ensure consistent performance and availability of critical business and SaaS applications.

And, unlike solutions from pure-play SD-WAN providers, Secure SD-WAN doesn’t require you to purchase additional hardware or licenses.

Secure SD-WAN: Safe, Fast & Reliable

Reducing expenses is always a priority for every organization. What else is? Here are some other key issues Secure SD-WAN helps distributed enterprises solve:

1. Protect your network from cyber criminals. Both encrypted and unencrypted traffic run through a SonicWall next-generation firewall to be scanned for threats, such as malware and ransomware, ensuring maximum threat detection and prevention. If you have a separate SD-WAN-only solution, you’ll need to make sure you also have a way to protect data from modern cyberattacks, such as encrypted threats and ransomware.
2. Achieve consistent, optimized application performance. Realize faster, more consistent performance for SaaS and business-critical applications, such as VoIP, video and unified communications, through capabilities such as deterministic application performance, which steers the apps over less-congested links to overcome jitter, latency, packet loss and other unfavorable network conditions.
3. Enhance agility. Using SonicWall Zero-Touch Deployment, bringing up new sites is greatly simplified. Provisioning hardware remotely removes the need to have onsite IT personnel perform the task. In addition, IT administrators can manage the entire network, including devices at SD-WAN-enabled branch/remote locations, through a single pane of glass using Capture Security Center, SonicWall’s cloud-based management and analytics platform.

Original article here (with links)

Introduction

Attackers often control infected devices remotely to carry specific function, to obtain certain information, or to generate malicious traffic for distributed denial of service attacks. One of the ways to carry out this malicious conduct is with botnets. In itself, botnets are not malicious technology, but it is used in ways that are detrimental to systems, networks, or computers. There are many different ways an attacker can use botnets to add your computer to their network.

Companies that have access to sensitive information are often targeted by botnets as infected devices will follow the orders of any user that has control over the botnet. Companies like these often have an in-house specialist that actively work toward safeguarding their networks against this malicious malware.

Botnets Explained

There are many botnet definitions, but, in essence, it is a network of Internet-connected devices that can consist of personal computers, servers, or mobile devices that are infected and controlled by means of a specific type of malware.

The word botnet is derived from the words “robot” and “network”. Once a device that is connected to the internet is infected, it becomes part of a network that is being controlled by the attacker. In many cases, the primary user of the device is not aware that this malware is targeting them.

When creating a botnet, an attacker’s objective is usually to add as many infected devices to the network as possible. There may be many reasons for this. An ad fraud botnet, for example, aims to take partial control of all infected devices’ web browsers in order to send traffic to online advertisements to make money. The reason the botnet doesn’t take complete control over the web browsers is that they don’t want to be detected by the user’s device or security software. This means that your individual device on its own won’t be enough for the attacks purposes, but in combination with millions of other infected devices, your device will play its part in ensuring that the attacker can commit ad fraud or engage in some other illegal online activity.

Botnet malware can spread in many different ways. Primarily, it scans systems and devices for weaknesses and outdated security products before infecting a device with other malware such as a Trojan horse.

Solution

Protecting yourself against botnets is incredibly important, especially since you may be unaware that this malware infects your device.

Your first line of defence against botnet is an updated operating system. If you are running an old and outdated operating system, attackers will find it easier to install botnets as your system doesn’t have the necessary patches. Enable automatic updates in your device’s settings.

Don’t click on download links or save attachments from unfamiliar sources. This includes emails, links in your browser, or in chat rooms.

Use an updated and trusted firewall like Sonicwall Firewall when browsing the internet. If your device is using Windows, you can install a windows product or third-party software. Finally, stay away from websites that distribute malware. Your security software may also warn you against specific sites.

Introduction

Malware or malicious software is coded with the sole purpose of causing harm to a system or network. The big problem with malware is the fact that it is continuously evolved to be detrimental to a protected system to allow the attacker access to sensitive information. Another issue with malware is the degree of sophistication that it has reached and keeps reaching. Malware can be present on a system or computer without being spotted for long periods of time and can disguise itself as safe software.

Since malware is continuously developed to sidestep precautionary measures, which makes them incredibly difficult to deal with. Many companies spend a lot of resources on protecting themselves from malware and the adverse effect it has on their systems. Let’s take a look at the types of malware and prevention.

Types of Malware

Viruses

A computer virus is a code that spreads from files or emails. This malicious code copies itself and can do incredible damage to your device.

Adware

Adware is the annoying pop-up ads you sometimes see when you are online. These ads are not as detrimental as some other malware you find. When you click on these pop-ups, however, other types of malware may find their way onto your system.

Worms

Similar to viruses, the worm also spread from files or emails. Worms are self-replicating programmes that can reduce your computer’s performance and occupy a lot of memory. Worms can also spread through networks and can be a big problem, especially in corporate settings.

Trojan Horse

A Trojan horse or “Trojan” is a particularly difficult piece of malware to deal with. A Trojan horse disguises itself as a safe and normal piece of software that is often downloaded by the users themselves. Attackers often use Trojan horses to gain remote access to an infected computer and to gain sensitive information like login details or passcodes for online banking profiles. They can also monitor user activity like watching their screens by means of Trojan Horses.

Rootkit

A rootkit is a form of malware that enables an attacker to access or control a computer remotely. This allows an attacker to steal sensitive information, reconfigure system settings, or control the computer as part of a botnet. The best protection against rootkits involves regular maintenance and patching of system and software vulnerabilities.

Prevention

There are many things that you can do to protect yourself against malware. Many companies and individuals resort to all of the precautionary measures to minimise their risk of being attacked by means of malware.

Install anti-virus and firewall software. There are many different anti-virus products available. To ensure maximum protection, install and run software that offers protection against all types of malware.

Keep software up to date. The best way to do this is to enable automatic updates. These updates contain vulnerability patches that develop as the different types of malware develop.

Don’t open or download files or emails that seem spammy, strange or that doesn’t come from a familiar source.

If you want to know more about firewall, click here.

We are proud to announce that we have just been recognised as a SonicWall SecureFirst Platinum Partner. This is the highest level you can achieve and recognised by years of great service to our customers. We have consistantly offered best advice backed with technical knowledge and continue to help customers find the best solution.

We are backed by SonicWall UK and have been selling, installing, managing and maintaining SonicWall products for over 10 years. Call us if you need advice on any SonicWall product.

Some good things should never end.

One of the most successful promotions in company history, SonicWall's 3 & Free incentive is now a permanent component of our Customer Loyalty program.

In an escalated cyber threat landscape, it's more important than ever to ensure your organizations networks, data and applications are protected against todays most malicious cyberattacks, including the most recent Foreshadow processor exploits. In fact, in July 2018 alone, the average SonicWall customer faced:

• 2,164 malware attacks (28 percent increase from July 2017)
• 81 ransomware attacks (43 percent increase)
• 143 encrypted threats
• 13 phishing attacks each day
• 1,413 new malware variants discovered each day by SonicWall Capture Advanced Threat Protection (ATP) sandbox with Real-Time Deep Memory Inspection^TM

When you upgrade your SonicWall hardware you gain the latest in next-generation firewall (NGFW) technology and access to the SonicWall Capture Advanced Threat Protection (ATP) service. It's a cloud-based, multi-engine sandbox that stops both known and unknown cyberattacks from critically impacting your business.

What is the SonicWall 3 & Free Program?

Once a limited-time promotion, the SonicWall 3 & Free is now a mainstay offering to loyal SonicWall customers. It's an easy, cost-effective way for customers to upgrade to the very latest SonicWall next-generation firewall appliance for free.

Eligible customers may receive a complimentary NGFW appliance by purchasing a bundle that includes a three-year subscription of the SonicWall Advanced Gateway Security Suite from their authorized SonicWall SecureFirst partner.

This security suite includes everything you need to stay protected against todays modern attacks, including ransomware, encrypted threats, zero-day attacks and processor-based exploits. It offers:

• Capture Advanced Threat Protection (ATP) sandbox
• Gateway Anti-Virus and Anti-Spyware
• Intrusion Prevention Service
• Application Control
• Content Filtering Service
• 24x7 Support

SonicWall's exclusive security subscription service also includes SonicWall Real-Time Deep Memory Inspection (RTDMI). A patent-pending technology, RTDMI enables Capture ATP to detect and block malware that does not exhibit any malicious behaviour or hides weaponry via encryption. This protects your organization from zero-day attacks, malicious PDFs and Microsoft Office files, and even chip-based Spectre, Foreshadow and Meltdown exploits.

Upgrade Your SonicWall Firewall

Ready to upgrade? Take advantage of our 3 & Free program to get the latest in SonicWall next-generation firewall technology for free. BEGIN UPGRADE

The SonicWall NSa 2650 is strongly positioned in the upper right quadrant of the NSS Labs SonicWall Security Value MapTM (SVM) for 2018.

The results of this public test mean that for six straight years, SonicWall has excelled in the industry's most comprehensive real-world testing of next-generation firewalls (NGFWs).

With the 2018 findings, NSS Labs verifies that SonicWall NGFWs:

• Demonstrated as one of the highest-rated and best-value NGFWs in the industry, with a Security Effectiveness score of 98.8% at a very low TCO of $4 per Protected Mbps

• Tested 100% effective in countering all advanced HTTP evasion, obfuscation and fragmentation techniques

• Earned 100% in stability and reliability testing

For further guidance on how to interpret the SonicWall SVM, please refer to the NSS Labs 2018 NGFW SVM Comparative Report.

What are the Key Takeaways from the Report?

1. 6th consecutive year a SonicWall NGFW has received the NSS Lab Rating ‘Recommended’

2. The NSa 2650:

a. achieved a Security Effectiveness score of 98.8%

b. tested 100% effective against all evasions

c. passed 100% of all stability & reliability tests

d. accomplished all of this with a TCO of $4/protected Mbps

3. In today’s challenging environment, where our customers are attacked thousands of times per day, it is imperative that a platform approach is adopted to deliver layers of security throughout the organization. This report confirms that SonicWall NGFWs are the product they can depend on to build out this layered defense strategy.

Next Generation Firewall Test Report

The new SonicWall Network Security Administrator (SNSA) course and certification exam is replacing the CSSA Certification with its Network Security Basic Administration (NSBA) course. For individuals who hold a current CSSA certification, SonicWall will continue to acknowledge this important certification for two years from the certification date. Students wishing to re-certify an expiring CSSA certification will, however, be required to complete the new SNSA course and certification. Learn More