Blog – Full Width

  1. Home
  2. Blog – Full Width
October 4, 2021
by

Capture Advanced Threat Protection (ATP)

SonicWall Capture ATP is a cloud-based, multi-engine sandbox that revolutionizes advanced threat detection. Included with Capture ATP, SonicWall’s patented Real-Time Deep Memory Inspection™ (RTDMI) blocks zero-day and unknown threats at the gateway — even those that hide via encryption or don’t exhibit malicious behavior.

The Advanced Protection You Need, Where You Need It

SonicWall Capture ATP scans a broad range of file types to prevent zero-day attacks, targeted malware, advanced ransomware and more. Capture ATP analyzes behavior in a multi-engine sandbox platform that includes full system emulation, hypervisor-level analysis, virtualized sandboxing and RTDMI™, which uses real-time, memory-based inspection techniques to force malware to reveal its weaponry into memory.

By giving admins the ability to block until verdict, create customized policies and scan select files in the cloud, SonicWall Capture ATP combines the efficiency of automation with greater flexibility and control.

Superior Threat Prevention. Faster, More Accurate Verdicts.

SonicWall Capture ATP offers higher security effectiveness, faster response times and a lower total cost of ownership.
Stop Unknown Malware and Zero-Day Threats

Blocks malware, even if it’s hiding in encryption or not behaving maliciously.

Inspect More File Types

Supports analysis for PE, DLL, PDF, MS Office docs, archives, JAR and APK — plus multiple OSs.

Block Until Verdict

Potentially malicious files can be held at the gateway until an admin takes action.

Rapid Remediation

Files go from inspection to verdict within milliseconds, stopping follow-on attacks and ensuring a better user experience

Multi-Engine Sandbox

By combining multi-engine sandbox technology, system emulation and virtualization techniques, SonicWall Capture ATP detects more threats faster than single sandbox solutions.

  • The solution scans traffic and extracts suspicious code for analysis.
  • Malware capabilities are replicated over various environments — all without detection.
  • SonicWall Capture Labs rapidly deploys remediation signatures to SonicWall security products, so threats that fail anywhere fail everywhere.

Perfect Scores in Third-Party Testing

Independent ICSA Labs testing found SonicWall Capture ATP delivers better threat protection, with zero false positives, than competitors.

Multi-Engine Sandbox. Multi-Solution Flexibility.

Delivering unparalleled real-time threat detection and protection, the SonicWall Capture ATP service with RTDMI can be added to a variety of SonicWall’s latest security products:

Secure Remote Access
Connect and secure your growing remote workforce and devices.

Firewalls
Defend your physical networks from malware, intrusions and more with best-in-class protection.

Wireless Security
Enhance Wi-Fi security and performance with cloud-based deployment and management solutions.

Cloud App Security
Protect business-critical SaaS apps — including Microsoft Office 365, G Suite, Box and Dropbox — in real time.

Virtual Firewalls
Defend your business and data within virtual networks, for both public and private clouds.

Secure Email
Shield your organization from advanced email threats, including targeted phishing attacks, ransomware and BEC.

Resources:

September 18, 2021
by

Fortinet Expands Security Services Offerings and Introduces FortiTrust

The way people work has changed, networks have had to adapt. The transition to remote work and the addition of personal devices (BYOD) have led to an increase in SaaS applications and adoption of multi-cloud networks. These shifts have changed the attack surface dramatically. In fact, IDC predicts that by 2023, more than 50% of new IT infrastructure deployment will be at the edge. Because this new network environment needs to be managed and secured, organizations are looking more seriously at implementing technologies like Zero Trust Network Access (ZTNA) and multi-factor authentication (MFA).

According to a recent ESG report, “The State of Zero trust Security Strategies,” only 13% of organizations have strong adherence to zero-trust principles and 54% have been working on zero trust for less than two years. Although 74% are very familiar with the concepts, 76% expect zero trust to be complex to implement.

With the release of FortiTrust, Fortinet is working to counter that perception by expanding our roster of security services which currently include FortiCare and FortiGuard.

FortiTrust Security Services

FortiTrust adds to Fortinet’s existing FortiCare and FortiGuard Security Services. FortiCare offers advanced support and proactive care for Fortinet products, and FortiGuard Security Services offers AI-enabled security capabilities that assess risks and adjust protection across the Fortinet Security Fabric. And now the new FortiTrust offering makes it easier to add security services with user-based licensing for specific use cases, such as ZTNA or MFA.

With a user-based subscription model, FortiTrust offers a comprehensive, flexible set of security services that use cloud and network-based resources. Although delivering the use case may involve device agents, hardware appliances, and cloud services, the use case is implemented through the single license.

The cloud-forward architecture and user-based licensing structure simplifies the purchase and ongoing management of end-user security. Because FortiTrust licenses work on a user basis, you don’t need to worry about device counts or form factor.

Getting started is simple. You pick the service:

Getting started is simple. You pick the service:

FortiTrust Access for ZTNA to extend secure access controls to applications for any user, whether they are on or off the network.
FortiTrust Identity for cloud-based MFA which provides the identify verification required to control application access.
The costs are based on the number of users you want to protect. The FortiTrust security services also include FortiCare support.

Unlike siloed solutions that complicate licensing with a mixture of device-based, appliance-based, and cloud-based fees, FortiTrust brings everything you need together with user-based pricing. You get clear visibility into what you’re spending and you can easily adjust as your workforce changes. Because the services are offered individually on a per-user basis, it’s easy to scale up or down and add or remove services as needed.

Licensing Per User Instead of Per Device with FortiTrust

If you are already using FortiClient, you may wonder how FortiTrust Access is different. FortiClient ZTNA with Cloud EMS is a per-device license while FortiTrust Access is a per-user license. The two solutions offer the same features; they both contain VPN and ZTNA agents for remote access, as well as URL filtering and USB control. With FortiClient, you buy device license packs based on the number of devices that need to access the corporate network. Because the licensing for FortiTrust Access is based on the number of users instead of devices, it can make the process easier for some organizations. You can buy licenses based on the exact number of users you have, which can simplify tracking and forecasting. Users can be transitioned across various form factors, which helps organizations with hybrid architectures support both on-premises and cloud-delivered security.

FortiTrust Access and FortiTrust Identity

FortiTrust’s initial services portfolio includes FortiTrust Access and FortiTrust Identity. Additional services to be released in the future include secure access service edge (SASE) and cloud access security broker (CASB). In addition to providing ZTNA services, FortiTrust Access includes the ZTNA agent and cloud-based orchestration. It builds on Fortinet’s ZTNA solutions that uniquely identify and classify all users and devices that seek network and application access, regardless if users and their devices are on or off the network or applications are on-premises or in a cloud environment. FortiTrust Identity complements FortiTrust Access with the necessary multi-factor authentication recommended for controlling application access.

FortiTrust Protects People, Devices, Applications, and Data Everywhere

FortiTrust expands on the Fortinet Security Fabric’s ability to protect people, devices, applications and data everywhere. It offers a unified services offering to secure organizations across any network, endpoint, or cloud with simplified consumption and one licensing model for all form factors. The expansion of security services to include FortiTrust along with FortiCare and FortiGuard gives organizations the comprehensive and flexible protection they need to secure today’s hybrid and highly distributed networks.

With FortiTrust, it is easier to protect the growing digital attack surface and secure critical devices, data, applications, and connections all the way from the data center to the cloud to the home office, and beyond.

Find out how the Fortinet Security Fabric platform delivers broad, integrated, and automated protection across an organization’s entire digital attack surface to deliver consistent security across all networks, endpoints, and clouds.

Resources:

September 12, 2021
by

Protecting Sophos Central admins with multi-factor authentication (MFA)

No action is necessary at this time. Beginning in early September, any Sophos Central administrators who aren’t already using MFA will simply be redirected to the MFA setup process automatically the next time they log in.​

MFA has been enabled by default (with an opt-out feature) for new Sophos Central accounts since October of 2019. This initiative is simply meant to provide all administrators with an additional layer of protection.

If you’re not familiar with MFA, it provides additional and valuable login security so that if username and password credentials are stolen, authentication isn’t possible without an additional factor.​ You can read more about the benefits of MFA here.

As a second authentication factor, we recommend using the Google Authenticator app, which is available for free in the App Store and Google Play. Administrators can also opt to receive text messages or email messages instead.​

Sophos Central Super Admins who wish to enable MFA for their teams before September are encouraged to do so. Simply log into Sophos Central, navigate to Global Settings, and choose “Multi-factor Authentication (MFA)” under the “General” heading. ​

Resources:

September 5, 2021
by

Resist the Lure of Amazon Spear Phishing

Let’s be real: Approximately everyone and their grandma buy things on Amazon. Amazon became the world’s largest retailer in 2019, and its branding is recognized around the globe. But this widespread popularity can bring with it other, less desirable consequences.

Due to its ubiquity, Amazon is one of the most mimicked companies in email phishing. Because so many people use Amazon, the hackers can create a phishing template and use it many times, simply substituting pertinent personal information based on the target. And since most potential targets will at least have an Amazon account, if not be current users, the odds that the phish will prompt action are much greater.

While these phishing attempts take many forms, in the example below, the attackers have spoofed an order confirmation from the Amazon website. The hope is that this confirmation will attract the target’s attention and raise alarm that someone has made an unauthorized purchase.

Despite being an imperfect attempt — the logo is wrong, plus there are grammatical errors — the hallmarks of spear phishing are still present. These attempts are more sophisticated (and thus more dangerous) than standard phishing attempts because the hackers have taken the time to learn about their target, and in turn use this information to craft more convincing lures. Here, the information being leveraged is a name and address, but in reality can be just about anything that could make the attempt seem more authentic.

In this case, the hackers have prompted the target to call a number and report unfamiliar transactions in multiple places on the email, even highlighting this call-to-action to make it pop. (Because this is only a portion of the full email, it is only visible once.)

Calling the number will connect the target with hackers, who will attempt to trick the caller into thinking they are from Amazon Support. If the ruse is successful, the hackers will try to get the victim to reveal personal credentials or other information that could be used to further exploit them.

As attacks like this continue to succeed, they will only get more plentiful. While it’s important that all employees know how to spot a phish, with these sorts of attacks becoming more sophisticated every day, this is no longer a reliable first line of defense.

Resources:

August 23, 2021
by

SonicWall Triples Threat Performance, Dramatically Improves TCO with TRIO of New Enterprise Firewalls

With triple the firewall throughput compared to previous SonicWall appliances, new NSa and NSsp models help organizations keep pace with the speeds of their growing networks

SonicWall announced three new high-performance firewall models for enterprises and large organizations — NSa 4700, NSa 6700 and NSsp 13700 — designed to accelerate network throughput, stop advanced cyberattacks like ransomware, and securely connect millions of users. Featuring some of the highest port densities in their class, the new appliances help enterprises keep pace with the speeds of their growing networks — all while drastically reducing total cost of ownership (TCO).

“The growing volume of ransomware attacks has enterprises and government agencies moving quickly to evaluate their mitigation capabilities and strengthen their security postures,” said SonicWall President and CEO Bill Conner. “The recent string of highly publicized cyberattacks has catapulted security to the top of the priority list. We’re there to help by delivering multiple options to cost-effectively protect even the largest environments. With higher port densities and more capacity, the new offerings dramatically disrupt the traditional cost structure as organizations need fewer appliances to secure the same environment.”

New NSa Firewalls Disrupt Cost Expectations by Tripling Throughput, Expanding Port Densities

The new SonicWall NSa 4700 and NSa 6700 next-generation firewalls deliver 18 and 36 Gbps of firewall throughput — three times the previous comparable SonicWall appliances. Both also support critical TLS 1.3 encryption standards.

“When designing large networks, high-bandwidth interfaces are a critical component,” said NW Technology owner Ryan Oord. “SonicWall’s new NSa series provides interface options that fit the different needs of varying and sizable networks.”

The NSa models boast some of the highest port densities in their class; the NSa 6700 even offers both 40G and 25G connectivity, delivering multi-gigabit threat protection for large environments. These higher port densities, coupled with hardware redundancy and high availability, allow distributed enterprises to purchase fewer appliances while supporting more secure connections as their networks grow.

The NSa 4700 and NSa 6700 provide up to 115,000 and 153,000 connections, respectively, per second. They also support up to 2 million or 6 million concurrent DPI connections, and up to 4,000 or 6,000 site-to-site VPN tunnels.

High-Performance NSsp 13700 Firewalls Designed To Protect The Fastest, Most Complex Environments

The new SonicWall NSsp 13700 is an advanced next-generation firewall for high-speed threat protection designed for enterprise-class networks and MSSPs that supports millions of encrypted connections.

The NSsp 13700 next-generation firewall delivers elite speeds for threat prevention throughput (45.5 Gbps), IPS (48 Gbps) and IPsec (29 Gbps), and include scalable hardware architecture with high port density. Like SonicWall’s other new offerings, the NSsp 13700 supports the latest TLS 1.3 encryption standard.

New Capture Labs Portal Delivers Research Tools, Centralized Repository

Information-sharing and collaboration is a critical component of an organization’s defensive posture. SonicWall is consolidating access to threat research and security news through the Capture Labs Portal, a free and centralized repository of research tools available to the public where visitors can track malicious actors and remain up to date with latest zero-day vulnerabilities.

To help expedite remediation, the Capture Labs Portal offers a single repository to look up threat signature, CVE details, IP reputation, and URL reputation, making it effortless to do your threat research from a single interface. SonicWall PSIRT advisories and Capture Labs threat researcher blogs with news regarding the latest vulnerabilities can be easily and quickly found out to take actions in response to emerging threats, attack vectors or vulnerabilities.

Simplify Secure SD-WAN Deployment, Management with New Orchestration and Monitoring Capabilities

Enterprises, service providers, government agencies and MSSPs can efficiently manage large-scale deployments with SonicWall’s cloud-native Network Security Manager (NSM), which delivers a single, easy-to-use cloud interface for streamlined management, analytics and reporting.

With NSM 2.3, network infrastructure teams can quickly troubleshoot and resolve issues as they monitor secure SD-WAN landscapes in real time. Administrators can monitor the health and performance of complete SD-WAN environments to ensure consistent configurations and drive optimal application performance.

SD-WAN environments are now easily organized using SonicWall’s new and intuitive self-guided workflow as well as the use of Templates that allow the provisioning of thousands of remote firewalls efficiently.

Enterprises also can leverage the NSM wizard-based setup process to ensure proper configuration for site-to-site VPN connectivity, and use the monitoring tools to track the connections and ensure optimum performance.

Optimize Productivity with Enhanced Network Visibility, Monitoring and Reporting

Managing employees’ internet utilization and behavior can be a substantial challenge for organizations. SonicWall has enhanced network visibility and reporting capabilities across security devices, users, VPN connections and more.

SonicWall Analytics 3.1 delivers Productivity Reports to provide insights into employees’ internet utilization and behavior. Generated snapshots and drill-down reports can classify users’ web activities into productivity groups such as productive, unproductive, acceptable, unacceptable or custom-defined groups.

Drill-down capabilities enable analysts to easily and quickly pivot and investigate data points of interest at the user level, and establish evidence-backed, policy-controlled measures for risky users and applications as they unfold in the discovery process.

New VPN Reports allow organizations to summarize what company resources are being accessed inside VPN tunnels, how much bandwidth they are consuming and by whom. Network admins can leverage this information for monitoring business-critical applications, controlling or shaping traffic, and planning for capacity growth.

Zero-Trust Security Offering Expanded to Include More Granular Control

SonicWall also introduced Device Posture Check with SonicWall Cloud Edge Secure Access 1.1, and the addition of new Network Traffic Control that enforces access control to the resources based on user groups, IP addresses, ports and network protocols.

August 2, 2021
by

Aruba Accredited Gold Partner in UAE

We are well pleased to announce that Syscom is now on Aruba Gold Partner. We take pride in satisfying the requirements and attaining the following competencies in the HPE Aruba Partner Network program.

Now Syscom has access to Aruba latest trainings and qualifications in order to provide the best scalable solutions to our customers. As a Gold Partner we also have direct access to Aruba’s own engineers and pre-sales advisers so that we’re better able to design and provide you with tailor made solutions at the best possible prices.

We are experts in Aruba Wireless Solutions, Aruba Networking Solutions, and Aruba security surveillance. As a gold partner, now we can take our customers to the next level with the skills, tools, and support needed to expertly deliver solutions for the edge-to-cloud in an as-a-service model. Our comprehensive, cloud-based management portfolio offers simplicity and flexibility.

There are many benefits that you could reap by working with Syscom as Aruba accredited Gold partner, including:
  • Delivering new networking as-a-service solutions
  • Access to engineers with expert knowledge and extensive experience.
  • Solutions that are tailored to your business requirements.
  • Outstanding service and support
  • Solutions that ensure that you are compliant, while lowering your costs and improving your return on investment
  • A more complete security solution that will keep your data and business-critical applications safe.
    Product categories
    Cart
    ×

    Hello!

    Click one of our representatives below to chat on WhatsApp or send us an email to marketing@sysllc.com

    × How can I help you?