SonicWall Capture, a cloud based service available with Dell
SonicWall firewalls, revolutionizes advanced threat detection and
sandboxing with a multi-engine approach to stopping unknown and zero-day
attacks at the gateway, and with automated remediation. Customers
benefit from high security effectiveness, fast response times and
reduced total cost of ownership.
Datasheet: SonicWall Capture Advanced Threat Protection Service
Multi-engine advanced threat analysis
Capture extends firewall threat protection to detect and prevent
zero-day attacks. The firewall inspects traffic and detects and blocks
known malware and intrusions. Suspicious files are sent to the SonicWall
Capture cloud service for analysis. The multi-engine sandbox platform
includes virtualized sandboxing, full system emulation, and
hypervisor-level analysis technology. It executes suspicious code and
analyzes behavior, thus providing comprehensive visibility to malicious
activity, while resisting evasion tactics and maximizing zero-day threat
Broad file type analysis and no file size limitation
Capture supports analysis of files of any size and for a broad range of
file types, including executable programs (PE), DLL, PDFs, MS Office
documents, archives, JAR, and APK. Plus, it supports multiple operating
systems, including Windows, Android, and Mac OSX environments.
Administrators can customize protection by selecting or excluding files
to be sent to the cloud for analysis, including by file type, file size,
sender, recipient and protocol. In addition, administrators can
manually submit files to the cloud service for analysis.
Block until verdict
prevent potentially malicious files from entering the network, files
sent to the cloud for analysis can be held at the gateway until a
verdict is determined.
Rapid deployment of remediation signatures
a file is identified as malicious, a signature is immediately deployed
to firewalls with SonicWall Capture subscriptions to prevent follow-on
attacks. In addition, the malware is submitted to the SonicWall
threat intelligence team for further analysis and inclusion of threat
information into the Global Response Intelligent Defense Network (GRID)
Gateway Anti-Virus and IPS signature databases and the URL, IP and
domain reputation databases within 48 hours.
Reporting and alerts
Capture provides an at-a-glance dashboard and reports that detail the
analysis results for files sent to the service, including session
information, OS information, OS activity, and network activity. Firewall
log alerts provide notification of suspicious files sent to the
SonicWall Capture service for analysis and results.