Check the latest blogs and updates from SonicWall-Sales.com
SonicExpress Mobile Application
TZ570 and TZ670 Series firewall customers now have a new way to ease and enhance their onboarding experience.
For most of us, mobile devices are becoming the go-to means for getting work done in a digitally connected world. By 2023, the number of mobile device users will increase to 7.33 billion — and by 2025, 72% of those accessing applications and the web will do so with smartphones alone.
Network admins are also utilizing mobile devices to get work done: These devices allow them to extend their presence, enabling faster responses and easier network configuration and setup.
As part of our commitment to anytime, anywhere cybersecurity, SonicWall is launching the SonicExpress mobile app. The SonicExpress mobile app greatly simplifies firewall onboarding: device registration, initial setup, basic configuration, and monitoring for 7th generation SonicWall firewalls, including the recently launched TZ670 and TZ570 series. Designed for the Apple and Android platforms, the SonicExpress app is now available for download from the Apple App Store and the Google Play Store.
Onboarding as easy as 1, 2, 3
The typical onboarding process involves appliance registration and several other steps that must be completed in order to get a new firewall ready for configuration and use. With SonicExpress, the onboarding experience of a new firewall involves just three simple steps:
- Launch the SonicExpress App on a mobile device
- Connect a mobile device USB cable to the new firewall
- Finish setup
Designed with intuitive interfaces, the SonicExpress app guides the user through device registration and initial setup in less than a minute.
Simplified initial firewall setup
Zero-touch deployments require firewalls to connect to the internet using a DHCP address on the WAN interface. However, in certain deployments, WAN interfaces are assigned static IP addresses or configured over a PPPoE interface. For closed network deployments, there is typically no internet connectivity for the firewall being set up. The app helps with these and other initial setup configurations by connecting the firewall using the USB interface.
The SonicWall Express Setup Guide walks users through the process of getting their firewall registered and set up for specific deployment use cases. Alternately, users can choose to register the firewall without going through the entire setup process by simply scanning a QR code.
Monitoring your firewall
The SonicExpress app allows users to monitor firewalls for threat alerts, resource utilization and system status via an intuitive dashboard. It offers the flexibility of being able to check the health of your network from anywhere and the convenience of being able to make easy, quick changes necessary to ensure the security posture of your network.
There’s more coming
This is just the initial release of the app — we’ll be adding more features in future releases, including firmware management and advanced configuration capabilities similar to those available on the web management interface.
SonicWall announces new technology
Today, SonicWall announce the following new technology that simplifies proven security for newly extended distributed enterprises, governments and MSSPs; expand breakthrough economics to high-security environments; maximize investments by delivering proven, future-proof security; and make security administration easier and more accessible to more organizations.
- New SonicOS 7.0 simplifies the security experience with an all-new user interface and experience (UI/UX), which is smartly organized, includes intelligent device dashboards, re-designed topologies, SonicExpress mobile app support, and simplified policy creation and management.
- New SonicOSX 7.0 lets governments and enterprises scale faster, protect more and maintain control. The enhanced OS simplifies complex policy, audit and management controls — all while delivering the fresh, modern and easy-to-use UI/UX available on the new SonicOS 7.0 offering.
- New SonicWall Network Security Manager (NSM) 2.0 helps organizations re-gain visibility for sprawling, mass-scale environments. Optimize, control, monitor and manage tens of thousands of network security devices, including firewalls, managed switches and access points. A cloud-native management platform, NSM is designed for speed, scalability and reliability across the largest distributed enterprises.
- New SonicWall NSsp 15700 high-end firewalls, with multiple 100/40/10 GbE interfaces, TLS 1.3 support and compute-cluster-like processing capacity, help enterprises, governments, data centers and MSSPs get more from their investments as resource utilization and connection requirements grow with the explosion of connected devices and users.
- New SonicWall TZ570 and TZ670 next-generation firewalls are the first desktop firewall form factor to offer multi-gigabit (5/10G) interfaces for connectivity with SonicWall Switches or other networking devices in SD-Branch deployments — all with more than three times the threat performance and TLS 1.3 support.
- New SonicWall NSv 270, 470 and 870 virtual firewalls simplify protection of private and public cloud assets with scalable, virtual and cost-effective security.
- New SonicWall SonicExpress allows administrations to manage security on the go. Complete the most common management tasks, including firewall registration, setup, configuration and monitoring, and easily onboard new firewalls within minutes with three easy steps: register, connect and manage.
- New SonicWall CSa 1000 stops advanced cyberattacks that target large networks via an all-new on-premise appliance. CSa includes access to RTDMITM, which provides network-based protection against the future of side-channel attacks such as Meltdown, Spectre, Foreshadow, PortSmash, Spoiler, MDS and TPM-Fail.
For the full announcement, please read the press release, explore additional details on the SonicWall blog and see the new line of NSsp firewalls, TZ firewalls, NSv firewalls, NSM 2.0 and CSa 1000. SonicWall’s commitment has always been to help protect you, your business and your brand in the new business normal. Today, it’s never been easier to realize true cybersecurity by breaking free from the constraints of the past.
Blocking HTTPS Websites, your How-To
Using the SonicOS 188.8.131.52 or earlier versions of these firewalls, we’ll take a look at how you can block unwanted HTTPS websites, the steps and procedures to follow as well as some of the advanced features to implement.
Starting at the very beginning….
In earlier versions of the HTTPS traffic filtering, IP addresses would carry out the work, and filtering would be carried out based on these IP server addresses.
When we talk about Content Filtering, this applies to all domains entered within lists you create as well as those that match these lists (Match Objects), which can all be entered in your Allowed and Forbidden lists.
These points can be found with the Firewall application pages.
Ultimately, what this means is that when you enable Filtering for HTTPS Content, the information will be scrutinised under CFS, Configure, CFS window.
This CFS setting is globally applied and relates to:
- Forbidden Domains
- Allow Domains
- CFS Allow/Forbidden List (App Rules)
- CFS Category List (App Rules)
From here you can get hostnames in two particular ways:
1. Finding the hostname to get rating info, by examining SSL Hello. If upon examination, you discover it supports the SSL server name and extension, you will be able to find the hostname in SSL Hello Client.
2. Finding the Common Name, again, by examining the Server Hello certificate.
How to block HTTPS Content
To ensure that the content you want to block is 100% blocked, you also need to configure this for HTTPS.
To do this, you need to log in to your SonicWall management system and choose the Security Services and Content Filter tab.
From here, within the Content-Type, make sure SonicWall CFS is selected and click on Configure.
Finally, change this to Enable and to make sure all changes are saved, click OK.
Users and Zone Screens
Within the SonicWall firewall settings, you can also add the custom list for Allow or Forbidden in CFS by selecting zone and user screens through CFS Policy Assignment heading.
Once this has been changed, make sure to click accept.
Within the Content-Type, click Configure once, and only once, SonicWall CFS has been selected.
Then you can move on to the Custom tab list.
To add custom lists, click on the Add button below the Forbidden Domains box and enter the sites/apps that you would like to block.
When you’re finished, click OK to save changes.
How to configure your custom policies to include your Allow/Forbidden list
Whatever has been included within the Forbidden box automatically applies to default policies.
However, to ensure the same applies to the Custom CFS policy, this needs to be manually agreed and input.
To do this, locate the Customs CFS Policy, Edit, and click on the Settings tab.
Change the field Source to Global for Forbidden Domains and click OK.
How, using App rules, you can add Allow and Forbidden Customised Lists to CFS
Going back into Security Services and locating the Content Filtering Page, make sure to choose App Rules found in CFS Policy Assignment – then click on Accept.
To match objects…
Open up your SonicWall firewall settings and find Match Objects. Choose the option Add New.
Here you will then be able to add your customised list of forbidden and allowed websites and domain names by selecting CFS Allow or Forbid.
You also have the option of loading such lists from files containing the names of your chosen domains – however, note, each domain should be on a separate line to the previous for it to be recognised, and there is a maximum file size of 8192 bytes.
Custom List Objects differ from CFS zones and users as it can’t be used as a standalone as it will only appear with a CFS Category List.
In these instances, it’s important to set your App Rules.
To do this, you need to go into your SonicWall application control and look for the App Rules.
Here you can tick the box to Enable and choose to Add New to create your own App Rules.
All messages recorded
SonicWall firewalls are sophisticated security applications used to provide you with maximum protection.
As such, they also provide you with detailed log messages showing users when CFS has blocked HTTPS websites.
Note: Users can’t and won’t see full logs, only that the page they have requested is not permitted at this time.
New Features in upcoming SonicOS 7.0
SonicOS 7.0 is the upcoming unified feature release that runs on all Gen 7 firewalls. Key highlights of the upcoming SonicOS are:
- New UX/UI (Dashboard, Device information, API, Topology view, Optimized policy engine)
- Storage support
- TLS 1.3 support
- Global search for static data
- Gen7 Connections scalability (SPI, DPI, DPI SSL)
- WWAN USB card support (5G/LTE/4G/3G)
- Gen7 SonicExpress Mobile app support
- SonicWall Switch Integration support
- NSM 2.0 support (Gen7 Zero-Touch Registration and Provisioning)
Blocking pesky apps and multimedia sites using application control
One of the most common questions we get asked is how to use the controlled features within firewall software to block pop-ups and apps such as YouTube etc.
Blocking programs using SonicWall Firewall
Our step by step guide below is based on the SonicWall management system.
Firstly, you need to login to your firewall system and click on Manage displayed across the top of the bar.
Then look for Rules Advanced Application Control (in some operating systems this page can be found under Security Services.
On this page, you then need to choose and tick the box that states Enable App Control, and for these changes to be accepted, click the Accept button to enable this control feature.
Then within the App Control Advanced and category, choose Multimedia, and click Configure.
Finally, within the Edit App Category window, within the Log and Block criteria, choose to Enable for both of these.
Once complete, click, OK.
If there is a multimedia site or a specific app that you would like to block, for example, YouTube the steps to block individual apps are as follows:
Go into App Control Advanced and look for Advanced Application Control.
Within this section, you can then choose the app or multimedia site in question, i.e., YouTube.
You then need to click Configure.
Again, within the Edit App section, and under the Log and Block criteria, you need to choose the option Enable for the individual site you have selected to be blocked from your network.
To ensure all changes are saved, click OK.
SonicWall Application Control
The SonicWall firewall has several signatures covering a variety of multimedia sites and apps, providing you with the option of whether you would like these programs blocked or not.
It’s important to know how to block unwanted apps and programs on an individual level, but it is also worth noting the signatures included within SonicWALL’s App Control.
The list of most up to date signatures can be found HERE.
Local Area Networks and Application Control
In some instances, it may be applicable to enable application control if you are operating using a Local Area Network (LAN).
To do this, on the top bar, locate Manage, and scroll to Navigate to Network / Zones.
From here, you can simply click on the configure button located under the network zone that you wish to enable the App Control for.
Make sure that you tick the box labelled, Enable App Control Service (found at the bottom right of the pop-up page).
Click OK so all changes can be saved.
Does it work?
This is a good question, and if we’re honest, the only way to truly find out is to test it!
To test, we’d advise you to log in to a site or app that you have recently blocked, such as the YouTube example we mentioned above – and do this from a host behind the SonicWall.
When logging in, use either HTTP or HTTPS, so you get the message reading, `the connection was reset page`. A message will also be logged in the SonicWall, which states that the connection was reset and that ultimately the site you are trying to access is unavailable at the moment.
If you use the HTTPS route, YouTube will display on your screen; however, you won’t be able to see anything or play any videos or content, and a further error message will also be displayed on the screen.
Within your SonicWall firewall, these attempted logins will be recorded for you to see.
If you are using earlier versions of SonicWall
If you are using earlier versions of firmware and SonicOS 6.2, the steps below will allow you to block apps and sites similar to what we have mentioned above.
Firstly, you need to login to your SonicWall management and locate your firewall within the App Control Advanced tab (this page may also be named Security Services).
Make sure to tick the box named Enable App Control - click Accept for all changes to be saved.
Then, in App Control Advanced, View Style, choose within the category, Multimedia.
Click Configure and move to Edit App Category, wherein the Log and Block criteria, change these to Enable.
Finally, hit OK.
Blocking specific and individual apps and sites
Again, we’ll use the example of YouTube as the app to block. Within the App Control Advanced page, look for the View Style Application.
Here you will be able to select the individual site or app you are looking to block/restrict.
Once you have chosen the site, click configure and move to Edit App Control App, change the Log and Block criteria to Enable.
Again, make sure to click OK, so all changes are saved.
SonicWall Firewall settings are designed with users in mind, so you will find them to be straightforward and easy to manoeuvre.
If you want any further information on SonicWall, Firewalls, and how to ensure your networks are 100% protected, call us on
SonicWall launches new range of network switches
Packed with features, these stackable switches are available in a compact form factor with an energy-efficient design. Available in seven models, ranging from eight to 48, with gigabit and 10 gigabit Ethernet ports, the switches work seamlessly with SonicWall next-generation firewalls and SonicWave APs to create an end-to-end multi-gigabit secure network. The Ethernet ports provide PoE options to power on various devices such as APs, VOIP phones and IP cameras.
Increased Connection Capacity on SMA 210 / SMA 410
SonicWall have released the SonicWall Secure Mobile Access firmware 10.0.0.5.
SonicWall SMA 10.0.0.5 is a maintenance release that increases maximum connection capacity and fixes issues found in previous releases. See the Enhancements and Resolved Issues sections for more information (Release Notes).
This release supports all the features and resolved issues from previous SMA 10.0 releases.
You must have an active support agreement on your SMA device in order to download and install updates. SMA appliances and subscriptions can be found here
We are still open for business.
Just a quick update to let everyone know that we are still working 'as normal' and processing orders. Any hardware orders are still being despatched within our standard times and generally still being delivered next working day. Software orders are emailed, and taking about 2 to 3 hours on average, but please allow 24 hours just in case.
VPN Remote Access Licenses
Due to the current Coronavirus (Covid-19) disease pandemic we are pre-generating many of the common licenses required for secure remote access so we can respond to orders quickly.
Different type of clients:
For firewall VPN remote access licenses we will endeavour to get your activation keys to you within the hour during business hours, but we are also periodically checking out-of-hours as well.
SonicWall VPN Clients: https://www.sonicwall.com/products/remote-access/vpn-clients/
The latest Sonicwall Secure Mobile Access and why you should upgrade
Remote working and flexible working are now a big part of the way we work, and businesses and their teams operate.
However, with this comes its own set of challenges.
For example, ensuring that everyone has fast and secure access to networks at any time from anywhere has become part of the norm. But it can also be challenging to provide, manage, and stay on top of.
For several years the Sonicwall Secure Remote Access solution was used for remote personnel located around the world. However, as times change, technology certainly moves at a pace with it.
In business today, we have more users, more applications, and more services than ever before. Ensuring that everyone’s needs and all system needs are taking care of, requires a high performing solution, with the remote access that is 100% secure.
Meet the latest in Sonicwall firewall security.
SMA, also known as Secure Mobile Access by Sonicwall, SMA offers a secure access gateway that is unified and enables businesses to provide access to applications and networks at any time from anywhere.
Offering clients more throughput, more memory, and more users.
It also has the features and capabilities to help businesses move to the cloud without hesitation or complication and welcome with open arms increased mobility and BYOD.
Reasons why people are upgrading to Sonicwall SMA
Smaller cost compared to a physical appliance
Going virtual can help to improve overall performance, offer increased flexibility and scalability, minimise upfront investment, reduce downtime, lower maintenance costs, and more!
Can operate faster
Having faster and more processing cores allows SMA to encrypt data in motion, with the results providing a higher and quicker performance experience for the user.
You can increase your throughput
We all want to deliver that seamless user experience, and by increasing your throughput, you can promote better productivity by providing faster access to network applications.
Serve more remote users
The SMA series offers much more scalability from a single appliance allowing you to manage a more significant number of users accessing the network remotely at the same time without it affecting speed or performance. (This can also be tracked with the firewalls.)
Supports increased bandwidth and data transfers
Organisations must be able to provide users with the necessary support to enable them to access bandwidth-intensive applications as well as carry out high-speed data transfers. With more high-speed ports on offer, the SMA provides the perfect solution.
Everything stays current
Patches must be kept current if they are to remain protected against up and coming as well as already established cyberthreats. All SMA firmware is packed with new features as well as advanced features for those requiring more.
Warranties are important
All IT functions need to ensure that the solution that is deployed is always fully supported, and it has a first-class warranty behind it.
Reduce administrative overheads
By centralising your management and reporting through automating routine tasks, businesses can make significant administrative savings. Freeing up valuable and much sought after time! With the Sonicwall Central Management Server (CMS), you will be provided with a single user administrative interface for all of your SMA appliance management and reporting.
Continue to ensure business continuity
Continue to meet your service level agreements by opting for the right appliances to support your business scalability. Solutions provided by Sonic firewall security series can include Global Traffic Optimiser (GTO) supporting intelligent load balancing and support in the area of failovers.
Store sensitive information and data securely
Providing you with onboard memory, the SMA 6200 and 7200 allows for local storage modules, i.e., logs, file transfer inspections, reports, restores, firmware backup, and much more.
Manage user licences better
For companies that operate on a global level, central user licensing through CMS can help to manage the fluctuating demand from users managed SMA appliances, based on their usage.
Sonicwall NSA Firewalls
Sonicwall SMA can fit seamlessly into any existing IT infrastructures, offering users advanced security, secure access to networks, and cloud resources, as well as providing a more centralised approach when providing remote and mobile access.
For further information on the Sonicwall firewall series, contact 0333 2405667 or email firstname.lastname@example.org, we’d be happy to help!
Read the next article: Blocking pesky apps and multimedia sites using application control
Wireless Security Network KRACKS
Recent flaws in the design of WPA2 found by Belgian security researchers have publicly shown that more and more cybercrime regarding wireless networks is inevitable.
Known as KRACKS, these attacks (also known as key reinstallation) are a profoundly sophisticated attack. Used by cybercriminals to steal private and confidential data from unsuspecting users as they operate through a wireless network, using the flaws found in a WiFi standard to their advantage.
The team of researchers based their findings on CERT, issuing several CVEs to help support and address the flaws identified, as well as acknowledging those who have been most affected have released patches as of this writing.
For further updates and details of the precise vulnerabilities, you can view the research online www.krackattacks.com
Sonicwall Wireless Security
Sonicwall take all new security alerts and cyber threats seriously. The Capture Labs by Sonicwall, in particular, have looked at the vulnerabilities identified within this latest research announcement finding that the SonicWave and SonicPoint wireless access points are not vulnerable.
This is also true for the TZ and SOHO Wireless firewalls.
For all Sonicwall customers, this means that no updates or patches are required for both the integrated wireless and Sonicwall wireless access points.
Ways to protect your wireless network further
To help minimise the risk spouted by this latest cyber threat, we do advise (whether you’re using a Sonicwall global VPN client or not) to follow some of the actions outlined below:
- Ensure all your Wi-Fi clients are patched. Whether this is Android, iOS, Windows, Mac OS, or Linux, make sure you patch them with the latest KRACK updates. (The actual threat does not come from the wireless router but rather from compromising the wireless device, which is important to understand when carrying out patches.)
- If you aren’t a Sonicwall VPN customer, you will need to speak with your client-vendor to find out if a patch on your access points and routers is necessary. In an ideal situation, your Wi-Fi solution would be managed centrally to enable you to place patches more efficiently without taking up too much of your IT team's time. Note: For Sonicwall wireless customers, no updates or patches are required to the routers or access points.
- Look to enhance your security options, adding in additional layers through VPN technology. Encrypting all traffic between wireless devices and firewalls you have in place can protect you two-fold. For Sonicwall customers, we also recommend:
- On mobile devices for SSL encryption, opt for the Mobile Connect from Sonicwall
- Look for the Sonicwall Global VPN client for all IPsec encryption
- Provide updates and policies to users on best practices when sending sensitive data. Ideally, only using encrypted web pages.
- For a specific third radio which is ideal for scanning, the SonicWave series can offer it all. This intrusion detection element allows users to block traffic from unknown routers and access points, ensuring the scanning is continuous and monitoring for all types of threats in real-time.
- For a cybercriminal to commit to an attack, they must be within your Wi-Fi reach, so always lookout for any suspicious activity.
- There is also no requirement to begin changing Wi-Fi passwords and resetting these. This is because KRACKS do not need Wi-Fi passwords for them to be successful.
Sonicwall wireless security is designed to provide users with complete peace of mind. To ensure that your IT systems continue to provide you with continued high-speed access which is secure whether you’re using a wired or wireless network.
Helping you to stop more attacks affecting your networks, Sonicwall’s wireless network security solution helps to provide you with leverage when it comes to identifying and preventing cyber-attacks.
Providing Capture sandbox through a multi-engine, deep packet inspection (including cloud-based applications), as well as a centrally managed SonicWave 802.11ac Wave 2 wireless access points - Sonicwall has a solution to cover it all.
To find out more about the security solutions available to you, call us on 0333 2405667 or email email@example.com
SonicWall Exposes New Cyberattack Data, Threat Actor Behaviors in Latest Report
For cybercriminals and threat actors, the digital frontier is a lawless panorama of targets and opportunity. Despite the best intentions of government agencies, law enforcement and oversight groups, the modern cyber threat landscape is more agile and evasive than ever before.
For this reason, SonicWall Capture Labs threat researchers work tirelessly to arm organizations, enterprises, governments and businesses with actionable threat intelligence to stay ahead in the global cyber arms race.
And part of that dedication starts with the 2020 SonicWall Cyber Threat Report, which provides critical threat intelligence to help you better understand how cybercriminals think — and be fully prepared for what they’ll do next.
Global Malware Dips, But More Targeted
For the last five years, cybercriminals overwhelmed organizations with sheer volume. But as cyber defenses evolved, more volume was not resulting in higher paydays. A change was in order.
In 2018, cybercriminals began to leverage more evasive and pointed attacks against “softer” targets. In 2019, global malware volume dipped, but attacks were more targeted with higher degrees of success, particularly against the healthcare industry, and state, provincial and local governments.
All told, SonicWall Capture Labs threat researchers recorded 9.9 billion malware attacks* in 2019 — a slight 6% year-over-year decrease.
Ransomware targets state, provincial and local governments
‘Spray and pray’ is over. Cybercriminals are using ransomware to surgically target victims that are more likely to pay given the sensitive data they possess or funds at their disposal (or both). Now it’s all about ‘big-game hunting.’
The report outlines the most egregious ransomware attacks of 2019, while also painting a picture of the evolution of ransomware families and signatures, including Cerber, GandCrab, HiddenTear and more.
Fileless malware spikes in Q3
Fileless malware is a type of malicious software that exists exclusively as a memory-based artifact (i.e., RAM). It does not write any part of its activity to the computer’s hard drive, making it very resistant to existing computer forensic strategies.
The use of fileless malware ebbed and flowed in 2019. But exclusive SonicWall data shows a massive mid-year spike for this savvy technique.
Encrypted threats growing consistently
Another year, another jump in the use of encrypted threats. Until more organizations proactively and responsibly inspect TLS/SSL traffic, this attack vector will only expand.
IoT malware volume rising
From hacked doorbell cameras to rogue nanny cams, 2019 was an alarming year for the security and privacy of IoT devices. Trending data suggests more IoT-based attacks are on the horizon.
In early 2019, the price of bitcoin and complementary cryptocurrencies created an untenable situation between Coinhive-based cryptojacking malware and the legitimate Coinhive mining service. The shuttering of the latter led to the virtual disappearance of one the year’s hottest malware.