Tag: remote workforce

You Asked, We Answered: Firewalls for Remote Employees

By Andrew Harmon

Posted On January 22, 2021

You Asked, We Answered: Firewalls for Remote Employees

remote access remote workforce secure remote access SonicWALL sonicwall firewall tz firewalls tz270

Here at Firewalls.com, we love hearing from you. Just last week, we got a great topic suggestion for a blog post from a reader: an affordable firewall for remote employees that seamlessly interacts with headquarters.

So without further ado, here’s one way you might go about addressing this increasingly common scenario. Check out our first entry in a series we’re calling, “You Asked, We Answered.”

Firewalls for Remote Employees: A SonicWall Setup

Let’s tick off the boxes of the request. First of all, we need to identify a firewall model ideal for fairly heavy use in a remote setting. How about the SonicWall TZ270. One of the newest of SonicWall’s Gen 7 firewalls can handle a power user with multiple devices and still run even the most complex security services.

What are those services? With the Total Secure Advanced Edition bundle, the TZ270 runs:

Gateway Anti-Virus, Intrusion Prevention, Application Control
Content Filtering Service
24×7 Support
Network Visibility
Basic DNS Security
Anti-Spam
Capture ATP (Multi-Engine) Sandboxing
RTDMI Technology
Cloud Management
7 Days Cloud-based Reporting

That’s a pretty lengthy and advanced list that’ll protect your network at home (and thereby at HQ) from the most advanced threats, from email to web-based hazards and everything in between. Around the clock support means even if your remote workers keep a non-traditional schedule, they’ll be able to get in touch with an expert whenever they need to. And those last two bullets may be the biggest key when it comes to communicating with headquarters, but we’ll get to that in a second.

By the Numbers

Before we get to that, let’s not forget performance. The TZ270 has a firewall throughput of 2.0 Gbps, that’s a lot of speed in a small package. Even with just about all those aforementioned services running, the Threat Protection Throughput clocks in at 750 Mbps, supporting connection speeds that exceed what just about any home users have. It also comes with 5 IPSec VPN clients (supporting up to 200) and 1 SSL VPN client (supporting up to 50) for that very necessary secure remote access.

On the hardware side, the TZ270 offers 8 GbE RJ45 ports, plenty to connect a robust home network, and 2 USB 3.0 ports to connect 3G, 4G, and yes, even 5G & LTE modems. And we mentioned small package – this is a compact device that easily tucks onto a desktop, bookshelf, table, or whatever your remote employees may use. The wireless model, the TZ270W, also acts as an access point with the same footprint aside from a couple external antennas.

Connecting with HQ

Back to the other part of the question, connecting your remote workers to the mothership. Whether your main office SonicWall firewall is small or large, remote deployment and management is a breeze. Let’s start with deployment. You won’t need to send IT staff to each remote household to set these TZ270s up. With the SonicExpress app, you can deploy one or several new firewalls with your desired settings remotely.

On top of that, the firewall features auto-provision VPNs, so no on-site configuration necessary there either. Once they’re up and running, your IT pros can manage as many firewalls as your organization has at once. That’s thanks to Network Security Manager 2.0, which offers single-pane-of-glass management, analytics, and reporting with an improved user experience. NSM works for single and multiple firewall scenarios. That means not only can you monitor everything from one place, you can make configuration tweaks that way, too.

Affordability

We can’t forget this last part of the question. As they say money talks and something (I forget what) walks. An appliance only TZ270 retails at $465, with the TZ270W MSRP a hundred bucks more. As we mentioned before, you’ll want services to maximize your firewalls. The recommended 1-year TotalSecure Advanced hardware bundle (including both appliance and advanced service suite) retails at $865.

But a big disclaimer here, if you reach out to a Firewalls.com expert via phone or online chat, you will get a better deal. On top of that, they can walk you through any questions you may have about a remote work setup for your staff. Give them a call at 866-957-2975 or simply pop open the chat window on our site and start typing to get started today.

Cisco Meraki Z Series: Security & Connectivity for Teleworkers

By Andrew Harmon

Posted On September 1, 2020

Cisco Meraki Z Series: Security & Connectivity for Teleworkers

cisco meraki remote access remote workforce secure remote access telework z-series

Meet the Cisco Meraki Z Series

Unless you’ve been living under a rock for 2020, you’ve probably heard about the massive shift to remote work. While that change is well underway, businesses are still playing catch up to get the right solutions in place for their remote workers’ security and performance. Enter Cisco Meraki Z Series Teleworker Gateways.

Telework is literally this appliance’s middle name, so you know you’re looking at a strong answer. The Z Series combines enterprise-level firewall security with a VPN gateway and a wireless router, all in one compact package. They’re purpose-built to securely extend Meraki’s cloud managed networking to the work from home crowd. Let’s take a closer look at what the Z Series offers to improve your remote work days.

Cisco Meraki Z Series Models

The Cisco Meraki Z Series consists of two hardware models, the Z3 Cloud Managed Teleworker Gateway and the Z3C LTE Teleworker Gateway. The models are virtually the same, except the Z3C offers an additional cellular failover option with an integrated CAT 3 LTE Modem. The first entry in the series, the Cisco Meraki Z1, reached end of sale in July of 2018. Now let’s get more into the specific features you can expect from Z Series Teleworker Gateway appliances.

How Many Devices Can the Z3 Support?

The Cisco Meraki Z3 and Z3C are made for remote workers’ home office setups. Therefore, they support a typical power user’s home network, with a recommended max of 5 devices – also known as clients. Devices can mean desktop computers, laptops, printers, phones, and more.

Cisco Meraki Z3 Tech Specs

Physically, the Cisco Meraki Z3 and Z3C share similar footprints, with the Z3C weighing in a quarter pound more and measuring an inch longer thanks to its internal modem. That of course just means the difference between under a pound and slightly over a pound, so if you have a desk (or table, or shelf, or whatever), you’ll find a spot. Otherwise, their features are identical:

4 wired LAN ports – incl. one 802.3af PoE port, ideal for phones
1 GbE WAN port
1 USB 2.0 port (for 3G/4G failover)
Dual-band 802.11ac Wave 2 WiFi, 2×2 MU-MIMO
Stateful firewall throughput: 100 Mbps
VPN throughput: 50 Mbps

Z Series: In Summary

In case reading tech specs isn’t your thing, allow us to elaborate. When it comes to firewalling, the Z Series has you covered with Cisco Meraki firewall security and solid throughput for a home user. This keeps threats from entering the home office environment. Plus, you can separate work and home traffic for added protection. When it comes to wireless, you get a Wave 2 router with support for up to 4 SSIDs (with guest access) and a data rate up to 1.3 Gbps.

When it comes to remote work connectivity, you get Auto VPN. With Meraki’s self-configuring Auto VPN technology, administrators can deploy network services including VoIP & remote endpoints without needing to walk-through the home user. Your home workers get secure, zero-touch site to site connectivity to HQ and all the apps and files therein. And when it comes to management, you get Cisco Meraki’s single-pane-of-glass, cloud-based dashboard. In addition, there are throughput, connectivity monitoring, & email alerts, plus automatic firmware upgrades & security patches.

How to get the Z Series

First, choose between the Cisco Meraki Z3 and the Z3C if you need the added failover assurance of the internal cellular modem. And then, choose your support subscription length. Then, to get all the management, reporting, firmware updates, support, and zero-touch deployment you can handle, choose your enterprise license. Select a subscription length of 1, 3, 5, 7, or 10 years. And remember, all Cisco Meraki appliances require an active license to operate.

What Is SonicWall NetExtender & How Can It Improve Your Remote Workforce?

By Andrew Neita

Posted On August 6, 2020

netextender network security remote workforce sonicwall netextender sonicwall vpn VPN

What Is SonicWall NetExtender

SonicWall NetExtender is an application for Windows, Mac, and Linux that allows a remote user to access applications, files, resources, and more from the base network while being protected by that base network’s security apparatus.

To use it, a remote user will need an active SonicWall VPN license. A VPN, also known as virtual private network, is a secure way of accessing company data from anywhere in the world. SonicWall VPNs work in tandem with NetExtender as a means of routing a remote user’s device, desktop or mobile device, safely to the base network.

How Can SonicWall NetExtender Improve Your Remote Workforce

By offering VPN licenses to a remote workforce, you provide your business & users all the same protection capabilities they’d receive if they were working in the office. When remote employees work through NetExtender, they have the freedom to work at efficient speeds with more direct access to files and apps. On top of that, they get security capabilities only available to users connected to your base network.

Benefits At A Glance

Access secure files from anywhere in the world
Use all the business-critical applications you’re used to
Secure communications
Extend on-premises levels of security to employees working from home
Maintain compliance requirements

How Much Do VPNs With SonicWall NetExtender Cost

SonicWall virtual private network solutions are designed for scalable cost. The solution depends on the number of licenses you’ll need, which VPN protocols you use, and what configuration or support options are included. To learn more about the different types of SonicWall VPN clients that work through NetExtender, check out our comparison between SonicWall SSL VPN & Global VPN.

Looking For A NetExtender VPN Solution?

Configure A Scalable NetExtender Solution

Configuring the right SonicWall VPN solution isn’t the easiest thing to do. Our network security experts are on standby to help guide you through the decision making process. To start your scalable SonicWall VPN solution through NetExtender, call 317-225-4117 or reach out via our secure contact form.

What Is a VPN?

By Andrew Harmon

Posted On April 22, 2020

mobile security remote workforce VPN

VPN: A Closer Look

VPN. If you hadn’t heard these three letters together before March 2020, you’ve surely heard them now. With businesses and their employees the world over exposed to work from home scenarios – many for the first time – any conversation about secure remote access involves the term. So what is a VPN? The very basic definition is – it’s a virtual private network. But that phrase is just begging for further explanation. So gather ‘round – virtually of course – as we unpack VPNs and why they’re so important for telework.

Virtual

The virtual part of VPN means just that – it requires no physical connection. Instead, a virtual tunneling protocol establishes the connection. Gophers would be jealous of the number of these tunnels out there, but of course, they don’t damage any golf courses or yards. The tunneling is achieved by a process known as encapsulation. Basically, while your remote user’s data still does have to travel through the public internet to get to the other side (i.e. your network), the virtual tunnel covers it. That means, it’s private.

Private

So the tunnel itself offers privacy to a degree, but to achieve the full security benefits of a VPN, it must be encrypted. The public internet can see that a tunnel exists, but encryption – either via SSL (secure sockets layer) or IPSec (internet protocol security) prevents anyone from seeing what’s inside. The user and the network the user connects to are the only ones who can decrypt it, with passwords (multifactor authentication recommended) and certificates.

Getting back to the types, while both SSL and IPSec provide the encryption needed to keep that virtual tunnel private, there are a couple key differences. SSL VPN allows secure remote access through a web browser – without requiring specialized client software – making it simple to deploy. Unlike SSL, IPSec VPN functions at the network layer, and it does typically require a separate hardware or software solution. We compared SonicWall’s VPN service offerings (one SSL and one IPSec) in a recent post, and in a handy chart that could offer some assistance as to which is best for your scenario.

Oh and one more note on privacy, when a user connects via VPN, it also obscures the device’s IP address. That means someone trying to track its location will only get the IP address of the network the user is connected to – a feature many non-business users find handy.

Network

So in our quest to answer the question “what is a VPN?” we’ve explored the virtual and private aspects, now let’s examine the network component. Network in this case means a user’s remote device is connected to your organization’s network. Depending on the connection type, they may have access to all of it, or just specified apps, services, and files. Either way, the VPN connection allows users access to what they need to get work done – all while protected by your existing network security. A VPN in essence extends your network’s reach to wherever your employees need to access it. And in the age of the teleworker, this secure remote access is a must.

Is your VPN connection a little slow?

Check out our video for some tips on how to speed up your VPN connection:

For more talk about all things network security, take a listen to our Ping Podcast, available wherever you listen. And for all your cybersecurity research needs in one place, visit our Knowledge Hub.

5 Things to Consider to Secure Your Telework Employees

By Andrew Harmon

Posted On March 20, 2020

5 Things to Consider to Secure Your Telework Employees

cybersecurity endpoints remote access remote workforce secure remote access telework

Telework Cybersecurity

With the rapidly evolving circumstances surrounding the COVID-19 pandemic, workplaces around the world have been faced with a difficult challenge – quickly deploying a remote workforce. While some have been prepared for telework all along, others are scrambling to ensure employees can access their networks quickly, without compromising security. The unfortunate truth of our current situation is that while many are banding together to protect those most vulnerable to the coronavirus, there are those who see this more scattered user-base as a golden opportunity for cyber attack.

It’s important to remember that just because you’re not in the office, it doesn’t mean hackers are taking a holiday. In fact, remote work is their bread and butter. And they stand at the ready to exploit the vulnerabilities teleworking can bring.

With that in mind, what can you do to plug those holes? How do you keep both your network and your work-from-homers secure? Here are 5 things to consider…

1 – It Starts With a Policy

Both you and your staff benefit from knowing what to expect from remote work. Putting a telework policy in writing and ensuring everyone in your organization is aware of it is an important step for consistency and therefore security. Hopefully you already had one, but if not, it still pays to put one together and make it clear to all employees.

What should it include? Acceptable use, personal vs company devices, personal vs company accounts, how to connect, whether public wi-fi is allowed, etc. A couple of statistics should reinforce the need for a strong telework policy: nearly half of employees say they transfer files between work and personal computers; almost 15% say they can’t connect to their work network from home, and more than three quarters say they don’t take privacy measures when teleworking in a public setting.

2 – Protect Your Endpoints

Each device an employee uses to access your data is an added security risk. Remote laptops, tablets, smartphones, etc. are not constantly protected by your firewall. But you need to ensure they have a level of protection against malware, email scams, and other data breaches, so attackers can’t use them as a tunnel back into your network. That’s why a strong endpoint security solution is vital for all your telework users. The best options also provide added visibility into their status for admins. Protecting each device individually makes protecting your network as a whole much easier.

3 – Build a Tunnel

To work from home effectively, your employees need to have use of all the apps and files they normally have at the office. How do you facilitate that quickly and securely? You need to offer virtual private network – better known as VPN – access.

A VPN sets up a secure tunnel between your telework employees and your network, protecting their and your data from any spying or prying eyes. This encrypted tunnel (using either IPSec or SSL) can even help when employees use public networks. In case you missed it, we outlined SonicWall’s VPN options in a recent post.

4 – Make Sure Passwords Have a Passing Grade

An all too common problem with an all too easy solution in the cybersecurity world is weak passwords. Ensure your telework employees (and everything on your network) uses strong passwords of length, with numeric and special characters, and phrases if supported. This keeps brute force attacks at bay, which typically just fire thousands of common words at a login screen until one works.

And take it a step further with multi-factor authentication. For employees to access your network remotely, require an additional step, such as an authentication code texted or emailed to provide added security. Some types of multi-factor authentication even include options like geotracking.

5 – Training Is Vital

You’ve likely already heard that the most common reason for a breach is human error. Whether it’s in the form of a misconfiguration or because an employee clicked a malicious link, the human element puts your network at risk. And just as cybersecurity training is vital in the office, it’s extremely important for telework.

So safety using the aforementioned public wi-fi should come up, as well as reminders about what to look for in social engineering scams. Online attackers’ new favorite? Coronavirus-related malware in the form of emails, and even phony maps to steal personal data from anyone who visits to try and keep up with the virus’ spread.

You’ll also want to be sure your work-from-homers are sticking to VPN-only when it comes to work files. Too often, the easy way may be to send sensitive data as an unencrypted email attachment, but that risks exposing it to bad actors. Teach them to keep it encrypted, even if it takes a little bit longer. And even though social distancing may keep you from conducting this training in person, there are plenty of videoconferencing options to help.

4 questions SMBs should ask about SonicWall VPN

By Andrew Harmon

Posted On March 19, 2020

4 questions SMBs should ask about SonicWall VPN

firewalls remote workforce SonicWALL VPN

Small business owners rushing to get their hands on a SonicWall VPN for their remote workers have a lot of questions. We have a lot of answers. Below are the four questions that business owners and network administrators should be able to answer before they buy a SonicWall VPN solution and get their employees working from home.

1. SSL VPN or Global VPN Client?

If you’re shopping for a SonicWall VPN, your first question is probably: what kinds of SonicWall VPN solutions are there? SonicWall offers both SSL VPN and Global VPN Clients. You can take a closer look on our SonicWall VPN comparison page, but here are a few key differences:

Global VPN Clients are best used in Windows-only environments
SSL VPN is better suited to mixed-use environments where employees use many device types
Global VPN Clients can be a bit harder and more costly to install, especially for smaller businesses
SSL VPN is delivered in a client that won’t eat up a lot of resources
Price-wise, both SonicWall VPN options are about the same
Global VPN Clients use IPSec to connect hosts to entire private networks
SSL VPNs connect users to specific services & apps inside secure networks

2. How many SonicWall VPNs does my firewall support?

Did you know that all SonicWall TZ and NSa firewalls include at least one SSL VPN or Global VPN license? However, each firewall model has a maximum capacity of clients that it can connect to and protect. After this threshold, service becomes spotty, slow, and unsecure!

In most cases, a firewall can support more Global VPN licenses than it can SSL VPN licenses. However, small business owners may lean towards SSL VPN because TZ firewalls actually support far more SSL VPNs than they do IPSec clients.

SonicWall SOHO 250 – supports 5 Global VPN Clients & 25 SSL VPN licenses
SonicWall TZ 300 – supports 10 Global VPN Clients & 50 SSL VPN licenses
SonicWall TZ 350 – supports 10 Global VPN Clients & 75 SSL VPN licenses
SonicWall TZ 400 – supports 25 Global VPN Clients & 100 SSL VPN licenses
SonicWall TZ 500 – supports 25 Global VPN Clients & 150 SSL VPN licenses
SonicWall TZ 600 – supports 25 Global VPN Clients & 200 SSL VPN licenses

3. How do I increase performance for remote workers?

SSL VPN licenses require a lot of performance to process all of the secure data they transfer and inspect. Setting up a dedicated Secure Mobile Access appliance such as a SonicWall SMA 210 or SonicWall SMA 410 remote access appliance can greatly improve speed, uptime, and stability for your employees working from home, lessening the burden on your firewall.

The Firewalls.com Remote Worker Bundle combines Secure Mobile Access appliances, SonicWall VPN licensing, and our expert professional configuration services in a comprehensive package to get your workers setup at home fast. The bundle includes a SonicWall SMA 210 or 410 appliance with a 5 user license, expert setup assistance, and a free configuration to make the transition seamless.

4. How do I provide extra protection for remote workers?

Just because your employees are working from their couch doesn’t mean your security can slouch. The fact is, hackers always find a way to exploit the hottest news in the world to their benefit. Expect attackers to target home users with spearphishing, social engineering, encrypted malware, and more. Now is the time to ensure your mobile workers are locked down with advanced network security solutions like SonicWall’s Capture Advanced Threat Protection for SMA, extending the same great cloud-based multi-engine sandboxing protection to your secure access infrastructure that networks worldwide enjoy through a high-end firewall.

Remote Worker Bundle options make working from home fast & secure

By Andrew Harmon

Posted On March 5, 2020

Remote Worker Bundle options make working from home fast & secure

remote workforce sma SonicWALL

Small businesses are rushing to get their employees working from home. The popularity of virtual conferences and webinars has skyrocketed in response to the threat of coronavirus, influenza, daycare emergencies, potholes, perilous traffic, and political ads on the morning commute. If you’re looking to keep your workforce out of harm’s way, our new Remote Worker Bundle comes with everything you need to maintain network security while employees work from home. Establish fast, safe remote access with a SonicWall SMA 210 or SonicWall SMA 410 expertly configured for your unique network demands, then pair it with 24×7 Support to make the experience flawless for remote employees.

Security risks posed by working from home represent just one problem surrounding secure remote access. Ensuring that the home experience is simple and seamless is integral to maintaining productivity. In addition, small businesses struggle with issues of flexibility, compatibility, and scalability. The Remote Worker Bundle tackles these issues with affordable add-on options for technical support and further concurrent user licensing.

Benefits of the Remote Worker Bundle

When workers come into the office sick, they risk spreading illnesses to the whole staff, but self-quarantining at home doesn’t mean the work has to stop! Our Remote Worker Bundle includes all the fundamental pieces organizations need to set up basic work-from-home security for their employees. Projects never need to be put on pause when remote workers are able to work with all of the company resources and apps they’re used to at their workstation. This bundle is also ideal for any company with a high volume of business travel.

Flexible, scalable remote access for all

SonicWall SMA appliances are compatible with any firewall brand or model you may already be using. Remote workers will be able to access any company printers, applications, files, or cloud resources from the comfort of their home while their session sits behind the same company firewall that protects their data in the workplace! SonicWall’s SMA 210 and SMA 410 appliances are compatible with any cable or DSL connection from any Internet service provider, meaning whatever Internet provider your workers already have at home will work.

Need to add more users? The SMA 210 can support up to 50 users with concurrent licensing and the SMA 410 can protect up to 250 remote workers at once. The best part? Because these stackable user licenses are perpetual, you’ll only ever pay for each user one time–no need for renewals.

Remote worker bundle: configuration included

Ready to wash your hands of remote security risks? To provide secure network access for employees working from home, optimization of remote access appliances and services is critical. The Remote Worker Bundle includes our proprietary remote access configuration service, in which our team of network engineers expertly configure profiles and access groups via SSL or IPSec settings. Additional access control optimization is also incorporated to help further safeguard your data.

All configuration work is completed by our manufacturer-certified network architects at the Firewalls.com Security Operations Center (SOC) in Indianapolis. You’ll even get post-deployment support from the same team of engineers that configured your appliance.

Security best practices when working from home

Bolster your password hygiene – Remote workers carry additional risks to company data. Ensuring that users rely on strong, complex, and lengthy passwords guarantees that your data stays safe even in the case of a lost or stolen device.

Make sure end user protection is up to par – Any device operating on the company network should be properly protected by strong anti-virus capabilities such as SonicWall Capture Client, web filtering, encryption, anti-spam, and malware protection. Mobile workers should enjoy the same air-tight security when roaming as they would at their desk.

Avoid public Wi-Fi – As we covered in Episode 14 of our podcast, public wireless networks can be a breeding ground for wireless threats. Advanced threats like evil-twin attacks, rogue access points, ad-hoc networks, and client misassociation can wreak havoc on BYOD users. In a world with growing open wireless networks, Wi-Fi attacks using Emotet malware infected systems are able to not only steal personal information but also spread malware by laterally scanning public wireless networks.

Email security & encryption – The inbox represents one of the biggest attack vectors for users of all kinds, but remote workers are especially at risk. Email applications are the most popular form of remote work as employees peer at their inbox several times throughout the day. Encryption, anti-spam, and email sandboxing services such as Capture ATP for SMA are all great ways to keep the team safe, whether home or away.

BYOD & Remote Access: Staying secure in the era of mobile workers

By Andrew Harmon

Posted On September 5, 2017

BYOD & Remote Access: Staying secure in the era of mobile workers

encryption remote access remote workforce secure remote access sma SRA VPN

As Bring Your Own Device (BYOD) and Remote Access policies ramp up, so too does the mad dash to secure these new endpoints. Gartner predicted that by 2017, half of employers will require employees to supply their own device for work purposes. With so many fresh attack surfaces, employers scramble to assemble additional security layers that prevent data leakage and intrusions. The nature of BYOD proves challenging as devices in the wild show volatility without proper VPN and next-gen firewalls to lock down security.

Our solutions

Secure Mobile Access – Powerful, cost-effective secure mobile and remote access means that your users have access to applications wherever they’re working, so they stay productive and your company stays competitive.

SonicWall VPN – Ensure secure access to crucial applications for Android & iOS mobile devices using SSL and policy-based enforcement.

Next-Generation Firewalls – Next-Gen Firewalls provide you the power to execute cutting-edge security without your performance withering away.

Secure Remote Access – SonicWall Secure Remote Access solutions provide users with easy-to-use, secure, and clientless remote access to necessary resources on the corporate network.

Aventail SRA Connect Mobile – SonicWALL Aventail with Connect Mobile provides robust remote access solutions for smart phone users, with “in-office” access optimized for the device.

Trouble setting things up?

Firewalls.com provides a video library chock full of helpful how-to’s and troubleshooting guides. One of our certified engineers will provide the answers you crave to set up your remote access VPNs.

Segment your users into Local Users & Groups

Use NetExtender to set up an SSL VPN

Firewalls.com is a value-added reseller of firewall appliances & a vendor of managed security and Firewall-as-a-Service support. Whether you’re looking to add an appliance to your security set-up or expand BYOD and remote access security, we provide solutions that get you secure and keep you secure. Contact our sales staff to answer questions you may have about your network, next-gen firewalls, or BYOD!