Tag: next-gen firewalls

Try Synchronized Security for Free & Never Miss a Hidden Threat

What is Synchronized Security?

Synchronized Security is a system designed by Sophos to address a glaring shortcoming in most cybersecurity environments: lack of coordination. Security companies tend to focus on developing individual products to address specific points of attack, often ignoring the bigger picture of holistic network security. These old-school approaches to cybersecurity are complex, short-sighted, and composed of several disparate moving parts. As organizations adopt more and more security solutions, they slowly build their own InfoSec-version of Frankenstein’s monster. For those of you who haven’t read the famous tale, it doesn’t turn out that well.

What Does Synchronized Security Include?

Synchronized Security allows the individual aspects of your security setup to communicate in real time and make decisions based on complete context. Here’s a closer look at some of the handy features that make up Synchronized Security:

Sophos Security Heartbeat – A secure communication link that allows Sophos products to communicate and share information about your network health. In mere seconds, the Security Heartbeat can detect, judge, and respond to incidents on your network; a process which once took hours to complete while your network was left in limbo.

Synchronized App Control – Providing instant insights into unidentified software, Synchronized App Control grants the level of detailed oversight that administrators crave. This includes the ability to map unknown applications, organize them into categories, and prioritize bandwidth for mission-critical processes. Watch this Sophos video on Synchronized App Control to learn more.

Sophos Central – A security platform through which network administrators can manage all Sophos products and protections on one screen. This smooth, intuitive dashboard comes with convenient “traffic signal” indicators that instantly identify the status of your security: green is good, yellow is cautionary, and red means an issue needs your attention.

Automated Incident Response – Incident response used to take hours, days, or even weeks. Sophos transformed this process into a sub-minute affair with Automated Incident Response. Information is shared across your security system to make instantaneous decisions about suspicious activity. Infected endpoints are isolated before threats can spread, shutting down both east/west and vertical movement.

Add Synchronized Security to Any Existing Network

By now you may be thinking “This sounds great, but I already have an established network with a different brand of firewall.” You’re in luck! Synchronized Security can be bolted onto your existing network, expanding and improving your current security capabilities. All you need to enable Synchronized Security is an XG Firewall installed on your network. This can be deployed in two configurations: as an Inline appliance in bridge mode or in Discover mode (TAP mode) through a mirror port. Either method can be done in just a few minutes with Sophos’ step-by-step deployment wizard.

inline or TAP mode allows you to add Sophos Synchronized Security to any existing network

Inline vs Discover Mode

Discover Mode

A Discover Mode deployment is the least intrusive method, offering a risk-free way to increase visibility of unknown applications. By connecting an XG Firewall to a mirror port on a network switch, you start receiving valuable insight immediately. Though you will be unable to add more advanced Sophos security controls in Discover Mode (like sandboxing & web server protection), these insights position you for a greater understanding of your true network traffic.

Inline Mode

An inline deployment sheds even brighter light on your network, serving up unparalleled application visibility. By deploying an XG Firewall “behind” your current appliance, you gain Security Heartbeat, Synchronized App Control, & Automated Incident Response. The flexibility offered by fail-open bypass ports enable deployment of an XG Firewall in bridge mode, allowing traffic to flow without disruption even if the appliance needs to be shut down or rebooted.

What’s In It For Me?

  • Fewer unknown threats hiding on your network.
  • Automated Incident Response to isolate infections before they spread.
  • Effortless endpoint health monitoring with Security Heartbeat.
  • Plus, you can try it out risk-free for 30 days.

Sophos will ship you an XG Firewall to test out for free, letting you explore Synchronized Security for yourself. Not impressed? Just ship it back.


Cents & Extensibility: Affordability, scalability, & SonicWall TZ300 as the Jane Austen of Network Security

The Jane Austen of Network Security? What on Earth does that even mean?

Well, the similarities are there:

  • You’ve probably heard of it. In fact, it may be the first example that pops into your head when the subject is brought up.
  • Someone you know probably has one, and they highly recommend it.
  • Competitors are jonesing for a similar success story of their own.
  • It’s been around for years and isn’t leaving anytime soon.
  • Its popularity is based on the fact that the product is, in fact, really damn good.
  • You can pick it up on the cheap (hence the cents) instead of dishing out big bucks on a hyped-up new release that you’re not sure you’ll even like.

Just as Jane Austen is an indisputable bestseller that can be trusted to fly off store shelves at a regular clip, the SonicWall TZ300 is one of the most popular next-generation firewalls sold across the web. These appliances are in high demand and this week we intend to parse out precisely why the second smallest of the SonicWall TZ series, the TZ300, is a timeless classic.

Some Quick Stats

Max speed: 1.3 Gbps

Interfaces: 7 x GbE, 1 USB, 1 Console

Optional Interfaces: 100+ add-on ports with X-Series network switches

Security Processors: 2 x 800 MHz

VLAN Interfaces: 25

Appliance-Only Price: $484.00

Deciphering the buzzwords

Enterprise-Grade Protection

The TZ300 is designed to provide the Maserati of network protection at the price-point of a Mazda. In short, the TZ300 is the Mazda Miata of firewalls. With the TZ Series, SonicWall committed to making cyber security bells-and-whistles accessible even to the small business owner who may not have the budget squirreled away for the info sec equivalent of a supercar.

The TZ Series utilizes the same code base and many of the same features as the SonicWall SuperMassive series, a series designed to provide security suitable for multinational corporations, hospital campuses, and far-flung remote databases. Not only does this mean that your network administrator will be treading familiar waters if they have previous experience with these bigger, badder SuperMassives, but it also means you can rest assured knowing you have access to some of the same tools, interfaces, and resources that cash-flush networking giants use.

Next-Generation Firewall

Firewalls have gotten clever. The firewalls of yesteryear amounted to not much more than a lightly-guarded gateway between your network and the outside world. However, the next generation of firewalls saw the rise of new, smarter features designed to up the work load on a firewall’s list of chores.

  • SonicWall’s Reassembly Free Deep Packet Inspection (RFDPI) ensures that both inbound and outbound traffic is scanned and validated before passing through your perimeter.
  • Intrusion Prevention Systems (IPS) actively work to keep network raiders at bay.
  • Multiple security processors are constantly comparing data packets in your network environment to archives of threat signatures updated in real time.

Next-generation is a designation given to firewalls that act as more than just a slack-jawed bouncer standing in the doorway. Instead, the TZ300 is an active, efficient sentry prowling your perimeter.


The TZ Series was built to work with your system, not in spite of it. A TZ300 added to an existing network can be easily monitored and managed remotely through SonicWall’s Global Management System (GMS). In addition, the sheer ease of setting up secure remote access through VPN tunnels qualifies the TZ300 as a fine contender when expanding networks to accommodate remote users.

The SonicWall TZ300 is scalable because it possesses the versatility required to fill many roles. When the needs of your organization evolve, you can trust the TZ300 to evolve with you.

Sandboxes & Signatures

Perhaps one of the most exciting aspects of the TZ300 is its compatitibility with SonicWall’s Capture Advanced Threat Protection (ATP). We wrote about Capture ATP in a previous blog post, so be sure to slide on over to that article for further details.

Capture ATP is a best-in-class sandbox client included in an Advanced Gateway Security Suite. With cloud-based signature scanning and three separate processing engines to triple-check against known threats, Capture ATP is the gold standard in network fortress-building. Most importantly, it catches zero-day threats like ransomware at the gateway and quarantines the malicious data until you decide its fate. With Capture ATP and a SonicWall TZ300, you’ll leave the next Petya or Wannacry stranded in limbo while your network carries on, uninterrupted.

Start your next chapter

It’s powerful. It’s affordable. It does everything you’re looking for, plus a little more. And that’s just a few of the reasons why the SonicWall TZ300 has secured its title as a best-seller. 1.3 gigs of throughput? Comprehensive security features? A sub-$500 price tag? Much like your favorite book, the TZ300 is a classic that you will keep coming back to time and time again.


for a story you know will end happily ever after.

Best Small Business Firewall: A look at the top contenders for best SMB firewalls

Best Small Business Firewall, a coveted title that manufacturers are gunning to claim and users are clamoring to find the answer to. Understandably, we all want to make sure we’re getting the best of the best when it comes time to whip out the corporate card. However, this question is not as black-and-white as it is appears. Many factors play into determining the quality of a firewall and, when it comes to small businesses especially, the answer is often more dependent on the needs of the business than the hard specs of the appliance. Recently we posted a handy guide to help you choose the best small business firewall, but searchers want more specific answers.

If you came here looking for the be-all, end-all answer, the cyber security mic drop, or even a top 10 list, you won’t find it here. And chances are, if you find it somewhere else, they’re just trying to sell you something.

“Wait, isn’t Firewalls.com trying to sell me something?”


Peace of mind.

But no, seriously, we have some insight to share here.

So in the interest of conflict of interest, today’s post will showcase three of the best-selling and most sought-after small business firewalls. Is any one of them the best small business firewall? Hard to say. But we can guarantee that these three appliances are popular, get great reviews, and are repeatedly merited as the most cost-effective, comprehensive solutions to common network security issues.

* * *

sonicwall tz400 firewall is great smb small business firewall with secure remote access and vpn tunnels

SonicWall TZ400

Greatest Strength: The TZ400 is a great option for small to medium-sized businesses that require secure remote access between multiple offices. Site-to-site VPN tunnels can accommodate 20 users per connection and perform well with Intrusion Prevention Systems (IPS), SSL, and SonicWall’s patented Reassembly-Free Deep Packet Inspection (RFDPI).

Perfect For: The small business that needs to operate at higher-than-average speeds, especially over long distances.

Recommended Users: 25-35 Users

Maximum Throughput: 1.3 Gbps

Form Factor: Desktop

Price: Appliance-Only MSRP: $945.00; Firewalls.com price: $709.00 

Learn more about the SonicWall TZ400

* * *

sophos xg 105 firewall provides throughput that outweighs its cost

Sophos XG105

Greatest Strength: Looking for on-box reporting and high speeds? The price-to-performance ratio for this XG105 is astounding. Able to accommodate up to 20 users and reach speeds of 3 Gigabytes per second, the XG105 also delights with its modest price point.

Perfect For: Businesses looking to expand a network to match their growing performance needs. The XG105 is an extremely cost-effective way to turn your average office into a robust, high-speed network.

Recommended Users: 10-20 Users

Maximum Throughput: 3 Gbps

Price: Appliance-Only MSRP: $440.00; Firewalls.com price: $396.00

Learn more about the Sophos XG105

* * *

watchguard firebox t50 with dimension is great for cyber security reporting tools and ease of use

WatchGuard T50

Greatest Strength: The WatchGuard T-series is easy to use for beginners but has the depth of reporting that veteran sys admins crave. WatchGuard excels at visualizing data and makes actively monitoring your network a breeze. WatchGuard Dimension is out here winning awards as a reporting tool!

Perfect For: System administrators and network architects that like to take a hands-on approach to cyber security. We don’t get to say this in the info sec industry often, but you’ll have a lot of fun with this hardware.

Recommended Users: 10 – 25 Users

Maximum Throughput: 1.2 Gpbs

Form Factor: Rack Mount

Price: Appliance-Only MSRP: $2,000.00, Firewalls.com price: $1,520.00

Learn more about the WatchGuard T50

* * *

So, what is the best small business firewall? The debate rages on.

What is the best firewall for your small business? That answer is a bit easier to parse out. Firewalls.com can work with you to ensure that you choose the best appliance to fit the unique needs and demands of your small business. You worked your fingers to the bone building an organization, a brand, and a network that is solely, undeniably yours. You deserve a solution that is solely, undeniably yours.

POS Breach: How firewalls & PCI compliance keep your customers safe

The POS breach. They’re the bogeyman on the mind of every consumer when they swipe their card at the check-out counter: POS, or Point of Sale, breaches. With famous examples such as the Target breach of 2013, in which 2000 retail stores lost sensitive financial data for their customers, it is no wonder that the menace of cyber thievery through the conduits of transaction systems are legitimate concerns. To understand why this type of attack is a real threat, it’s important to first understand how and why it keeps happening.

The Objective:

In most every case of a POS breach, the attacker’s goal is to make off with the sixteen digits printed on the front of your credit card. Credit card data goes for big bucks on the cyber black market, so stealing credit card credentials will always be a worthwhile endeavor for cyber criminals. For the last several years, credit and debit transactions have taken the number one spot as the most common form of payment in the United States. With a majority of transactions taking place through plastic, the Point of Sale device has a big target on its chassis.

The Marks:

Cyber criminals aren’t exactly picky about whose data they’ve stolen. Instead, their game is focused on quantity. Therefore when it comes to a POS breach, attackers are only looking for a few factors to designate a quality target: ease of the breach, number of potential victims, and business functions reliant on Point of Sale systems. Certain types of industries are on the chopping block. Usually, those industries include restaurants, hotels, grocery stores, gas stations, and department stores. Perimeter security in these kinds of businesses are often lax and a high volume of credit card transactions means that attackers have a better chance of snagging something.

The Method:

Most POS systems run on a Windows system. This means that POS systems are susceptible to the same vulnerabilities as a Windows-based computer. Upon swipe, a POS stores credit card data, unencrypts that data in order to process the transaction, then stores the transaction data to later be rolled up to corporate for audit. In the case of POS breaches, cyber criminals are focused on inserting themselves between the unencrypting process and the transaction archives.

You may be wondering how malware is delivered to a POS system. Are criminals swiping malware-laced credit cards at the register? Or hacking into the wires out back? No. Unfortunately, the same means and methodology of the everyday hacker work just fine for a POS breach: phishing emails, weak passwords, and cyber security oversights.

In most cases, breachers target the computers connected to the POS machine to gain access. Employees use these machines not only for transactions, but also use these machines to check email, run other Web-facing applications, or just to surf the web when the boss isn’t looking.

Social engineering and a lack of basic security culture can easily turn a computer used as a cash register 95% of the time into a fruitful honeypot for hackers.

The Cure:

PCI Compliance is a 12-step checklist to ensure that your business is safely handling payment cards. Nearly half of the dozen requirements can be accomplished by use of a properly configured and up-to-date firewall device. If your firmware is kept current and your appliance has been configured in a way which leaves no vulnerabilities and blindspots in the network, you should be golden. Further, regularly discussing cyber security and email safety with employees should be a no-brainer.

Curious about keeping your organization PCI Compliant?


5 Ways WatchGuard SpamBlocker Guarantees a Safe, Clean, Productive Inbox

SpamBlocker by WatchGuard is a powerful real-time detection system designed to provide immediate, comprehensive protection from spam outbreaks. As spam accounts for up to 95% of global email traffic, it can be difficult for applications to distinguish between spam and legitimate communications. SpamBlocker takes the guesswork out of suspicious or unwanted emails.

Spam email is still the number one avenue through which cyber criminals send malicious files and viruses. Spam also accounts for a large share of network traffic lag, cutting into your organization’s productivity.

SpamBlocker subscriptions can be added to your WatchGuard XTM or Firebox security setup.

Flexible administrator control

Bulk mail can cause network speeds to plummet, but SpamBlocker administrative controls allow you to choose which users or user groups can access bulk folders. Admins also have powerful tools such as whitelist and blacklist capabilities at their fingertips. Compatible with both SMTP and POP3 protocols.

Spam quarantine

Spam, bulk mail, and suspicious emails will wait for you in fully-functional, secure quarantine until you have the time to review them further. Quarantines have granular control, allowing you the flexibility to customize to your unique needs.

Optimized for better network performance

Since a majority of data processing takes place outside your gateway, you can count on WatchGuard SpamBlocker to run on minimal bandwidth and CPU power. Don’t settle for a blocky, resource-heavy solution. After all, one reason you’re blocking spam in the first place is to maintain throughput performance!

Intuitive management

Even novice network administrators will be able to deploy and manage your spam blocker thanks to an intuitive, easy-to-learn interface. Don’t give yourself a headache trying to get rid of another headache. WatchGuard SpamBlocker is a pleasure to use.

Cost-effective solution

Since SpamBlocker is priced per appliance, a single SpamBlocker subscription is enough to guard your network and all of the users configured behind your WatchGuard XTM or Firebox.

SpamBlocker is just one of many powerful and comprehensive endpoint tools available for next-generation firewalls. WatchGuard appliances are famous for their ability to operate at breakneck performance speeds even with a full load of add-ons and features enabled. WatchGuard Extensible Threat Management (XTM) can provide dynamic solutions on your network.