Sonicwall; a next-generation network firewall we have trusted with our clients networks and our own for years because of its effectiveness as a firewall, anti-spam and advanced content management filter; has just announced a game changing advancement to their technology.
To protect customers against the increasing dangers of zero-day threats and advanced malware, SonicWall has developed a cloud-based service that is available with SonicWall firewalls.
The Capture Advanced Threat Protection Service uses cloud computing and machine learning to stop potential malware and ransomware before it reaches your network. When it detects a potentially harmful file attempting to enter your network, it quarantines it and sends the file to the Sonicwall Capture Cloud for deep inspection in real-time.
What this means is that Sonicwall and its partner SentinelOne, do the heavy lifting that would otherwise be done in your network.
Testing potentially malicious files in a cloud sandbox is not a new technique. However what is new is how their system uses machine learning to detect previously unknown malware strains and to force sophisticated malware to show its true intentions, which otherwise would have remained dormant until it reaches its target. Below is a diagram of how it works to protect your network.
Modern malware writers have developed techniques to fool antivirus and firewall into seeing the malware as a harmless file. Some of these techniques include using custom encryption so that it cannot be read, or lying dormant until it can make a connection to the attackers server, which then downloads the rest of the attack payload onto the victim’s machine.
As more malware is developed using these techniques, it gets harder for most antivirus and firewalls to detect. This is why it’s important to make the best choice when choosing an antivirus and firewall for your business, and to make sure it is always kept up-to-date.
We have recommended Sonicwall to our clients for many years because of their company’s track record for keeping up on the latest threats, and the low impact on network performance and the simplicity of installation and management that their product provides.