Latest News

With NSM 3.5 SaaS, SonicWall integrates credential protection, data security and visibility directly into everyday firewall operations.

Security shouldn't be an afterthought added after deployment, it should be integrated into the platform from the start. The latest NSM 3.5 SaaS release from SonicWall further emphasizes Secure by Design (SbD) philosophy, incorporating protections directly into the management, configuration and monitoring of firewalls.

NSM 3.5 doesn't rely on manual procedures or reactive measures; it automatically minimizes risk by securing credentials, configurations and operational data at scale.

Protecting Against Publicly Known Passwords

Compromised credentials remain among the most common attack vectors. With Credential Auditor now powered by Network Security Manager (NSM), this protection is no longer limited to specific firewall generations.

Credential Auditor automatically detects firewall passwords and keys that match publicly known exposed credentials, such as those found in breached credential databases. By identifying weak or compromised secrets early, NSM enables teams to remediate risk before attackers can exploit it, reinforcing secure configurations across your entire firewall fleet.

This is our Secure by Design principles in action: proactive, automated and built directly into platform operations.

Protecting Configuration Data by Default

Firewall configuration backups are often overlooked as a security risk. NSM 3.5 addresses this head-on with password-protected export backup files and per-tenant encryption.

Each tenant’s configuration backups can now be protected with a password and a unique encryption key, significantly reducing the risk of unauthorized access or misuse. This ensures that sensitive configuration data remains secure at rest and aligns with modern expectations for data protection and isolation in multi-tenant environments.

Turning Logs into Actionable Security Intelligence

Visibility is only valuable when it’s usable. NSM 3.5 enhances analytics logs and system events with advanced search and filtering capabilities, making it easier to surface meaningful security insights when they matter most.

With support for multi-column queries, logical operators, saved searches and custom report queries, security teams can quickly identify anomalies, investigate incidents and support auditing and compliance efforts without needing to export data or rely on external tools.

Improved Visibility into Your Overall Security Posture

The Security Assessment Report, previously only available to SonicWall’s Managed Security Services (MSS) team, is now available to all partners and customers through NSM with an advanced reporting and analytics license.

This report provides a structured view of your environment, highlighting areas for improvement and helping organizations take a more proactive, informed approach to risk reduction.

NSM 3.5 SaaS also supports SonicOS 8.x. Keeping your firewalls up to date and compliant has never been easier.

Why NSM 3.5 Matters

With these updates, NSM 3.5 SaaS not only simplifies management across multiple firewalls and tenants but also strengthens your security posture. From proactive credential auditing to enhanced analytics and secure backup options, NSM continues to empower IT teams and partners to operate confidently in today’s threat landscape.

Explore what’s new in NSM.

For optimal results, SonicWall recommends upgrading to the latest firewall hardware to take full advantage of modern security, analytics and management capabilities.

SonicWall have released some new promotions (for moving to Gen 7 appliances).

1-YEAR REIGNITE PROMOTION:
Legacy SonicWall firewall customers can purchase a 1-year Advanced Protection Security Suite (APSS) subscription and receive a FREE Gen 7 firewall. This offer applies to legacy SonicWall firewalls that are inactive for 90 days or more and requires registration using the legacy SonicWall serial number. Not valid for competitive replacements.

2 & FREE PROMOTION:
Legacy SonicWall firewall customers can purchase a 2-year Advanced Protection Security Suite (APSS) subscription and receive a FREE Gen 7 firewall. This promotion is available for devices with either active or expired services and requires registration using the legacy SonicWall serial number. Not valid for competitive replacements.

3 & FREE PLUS FREE HIGH AVAILABILITY (HA) PROMOTION:
(Gen 7 TZ Only) Want the longest term? Includes two free next-generation firewalls (primary and high availability hardware) with the cost of a three-year APSS subscription. SonicWall Replacement and Competitive Takeout Eligible. Standard Secure Upgrade Matrix applies.

Available through a special pricing request, please contact us for more information.

This promotional offering may not be combined with any other sale, promotion, discount, rebate, coupon, or offering, nor may it be used in conjunction with stock rotations. Standard Deal Registration Eligible.

Datasheet: https://yoursonicwall.com/images/document/21925849...

Cyberattacks often begin with a single click. That’s why content filtering is more critical than ever in today’s digital landscape. But not all filtering technologies are the same and understanding the difference between DNS and URL filtering can help your organization build a smarter, layered security strategy for web access.

What is DNS Filtering?

DNS filtering works at the Domain Name System (DNS) level.
This is the same system that translates a website (like linkedin.com) into the IP address your device uses to connect.
When DNS filtering is enabled, requests for malicious, risky, or non-compliant domains are blocked before a full connection is established.

Benefits of DNS Filtering:

• Fast and lightweight – stops threats before a page even loads
• Great for remote/hybrid work – protection travels with users
• Broad protection – blocks entire domains known for hosting malware, phishing, or botnets.

Example:
If a user clicks a phishing link to malicious-phish.com, DNS filtering stops it from resolving so no connection or download is made (and no risk).

What is URL Filtering?

URL filtering goes deeper. It analyzes the full web address (URL), including the specific page, folder, or file path, after DNS resolution.

This allows organizations to enforce more granular web access policies and send the entire URL for more in-depth evaluation.

Benefits of URL Filtering:

• Granular control – Send specific pages for further risk-based evaluation (e.g., example.com/sports/basketball)
• Advanced Threat Protection – Stops users from accessing compromised subpages or dangerous downloads on otherwise “safe” domains

Example:
A site like example.com may be generally safe, but example.com/freeware.exe could contain malware. URL filtering catches this.

Version 7.3.1-7013 - This version of SonicOS 7.3.1 is a maintenance release for existing platforms and also resolves issues found in previous releases.

Release notes: 232-006386-00_RevB_SonicOS_7.3.1_ReleaseNotes.pdf

A new feature included in this release is Credential Auditor.

Credential Auditor is a built-in security feature that helps organizations reduce credential-based risks. It validates user passwords against industry-recognized lists of compromised credentials and provides actionable insights for administrators.

Key Capabilities

• Automated Credential Checks: Compares user passwords against known compromised credential databases.
• Risk Identification: Flags accounts with exposed or weak credentials for immediate attention.
• Administrative Actions: Enables administrators to enforce security measures, such as issuing warnings to affected users and requiring password changes.

Key Features:

• Provides proactive protection against leaked credentials, securing both local and externally authenticated accounts.
• Improves password hygiene across the network.
• Reduces the risk of credential-based attacks.
• Simplifies compliance with security best practices

More information: Understanding and Using Credential Auditor on SonicWall Firewalls

NSM (Network Security Manager) is now included with every Gen7/8 firewall with an active support subscription. Additional features are included in security/support bundles (like Advanced Protection Service Suite or Managed Protection Service Suite).

If you want to add or increase the storage time you can purchase SaaS 7, 30, 90 or 365 Days of Advanced Reporting and Analytics.

SaaS Reporting

Firewalls need active management. With MPSS, SonicWall experts handle the management of your Generation 7 or 8 firewall, ensuring you always have the best firewall configuration to defend against cyber threats.

SonicWall’s Managed Protection Security Suite (MPSS) brings the expertise of our SonicSentry team to manage and monitor your firewalls, becoming an extension of your team to help you maximise your resources and achieve better security. For MSPs, partnering with us for firewall management can help you grow your business without adding headcount, while also freeing your team to focus on more customer service-oriented tasks.

Managed Protection Security Suite Datasheet

As a prerequisite, a minimum level of configuration is required and a document is available to help. I would advise anyone to set their firewall to best practices and include these amendments.

MSS Managed Firewall Best Practice Configurations

Gen 7 pricing will be adjusted starting October 15, 2025, as we continue expanding our Gen 8 portfolio. While both Gen 7 and Gen 8 provide strong, modern capabilities, Gen 8 will be the platform for future innovations and extended lifecycle support.

Many of the new Gen 8 models are in stock (currently limited), but we're getting more in every week.

Added some discounted products - see home page promotions.

These mostly include some Essential renewal bundles, but also NSa 2700 offer.

Details here.

The SonicWall GEN8 TZ Series and GEN8 NSa Series firewalls introduce in-product migration capabilities that allow administrators to import configuration settings from supported legacy SonicWall firewalls. This greatly simplifies the upgrade process by eliminating the need for manual reconfiguration during hardware refresh or platform upgrade.

Settings Import Feature:

• Export/Import settings
• Devices must be entirely configured from scratch in a typical greenfield deployment (new setup). With GEN8 firewalls, you can import .exp configuration files from supported legacy devices, streamlining migration.
• The GEN8 TZ and NSa firewalls support in-product migration from select current and previous generation SonicWall firewalls.
• This feature is especially useful when upgrading from GEN6 or GEN7 models.

Key Benefits:

• Reduces time spent on manual configuration
• Maintains policy consistency across hardware generations
• Simplifies deployments and rollback planning

Pre-Requisites: The following devices are supported as source firewalls from which settings can be exported and imported to GEN8 TZs and NSa models:

SonicWall will retire the Essential Protection Service Suite (EPSS) effective August 1, 2025.

In today’s threat landscape — where cyberattacks use automation, AI, and advanced evasion — customers need a simple, effective solution. To address this, we’re simplifying our service portfolio to make it easier to deliver the protection your customers expect.

As of August 1, SonicWall will offer a single subscription bundle: the Advanced Protection Service Suite (APSS) — delivering best-in-class threat prevention at a low total cost of ownership.

Partners in the Service Provider Program can also choose the Managed Protection Service Suite (MPSS), which adds the firewall management expertise of the SonicSentry NOC. MPSS is currently available in NOAM, with global availability coming soon.

We encourage you to begin transitioning your customers to APSS or MPSS, both of which include advanced security, support, and SaaS-based reporting and analytics.

Device > Settings > Administration > Login / Multiple Administrators > Login security

Device > Settings > AdministrationLogin / Multiple Administrators > Login security

Device > Settings > Firmware and Settings

Device > Users > Settings > Authentication

Device > AppFlow > Flow Reporting > Settings

Device > Log > Settings

Device > Log > Name Resolution

Network > SSLVPN > Server Settings

Network > Firewall > Advanced > Settings

Network > Firewall > Advanced > Connections

Network > Firewall > Flood Protection > TCP > Layer 3 SYN Flood Protection - SYN Proxy

Network > Firewall > Flood Protection > UDP

Network > Firewall > Flood Protection > ICMP

Network > VoIP > Settings

Policy > Security Services > Gateway Anti-Virus

Policy > Security Services > Anti-Spyware

Policy > Security Services > Intrusion Prevention

Policy > Capture ATP > Settings > Basic

Policy > Security Services > Geo-IP Filter

Policy > Security Services > Botnet Fiter

Policy > Security Services > App Control

Policy > Security Services > App Control > Signatures

Objects > Match Objects > URI Lists

Objects > Profile Objects > Content Filter > CFS Default Profile > Settings > URI List

Objects > Profile Objects > Content Filter > CFS Default Profile > Settings > Category

Objects > Profile Objects > Content Filter > CFS Default Profile > Settings > Reputation

Objects > Profile Objects > Content Filter > CFS Default Profile > Advanced

Policy > Rules and Policies > Content Filter Rules > CFS Default Policy