Tag: SonicWALL

SonicOS 7.0: 7.0 Reasons Why This SonicWall OS Rocks

What Is SonicOS 7.0

SonicOS 7.0 is the latest and greatest version of SonicWall’s firewall operating system. Debuting in August 2020, 7.0 runs the show for TZ, NSa, and NSsp physical firewalls, plus NSv virtual firewalls. Its release coincided with the additions of the TZ570 and TZ670 to SonicWall’s firewall lineup. And SonicOS 7.0 is ready to handle the boundless cybersecurity challenges of today and tomorrow.

The operating system is chock full of new features to extend networking beyond the perimeter for remote work and branch offices. That means greater visibility, control, and ease of management for all your needs. In honor of its version number, let’s walk through 7.0 reasons why this new OS enhances your network security setup.

1. All New User Experience

One of the most noticeable differences between SonicOS 7.0 and its predecessors stares you right in the face. It features a built from the ground up user interface and experience. And that all new build was designed with user-friendliness in mind. That means a new, improved single-pane-of-glass view of your network, so you won’t need a seven & seven after you dive in. Instead, you get a highly intuitive interface that won’t take days of training to learn. Combine that with intuitive device dashboards and redesigned topologies, and being on top of your network is easier than ever. Plus, enjoy zero-touch deployment with the SonicExpress App and auto-provision VPN, so you won’t need to travel to each site to get your new devices setup.

2. Simplified Management

This goes hand in hand with the user experience of SonicOS 7.0. What it means is, creating firewall policies and managing them won’t give you headaches. How you may ask? The new OS features rule visualization with insight into the type of traffic the rule is for, what it does, and what traffic it affects. On top of that, you can inline edit rules. In the past, adding, removing or changing rules could lead to misconfigurations, potentially exposing  your network to attack. But new features like visibility in custom rules and hit counts, shadow rule detection, and rule optimization help you all but eliminate them.

3. Stop More Encrypted Threats

You’ve likely heard that encrypted threats have become more and more of a problem lately. What are they? Put simply, they are malware & other threats that hide themselves in encrypted traffic, camouflaging them from many security solutions. And they’re not going anywhere. SonicWall’s Mid-Year Update to its 2020 Cyber Threat Report says there have been 1.7 million of those documented so far this year.

SonicOS 7.0 arms you to stop them. The advanced protection you get features TLS (Transport Layer Security) 1.3 decryption – which spots those camo’d threats & blocks them from stopping you. The best part? This inspection doesn’t sacrifice your network’s performance, often a tradeoff with added layers of security. The advanced protection is on top of the already robust TLS/SSL decryption and inspection – as well as deep packet inspection of SSH – SonicWall already offers with its firewalls.

4. Clear and Present Visibility

The latest SonicWall operating system also features the latest – and most comprehensive – view into your network. We mentioned those device dashboards and redesigned topologies earlier. To dive deeper, it means a detailed view of your firewall and the endpoints behind it. That includes including dashboards that detail the traffic passing through your firewalls, who’s responsible for it, and any threats that traffic contains. The latest SonicOS Notification Center shows you actionable alerts to help you take immediate action on any firewall-related events. On top of that, a new Capture Threat Assessment Report offers executive-level, summarized insights into traffic, risky applications, and a variety of malware & other threats. With more business leaders focusing on cybersecurity than ever before, a simple, high-level snapshot of your network is vital.

5. Integrations Made Easy

Your network may not stick to one brand – or type of – solution, but you want them all to work together. SonicOS 7.0 makes that easy, with new Rest APIs (or application programming interfaces for the uninitiated). These Rest APIs in essence allow your SonicWall solutions to talk to other software. The others in this case include hybrid policy orchestrators and lots of acronyms:

  • SIEM (security information & event management)
  • RMM (remote monitoring & management)
  • NAC (network access control)
  • SOAR (security orchestration, automation, & response)
  • And more!

6. Remote Work Ready

In this time of the widespread workforce, ensuring secure, reliable, & fast remote access is a must. SonicOS 7.0 helps you step up to that challenge with optimization for high-speed VPN (virtual private networking). High-performance IPSec VPN allows the firewall to act as a VPN concentrator for thousands of other sites, from branch offices to home offices. And for an even simpler remote access option, clientless SSL VPN technology or easily manageable IPSec VPN clients give your teleworkers secure access to files, email, intranet sites, & any network apps they need. On top of that, route-based VPN allows you to seamlessly reroute VPN traffic between endpoints through alternate routes to ensure continuous uptime in case of a tunnel failure.

7. The Company It Keeps

Aesop once said “A man is known by the company he keeps.” To judge SonicOS 7.0 by that measure, it keeps pretty good company. As mentioned earlier, SonicOS 7.0 runs the new TZ570 and TZ670 firewalls. What’s so special about them? They’re the first desktop devices to offer multi-gigabit malware and ransomware protection, with the TZ570 boasting 5GbE, and the TZ670 10GbE interfaces for added high-speed connectivity. In addition, SonicOS 7.0 plays nice with Network Security Manager (NSM) 2.0. NSM 2.0 is a multi-tenant firewall manager that brings admin functions together in one place. Where do you go to get started? As we always say, it starts with the firewall…



SonicWall Network Security Manager: Firewall management on steroids

SonicWall Network Security Manager

Small businesses, branch offices, and nationwide distributed enterprises are facing a common enemy: human error. Misconfigured firewalls can be attributed to 99% of network breaches. Enter SonicWall Network Security Manager – a centralized management service that minimizes human touchpoints wherever possible.

The ability to deploy network changes en masse across your network—no matter how big it may be—is a critical component of doing business in 2020. Traditionally, a strong network security posture relied on solid firewall management practices and large, complex systems. These huge security ecosystems, politely referred to as “robust,” eat up time and money, and until recently that black hole of resources signified your company was doing all it could to win the cyber war.

SonicWall Network Security Manager ends the insanity of ballooning security budgets, endless change documentation, and the headache of clicking through a dozen browser tabs to get the whole picture.

What is SonicWall Network Security Manager?

SonicWall Network Security Manager (NSM) is a multi-tenant firewall manager that centralizes admin functions under one roof. Auditable workflows lighten the IT load in addition to allowing for error-free management and network changes. A native analytics engine provides single-pane-of-glass visibility so you won’t waste your day hopping between tabs and applications looking for basic management functions. By creating a full audit trail of all configuration change and providing deep reporting, SonicWall Network Security Manager simplifies compliance too.

Elevate your security by seeing hidden risks and eliminating operational disarray. The ultimate goal of your business is to grow, and SonicWall NSM ensures your network remains manageable even if you need to scale up fast.

Benefits of SonicWall NSM:

  • Reduce security management overhead costs & wasted time
  • Easily onboard multiple SonicWall firewalls from one interface
  • Establish role-based, access-controlled workflows
  • Unify policies globally with grouping, hierarchical rules, & inheritance
  • Discover & easily correct misconfigured firewall policies
  • Document all changes to meet compliance & stay organized

Even small businesses can forge a path to comprehensive management, analytics, and reporting without the need for hiring a roster of costly experts. Automated workflows form a fully coordinated security governance strategy that fits networks of two firewalls to 200, all visible on a single screen.

How does SonicWall NSM work?

NSM empowers you with increased visibility, group-based device control, and the ability to scale at any pace. By visualizing your entire network in one dashboard, Network Security Manager serves up several unique features:

  • Full network device inventory
  • Push policies at the group level
  • Create & manage groups of devices
  • Backup & restore functionality
  • Network switch & access point management
  • Workflow automation & zero-touch deployment

How does SonicWall Network Security Manager work?

Much of the heavy lifting is done by automation and templates, minimizing both the workload on your admin and the potential for that pesky human error to throw a wrench in the works. By applying a series of rigorous configuration procedures, NSM removes the guesswork and “free hand” management issues that plague so many businesses.

Approval groups are flexible, with varying audit procedures and authorization levels that allow for programmatic deployment of fully validated, documented, and efficient security policies.

Plus, SonicWall Network Security Manager’s RESTful API availability offers a standardized approach to managing individual features and allows compatibility with third-party management consoles you may already use.

Network Security Manager vs Capture Security Center

So what about SonicWall Capture Security Center? SonicWall Network Security Manager is picking up all the same jobs that Capture Security Center handles, plus some!

Here are a few key differences between SonicWall Network Security Manager and Capture Security Center:

Max devices manageable per tenet:

  • Capture Security Center – 10
  • Network Security Manager – Over 100

Full configuration audit trail:

  • Capture Security Center – No
  • Network Security Manager – Yes

RESTful API for 3rd-party compatibility:

  • Capture Security Center – No
  • Network Security Manager – Yes

Group-level visibility, reporting, & dashboards:

  • Capture Security Center – No
  • Network Security Manager – Yes

If you currently use SonicWall Capture Security Center, no sweat! CSC MA-licensed customers will automatically migrate to equivalent NSM licensing at no cost.

How is SonicWall Network Security Manage licensed?

In keeping with tradition, SonicWall offers two variants of NSM: Essentials and Advanced. The key difference between the two levels revolves around your reporting needs. Network Security Manager Essentials includes 7-days of reporting. Network Security Manager Advanced includes a full year of reporting, plus 30 days of log analytics.

SonicWall Network Security Manager is available in 1-year, 2-year, and 3-year terms for SonicWall TZ series firewalls and 1-year, 3-year, and 5-year terms for SonicWall NSa firewalls.

Cyber Threats in the Time of Corona – Ping Podcast – Episode 27

Episode 27: Cyber Threats in the Time of Corona

When 2020 began, the cyber threat landscape – and the world – looked much different. But as summer winds down and the coronavirus pandemic wears on, not only has day to day life been affected, but so too has cybersecurity. To go over the emerging corona-related hazards – and others that aren’t going away – Andrew and Kevin welcome back SonicWall’s Brook Chelmo. Brook discusses SonicWall’s 2020 Cyber Threat Report Mid-Year Update, which captures threats like coronavirus-themed phishing & malware strains. Additionally, we talk about ransomware’s increasing targeting of schools, governments, and other soft targets, plus the added security risk of remote work. On top of that, there are  still IoT (Internet of Things) vulnerabilities, and many other returning favorites.

Get the SonicWall 2020 Cyber Threat Report Mid-Year Update.

In cybersecurity headlines, we continue the COVID-19 theme to discuss some top coronavirus online scams. Then we go over a Microsoft survey showing how the pandemic has accelerated network security’s digital transformation. And finally, we embrace the DarkSide for a new ransomware threat.

But wait, there’s more! We debut a new segment (hosted by a new Andrew) called Ransomware Reckoning. Getting the spotlight this time is an attack on Jack, Jack Daniels that is.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

What’s the Difference Between the SonicWall TZ570 & TZ500?

SonicWall has hit the cybersecurity market with a big haymaker powered by new appliances, an updated Operating System, and new license bundles. Chief among these new champions is the SonicWall TZ570, an evolution of the SonicWall TZ500 that comes before it. With increased throughput, faster interfaces, and more features than ever, the TZ570 is primed to take the desktop NGFW world by storm in 2020. We’ll break down the stats, give an overview of what’s changed, and tell you how to get your mitts on the new SonicWall TZ570!

The SonicWall TZ570

SonicWall TZ570 ports, tech specs, and interfaces

SonicWall TZ570 Tech Specs – Datasheet

Firewall Throughput: 4.0 Gbps

IPS Throughput: 2.5 Gbps

Threat Prevention Throughput: 2.0 Gbps

DPI SSL Throughput: 750 Mbps

Concurrent Sessions (TCP): 1,250,000

New Connections per Second: 16,000

VLAN Interfaces: 256

Not sure what these numbers mean? Check out our post explaining firewall Tech Specs!

SonicWall TZ570 Overview

The SonicWall TZ570 series is SonicWall’s first desktop form factor next-generation firewall NGFW with 5 Gigabit Ethernet interfaces. Equipped with the latest SonicOS 7.0, launched in August of 2020, the SonicWall TZ570 builds upon the high security pedigree of its predecessor the TZ500 wile adding integrated SD-WAN, high-speed virtual private networking, and updated modern user interfaces.

The TZ570 includes 10 high-density 5 GbE ports and built-in storage that can be expanded up to 256 GB with optional modules. This enables advanced logging, reporting, caching, firmware backups, and more.

All this is centrally managed through a single pane of glass with modern UX in mind to make managing your network more intuitive. The SonicWall TZ uses Zero Touch Deployment to let network admins easily roll out multiple devices across locations without the need for intense IT support. Manage SonicWall network switches, SonicWave access points, and all your other SonicWall appliances and services through the TZ570.


The SonicWall TZ500

SonicWall TZ500 Next Generation Firewall

SonicWall TZ500 Tech Specs – Datasheet

Firewall Throughput: 1.4 Gbps

IPS Throughput: 1.0 Gbps

Threat Prevention Throughput: 700 Mbps

DPI SSL Throughput: 225 Mbps

Concurrent Sessions (TCP): 150,000

New Connections per Second: 8,000

VLAN Interfaces: 50

Not sure what these numbers mean? How about another reminder about our post explaining firewall Tech Specs!

SonicWall TZ500 Overview

The SonicWall TZ500 is a next generation firewall recommended for 36 to 50 users. Admins will be quite familiar with the TZ500 and its other SonicWall TZ series counterparts due to their long history of extending advanced security to small and mid-sized businesses. Paired with an Advanced Gateway Security Suite bundle, the TZ500 has successfully stood guard over thousands of networks worldwide.

The SonicWall TZ500 includes multiple USB ports for 3G/4G failover, six 1-GbE interfaces, as well as an X0 LAN and X1 WAN port. The TZ500 can reach maximum throughput speeds up to 1.4 Gbps and accommodate 25 site-to-site VPN tunnels. However, if you have a need for speed (and connectivity), the SonicWall TZ570 has built on the strengths of the TZ500, raising those stats to 4.0 Gbps throughput and room for a whopping 200 site-to-site tunnels.


SonicWall TZ570 Datasheets, Tech Specs, & Pricing

Curious how to get your hands on this young titan of network security? Want to see what the SonicWall TZ570 can do for your small business network? Firewalls.com has all of the latest datasheets so you can check out tech specs, view license bundling options, and learn how to save money on your TZ570.

If you’re ready to talk prices, give our team a call at 317-225-4117 or Live Chat with us for an immediate reply!

TZ570 and TZ670 Firewalls Join SonicWall SMB Family

Introducing the TZ570 and TZ670

SonicWall’s highly regarded TZ Series firewalls have a couple new additions, with the TZ570 and TZ670 boasting some heavy duty features for SMBs. One major first that security minded organizations should take note of – these are the first desktop devices to offer multi-gigabit malware and ransomware protection. That protection even extends to attacks hiding in TLS 1.3 traffic

The TZ570 and TZ670 are zero-touch enabled, making deployment a snap for novices and experts alike. How easy? The new SonicWall SonicExpress mobile app allows admins to easily onboard TZ firewalls within minutes via an easy 1-2-3 process: simply register, connect and manage.

Connecting the SD-Branch

They also come equipped with SD-Branch capabilities to make securely connecting your offices easy. What capabilities you may ask? Let’s start with the physical. The TZ570 and TZ670 are unique among desktop firewalls as they include multi-gigabit (5/10G) ports. These interfaces allow for connectivity with networking devices like SonicWall Switches, wireless access points, & more. Pretty nifty, eh? But we know network security and connectivity goes beyond physical. And that’s why the SonicOS operating system has been updated to support SD-Branch connectivity.

SonicOS 7.0 features some major updates for admins, including:

  • Modern user interfaces
  • Intelligent device views
  • Advanced security control
  • Critical networking and management capabilities

This means you get unified visibility and threat detection, all from a single pane of glass.

Next Generation Performance

The TZ570 and TZ670 can reach threat prevention speeds up to 2.5 Gbps, even with all security services on. They allow you to connect and secure up to 1.5 million devices or users — a 900% increase in maximum connections per appliance. For encrypted SSL/TLS connections, these firewalls can secure up to 30,000 concurrent connections with DPI enabled. Oh, and you also get 5G readiness plus wireless options with the TZ570. Come back soon for a more detailed performance overview here on the blog.

Managed Through the Cloud

Manage your TZ570 and TZ670 via the new cloud-native Network Security Manager (NSM) 2.0. The NSM is a completely virtual product that gives you a single, easy-to-use cloud interface for streamlined management, analytics, & reporting. Plus, the NSM features an innovative new user interface and user experience.

A Video Introduction

Meet the TZ570 and TZ670 via our latest Firewall Review video:

Shop TZ570 and TZ670 firewalls

Now that you’ve had a primer, it’s time to shop around. We’ve got you covered with new TZ570 and TZ670 firewalls and security services. Take a look at your options to find the right fit for your network.



SonicWave vs Ubiquiti Wireless Access Points

SonicWave vs Ubiquiti Wireless Access Points

Comparing SonicWave wireless access points to competitors like Ubiquiti can pose a challenge. Which stats are important when selecting an AP? What makes SonicWave so secure? How does  high performance Wave 2 wireless factor in when it comes to super fast WiFi at a low total cost?

SonicWave is the latest series of wireless access points from SonicWall. In short, Wave 2 wireless provides:

  • Gigabit WiFi potential
  • More bandwidth for connected devices
  • Additional 5 GHz channels
  • Improved user experience
  • Beamforming & bandsteering

SonicWave 224W

Beamforming & Bandsteering

In the past, wireless coverage acted sort of like a lightbulb. For instance: you turn it on, light spills out in all directions, and the whole room is evenly lit. Beamforming is more like a flashlight (or a torch for our UK friends). That is to say, it allows more direct and focused paths for connectivity. When a device attempts to connect to your wireless AP, onboard engines determine which channel and device will provide the highest quality connection at the time.

To sum up, key benefits of beamforming include:

  • More stable, reliable connectivity
  • Faster data transfers & fewer errors
  • Reduced interference
  • Better “signal-to-noise” ratio

In addition, bandsteering is a game changer for WiFi. Bandsteering is the process of using dual-band WiFi, allowing APs to choose which Gigahertz band will provide the highest performance.

  • 2.4 GHz – Slower data transfer, more interference, but larger coverage area & penetration
  • 5 GHz – Higher speeds, more reliable connections, & less congestion

Sometimes the higher capacity 5 GHz band is the faster option. However, in some cases the 2.4 GHz can be the best bet if 5 GHz is congested or a little out of reach. With bandsteering, you do not have to decide. SonicWaves automatically connect to the most efficient band. In other words, the AP does the thinking for you.

Go Controller-Free with SonicWave

SonicWall SonicWave APs feature easy deployment and management options that lower costs. There is no need to purchase a separate wireless controller because your wireless network can be managed through the firewall. Single pane of glass management means less clicking around in multiple tabs and windows to find what you’re looking for. You also have the option of SonicWall’s WiFi Cloud Manager, which offers several bonus features of its own.

Network Security Integration

SonicWall comes backed by multiple decades in the greater network security world. While Ubiquiti excels in their own little fish bowl, SonicWall is a shark that has prowled every corner of the cybercrime seven seas. Above all, SonicWave access points integrate into a larger, centrally managed network with real-time communication and unified threat protection operating across several security layers.

Because SonicWall sports a pedigree in security, SonicWave APs are built with security foremost in mind. That means SonicWaves benefit from:

  • Automatic firmware updates
  • Security alerts & rich analytics
  • SSL/TLS decryption & inspection
  • Wireless intrusion detection & prevention

Dedicated Security Radio

SonicWave 400 series access points include three radios. The first two radios operate on the 2.4 GHz and 5 GHz bands. Most importantly – when it comes to a protected network – the third radio is there just to secure your WiFi! SonicWave’s security radios scan for rogue access points and perform other wireless security tasks. Additional security-related features include:

  • Rogue AP Scanning
  • Virtual AP Segmentation
  • RF Monitoring
  • Passive Scanning
  • Wireless Packet Capture

SonicWave 432i vs Ubiquiti Quick Comparisons

Here we break out a few quick side-by-side stats comparing SonicWave APs vs a Ubiquiti UniFi Pro:


  • SonicWave: 8 fully internal antennas
  • Ubiquiti: 3 dual-band antennas

802.11ac Max Date Rates

  • SonicWave: 2.34 Gbps – 3.47 Gbps
  • Ubiquiti: 450 Mbps – 1.3 Gbps

Interfaces & Ports

  • SonicWave: (1) 10/100/1000 RJ-45 Ethernet/PoE; (1) 100/1000/2.5 GbE RJ-45 Ethernet; (1) RJ-45 Console; (1) USB 2.0
  • Ubiquiti: (2) 10/100/1000 RJ-45 Ethernet; (1) USB 2.0


  • SonicWave: 4×4 MU-MIMO
  • Ubiquiti: 3×3 MIMO

If you’re looking for the bare bones to get a Wi-Fi network up, a Ubiquiti UniFi access point may do the job. If you’re serious about wireless networking, unified security, and user experience, a SonicWave 432i or SonicWave 231c is a better fit for you. SonicWave access points come with the peace of mind that your wireless equipment was home-grown by a company steeped in network security know-how. The demand for fast, stable wireless access continues to grow. Therefore, the volume and variety of advanced attacks targeting WiFi networks will also grow. A SonicWave wireless AP is the way to go for small businesses with cyber security in mind.


SonicWave vs SonicPoint: Comparing Wireless APs

SonicWave vs SonicPoint: Comparing SonicWall Wireless APs

The wave of the future in SonicWall wifi is here with SonicWave wireless access points. To compare SonicWave vs SonicPoint is to compare the future to the past. SonicWave’s predecessor – SonicPoint wireless APs – retired in 2019, but their wifi footprint remains large. For those with active SonicPoint devices or those shopping for wireless networking solutions, it’s worth taking a look at what both model lines have to offer. Let’s compare and contrast SonicWall’s latest wireless line with it’s previous entry into the wifi space.

The New Wave

When it comes to many of the differences between these two model lines, much simply has to do with differences in the technology available at launch date. In other words, older SonicPoints support older performance standards, while newer SonicWaves are ready for whatever today has to offer. Perhaps the biggest difference that puts SonicWaves ahead of SonicPoint APs is support for 802.11ac Wave 2 wireless technology. Wave 2 offers a couple of clearly enhanced capabilities that give SonicWave access points a performance edge:

SonicWave 224W

SonicWave (Wave 2 Technology)

  • 4 data streams
  • 160 MHz channel usage

SonicPoint ACi

SonicPoint (Prior Generation)

  • 3 data streams
  • 80 MHz channel usage

The math is pretty simple there. The larger the bandwidth and the more data streams means more devices supported and better performance. And onto another improvement that relates to Wave 2.


SonicWave models support MU-MIMO instead of SonicPoint’s SU-MIMO. In case you’re unfamiliar, MIMO stands for multiple-input, multiple-output. SU stands for single user, while MU is multiple users. What it’s meant to address is a lag in performance on a network with many users.  The MU-MIMO technology found in Wave 2 devices better accounts for today’s mobile-device heavy environment, while SU-MIMO was designed with primarily laptop usage in mind. MU-MIMO allows a wireless connection to simultaneously transmit and receive data between multiple supported devices at a time, as opposed to just one with single-use. That means better performance, more device support, and a reduction in the dreaded lag.

Deployment Options

There are simple physical differences when comparing SonicWave vs SonicPoint models. That is, SonicPoint offered only indoor-capable wireless access points. But the SonicWave series gives you options for whatever your needs, including if those needs include a more rugged appliance. SonicWave has models designed for the traditional indoor ceiling and wall mount, while also offering models specifically designed for outdoor deployments. The SonicWave 231O and 432O are IP67-Rated and feature industrial-grade enclosures meant to stand up to harsh environments. Basically, they can go wherever you need wifi.

Security and Integration

These features go hand-in-hand. SonicWall is always taking network security into account with any solution it offers. Both SonicWave and SonicPoint models support wireless data encryption. But the SonicWave series goes several steps further. SonicWaves are designed to integrate with SonicWall next generation firewalls to take advantage of the robust security they offer – like deep packet inspection to block network threats – as well as single-pane-of-glass management. If you don’t have a SonicWall firewall though, SonicWave APs can perform advanced security services, including the powerful, zero-day stopping Capture ATP sandbox service on their own.

Plus, most SonicWave APs include three radios, with the third fully focused on security. The third radio performs rogue AP detection, passive scanning, and packet capturing. But wait, there’s more! SonicWaves also integrate additional security-related features including:

  • Wireless intrusion prevention
  • Virtual AP segmentation
  • Wireless guest services
  • RF monitoring
  • Packet capture

And as mentioned, you can manage them through your firewall, or with SonicWall’s WiFi Cloud Manager – an intuitive, cloud-based WiFi network management system ideal for networks of any size.


This one’s perhaps the easiest comparison of SonicWave vs SonicPoint. If you’re looking for new wireless APs, it’s SonicWave or bust. The last SonicPoint models reached end of sale in spring of 2019 (with end of support looming in 2022), so the choice is clear. Shop the SonicWave 200 or 400 series to find the right fit for your networking needs.


SonicWall Switch: A New Networking Must-Have

Introducing the SonicWall Switch

From the smallest of small businesses to the largest of enterprises, networks are getting bigger. As a network admin, you can no longer count on a simple setup to handle the capacity of today. The number of IoT devices continues to grow exponentially, and BYOD is a workplace norm as well. How do you get a handle on all these devices and keep your network secure? Enter the new SonicWall Switch. A SonicWall Switch enhances control over your network, makes management a breeze, and integrates seamlessly with your existing SonicWall firewall. Plus, with seven models, you’ll have no problem finding the right secure switch for your network needs.

Control, management, & integration

With all the aforementioned devices, plus guest networks and other scenarios, control is key. A SonicWall Switch gives you all the standard features you’d expect from a switch, and more. It allows you to segment traffic to give the right level of access to the right people/devices. Manage your ports to keep your network secure. Create a VLAN (virtual local area network) to apply settings beyond one physical office. And to get extra granular, configure static routes.

All this control is great, you’re probably thinking, but how do I manage it? You manage your SonicWall Switch with your SonicWall next generation firewall through the Capture Security Center. It’s a single-pane-of-glass that lets you monitor and configure your network from one console. By adding a SonicWall Switch to a network with SonicWave wireless access points & a SonicWall firewall, you’ll have an integrated solution with visibility, management, unified threat detection, and analytics all in one place. It’s easy enough to deploy and manage for a layperson but with plenty of opportunity for a networking nerd to sink their teeth into. The bottom line: you get end to endpoint security & networking from one company. This makes a SonicWall Switch an ideal fit for Software-Defined Branch (SD-Branch) settings.

SonicWall Switch Models

Every network has different needs, so the SonicWall Switch series has a variety of sizing options to choose from – seven in fact. Considering power over ethernet? There are PoE and Full-PoE variants. If you don’t need it, non-PoE options are available as well. Port options are aplenty too, with 8, 24, and 48 available. No matter your choice, you get a network switch with a compact form factor designed for energy efficiency. Let’s take a closer look at the options by model number:

SonicWall SWS12-8

  • Appliance Only MSRP: $250
  • Gigabit Ethernet (GbE) Ports: 8
  • SFP/SFP+ Ports: 2 SFP
  • PoE Support: Non-PoE

SonicWall SWS12-8POE

  • Appliance Only MSRP: $375
  • Gigabit Ethernet (GbE) Ports: 8
  • SFP/SFP+ Ports: 2 SFP
  • PoE Support: PoE

SonicWall SWS12-10FPOE

  • Appliance Only MSRP: $450
  • Gigabit Ethernet (GbE) Ports: 10
  • SFP/SFP+ Ports: 2 SFP
  • PoE Support: Full-PoE

SonicWall SWS14-24

  • Appliance Only MSRP: $550
  • Gigabit Ethernet (GbE) Ports: 24
  • SFP/SFP+ Ports: 4 SFP+
  • PoE Support: Non-PoE

SonicWall SWS14-24FPOE

  • Appliance Only MSRP: $1050
  • Gigabit Ethernet (GbE) Ports: 24
  • SFP/SFP+ Ports: 4 SFP+
  • PoE Support: Full-PoE

SonicWall SWS14-48

  • Appliance Only MSRP: $1025
  • Gigabit Ethernet (GbE) Ports: 48
  • SFP/SFP+ Ports: 4 SFP+
  • PoE Support: Non-PoE

SonicWall SWS14-48FPOE

  • Appliance Only MSRP: $1995
  • Gigabit Ethernet (GbE) Ports: 48
  • SFP/SFP+ Ports: 4 SFP+
  • PoE Support: Full-PoE

Looking for more?

Check out our SonicWall Switch Series feature review video for more information about these new networking appliances:

As you can see, choices are plentiful, so it’s likely you can find a SonicWall Switch to fit your needs – and at a reasonable price. Add on 24×7 SonicWall Support to any of these models to get technical help, updates, & advance hardware replacement. Shop now to find the SonicWall Switch that’s right for you!


SonicWall NSa Firewalls: How to choose & buy an NSa firewall

What is a SonicWall NSa firewall?

SonicWall NSa firewalls are next-gen appliances built to provide unified, advanced threat protection and centralized network management to mid-sized businesses. In short, if your network supports between 100 and 2,500 users, an NSa firewall may be right for you.


To begin, we’ll compare features of NSa and TZ firewalls. After that we’ll explore NSa firewall tech specs and how to boost your SonicWall firewall with smart security services like AGSS.

What’s the difference between SonicWall NSa firewalls & TZ firewalls?

SonicWall NSa and TZ firewalls share a lot in common. For example, both support cloud-based sandbox capabilities with SonicWall Capture ATP as well as many of SonicWall’s patented security features like Re-assembly Free Deep Packet Inspection (RFDPI) and Real-Time Deep Memory Inspection (RTDMI).

NSa Series is best suited for:

  • Large branch offices & distributed enterprises
  • Data centers & corporate HQs
  • Hotels, convention centers, & dorms
  • Doctors’ & dentists’ offices

TZ Series is better suited for

  • Retail spots & restaurants
  • Small offices & home offices
  • Law firms, satellite offices, and outposts

In other words, the NSa series may be a bit too large for smaller businesses. We recommend checking out SonicWall TZ entry-level firewalls instead. After that, expand your know-how with our SonicWall TZ firewall article spotlighting the SonicWall SOHO 250 and SonicWall TZ350.

Comparing NSa firewall prices & tech specs

The best way to compare NSa firewalls is by visiting our SonicWall Firewall Comparison page or a SonicWall NSa datasheet. Similarly, you can compare critical stats at-a-glance with this snapshot of NSa firewalls by price and performance.

SonicWall NSa 2650

nsa 2650 from sonicwall next gen firewall

  • Appliance Only MSRP: $2,495.00
  • Max Throughput: 3.0 Gbps
  • Threat Prevention Throughput: 1.5 Gbps
  • Built-In Storage (SSD): 16 GB
  • Max SSL VPN Licenses350


SonicWall NSa 3650

NSa 3650

  • Appliance Only MSRP: $3,995.00
  • Max Throughput: 3.75 Gbps
  • Threat Prevention Throughput: 1.75 Gbps
  • Built-In Storage (SSD): 32 GB
  • Max SSL VPN Licenses500


SonicWall NSa 4650

NSa 4650

  • Appliance Only MSRP$6,495.00
  • Max Throughput: 6.0 Gbps
  • Threat Prevention Throughput: 2.5 Gbps
  • Built-In Storage (SSD): 32 GB
  • Max SSL VPN Licenses: 1,000


SonicWall NSa 5650

NSa 5650

  • Appliance Only MSRP: $10,995.00
  • Max Throughput: 6.25 Gbps
  • Threat Prevention Throughput: 3.4 Gbps
  • Built-In Storage (SSD): 64 GB
  • Max SSL VPN Licenses: 6,000


SonicWall NSa 6650

NSa 6650

  • Appliance Only MSRP: $23,595.00
  • Max Throughput: 12.0 Gbps
  • Threat Prevention Throughput: 5.5 Gbps
  • Built-In Storage (SSD): 64 GB
  • Max SSL VPN Licenses: 6,000


TotalSecure Advanced for SonicWall NSa firewalls

NSa firewalls include all the basic security features needed to secure your SMB. But bad guys go way beyond the basics. Therefore, small businesses should not rely on a bare-bones deployment. On the contrary, even small businesses should license advanced security services for SonicWall firewalls to empower admins. As a result, they’ll be able to stop more threats and better control network traffic.

  • Stop zero day threats like malware cocktails with behavior-based threat scanning
  • Rely on 24×7 support from SonicWall experts to keep you up & running around the clock
  • Detonate ransomware payloads in a secure, virtual environment with cloud-based sandboxing
  • Clean up inboxes from unwanted spam, email-borne threats, & elusive phishing schemes

Learn more about SonicWall AGSS to secure your small business against malware, ransomware, and zero day exploits.


SonicWall Support: How to Support Your SonicWall

What is SonicWall Support…And why do I need it?

A SonicWall firewall is an important purchase. It’s an investment showing that you recognize the need to protect your network from the many cyber threats out there today. But to truly ensure you have that secure network through thick and thin, you need someone backing you – and it – up. That’s where SonicWall Support comes in to lend a hand. What do you get with SonicWall Support?

Software and Firmware Updates

We know that cyber threats are ever evolving. And never before seen vulnerabilities can pop up out of the blue. A SonicWall Support subscription gets you any software and firmware updates needed to patch those unforeseen holes. That means you don’t need to search out updates or worry if you’ll be able to load them. Just like Phoebe, Monica, Chandler, Rachel, Joey, and even Ross – they’ll be there for you. Oh, and the same goes for any software or firmware upgrades while your subscription is active.

Advance Hardware Replacement

If it seems like something’s wrong with your firewall, SonicWall Support will work with you to see if a replacement is needed. If so, you’ll receive a Returned Material Authorization or RMA number. And most importantly, SonicWall will ship you a replacement unit for next business day delivery. The replacement appliance will even automatically have your registration information and subscription services transferred to it. All you’ll need to do is return your defective device, with shipping paid by SonicWall.

Technical Support

Simply put, when you have a question or issue, you can reach out for help in whatever contact method you prefer. You get an expert on the other end of the phone, an online chat, or an email. They’ll help you troubleshoot your issue with knowledgeable technical support. You can go with 8×5 Support – which is available during business hours Monday through Friday in your time zone. Go for 24×7 Support to ensure there’s always someone at your beck and call immediately, because trouble doesn’t care what time it is.

SonicWall Support also equips you with tools to support yourself. There’s a knowledge base offering detailed documentation. And moderated discussion groups through the SonicWall Community allow you to collaborate with others to solve common problems.

Beyond Support

Keep in mind, SonicWall Support specialists are there to ensure your products perform up to specifications – so not every question or situation may qualify. The good news is, if you need more advanced support there’s an option for you as well. To ensure you’ll always have answers to any questions about your network – you’ll want to go managed. That is, a managed security subscription through Firewalls.com.

Our Managed Security Service takes you beyond support – with certified engineers offering configuration updates, help with any network issues you may have, assistance with those software or firmware updates, help with equipment repair or replacement, and more. That more includes 24×7 monitoring of your firewall with quarterly checkups and web-based reporting. In fact, you can expect a call from us offering a fix to an issue or a configuration tweak to optimize your network. That proactive monitoring means solutions come before problems take down your network. And signing up for Managed Services requires no contract – they operate with flexible month to month subscriptions. Visit our Professional Services page to learn more, or call 866-645-2140 to get started.

How Do I Get SonicWall Support?

SonicWall Support is available in a variety of ways (and for a variety of products). The simplest – and best – way to get a support subscription is through a TotalSecure Advanced Edition bundle. The bundle includes SonicWall hardware plus Advanced Gateway Security Suite, which includes 24×7 support plus just about any other key security service you can think of. If you want to go the a la carte route, both 8×5 and Standard Support subscription options are also available, but the bundle is the way to go for total network protection from any threat.


TZ Firewall – Entry level firewalls for small businesses

Which TZ firewall is right for your small business?

SonicWall TZ firewalls have been securing small business networks for over a decade, and these next generation firewalls continue to evolve even to this day, with highly acclaimed new entries like the SonicWall TZ350. So what makes the SonicWall TZ firewall such a mainstay on network security shortlists?

New SonicWALL TZ Firewalls

Entry-level firewalls with out of this world features

Advances in throughput and processing allow SonicWall TZ firewalls to pull off some slick tricks. For example, the new SonicWall SOHO 250 (classified as a TZ firewall) extends the capability to use Capture ATP cloud-based sandboxing even in a home office setting. Imagine having that level of advanced, enterprise-grade protection on your home network! The kids have a sandbox in the backyard, and you’ve got one guarding your family photos.

TZ Firewalls scan for zero day and other unknown cyber threats with behavior-based scanning that pairs machine learning with an ever-expanding archive of global threat intelligence. Fileless malware and memory exploits are put to rest by SonicWall TZ firewalls using Real Time Deep Memory Inspection (RTDMI), which can detect threats in fractions of a nanosecond. To stop ransomware and encrypted threats, TZ firewalls scan the entirety of all inbound and outbound traffic across multiple security processors with Reassembly-Free Deep Packet Inspection (RFDPI).

Real Time Deep Memory Inspection

  • Included in SonicWall Capture Cloud
  • Spot threats before they demonstrate malicious behavior
  • Hackers cannot hide behind custom encryption
  • Detects threats in less than 100 nanoseconds
  • Learn more about RTDMI

Reassembly-Free Deep Packet Inspection

  • Included with every SonicWall TZ firewall
  • Scan inbound & outbound data with very low latency
  • High-speed traffic analysis with no buffering or proxying
  • Stop evasion techniques that most engines miss
  • Learn more about RFDPI

SonicWall sizing guides make it easy to compare TZ firewalls

Deciding which TZ firewall is right for your small business network can take some serious consideration. Maybe your small office would benefit from the power-over-ethernet features of the SonicWall TZ300-POE or TZ600-POE models. Most TZ firewalls also support wireless networking such as the SonicWall TZ350 Wireless-AC or TZ400 Wireless-AC. Which TZ firewall you choose ultimately comes down to your unique needs as a small business.

Tips for finding the right firewall fast

  • Use the firewall sizing guide on our Homepage
  • Filter by other options & features in the sidebar
  • Compare options on the TZ firewall comparison page
  • Live chat with our certified experts for better pricing

Firewalls.com offers a SonicWall TZ firewall comparison page where you can easily navigate TZ firewall specs and highlight rows to compare entry level firewalls. If you’re looking for something a little bigger, we also offer SonicWall comparison pages for mid-sized NSa firewalls and enterprise NSa firewalls.

If you want to go straight to the source, check out our network security datasheets page where you’ll find all the latest datasheets and spec sheets for SonicWall, Sophos, Fortinet, WatchGuard, Barracuda, Cisco Meraki, and Ruckus Wireless.

TZ firewall experts on your schedule

Deciding which firewall your small business will rely on as a primary method of protecting both company and customer data is a big, big step. Plus, these are super complicated appliances that should never be chosen on a whim!

Live Chat with experts on the SonicWall TZ Firewall Series

Firewalls.com employs a team of experts that has been both trained and certified by the manufacturer partners we represent. That means when you click on the Live Chat button, you’re connecting with a real person who lives and breathes TZ firewalls full time. Chat or call 317-754-7914 to get special pricing, expert recommendations, and all of your TZ firewall questions answered fast.


What is EDR? Automated endpoint detection & real-time response to threats

To continue our recent theme of decoding abbreviations, EDR means Endpoint Detection & Response, and that means that the age of AI is upgrading networks. This automated, real-time endpoint solution ensures that end users can work securely no matter where in the world they’re located in relation to a firewall.

With EDR, your network defenses constantly scan for the kinds of elusive malware, ransomware, and zero day threats that signature-based detection platforms miss. And in the event a security incident occurs, advanced Endpoint Detection & Response platforms such as Sophos Intercept X Advanced with EDR or FortiEDR stop attacks even if the endpoint is compromised. Guided response lets administrators easily walk through the steps of an attack to see its root cause and isolate infected machines.

EDR’s machine learning systems deter, detect, disarm, dissect, deescalate, and do away with any cyber threats you can throw its way.

Why EDR works for small businesses

Survey after survey several years running have revealed two facts: a majority of small businesses find it difficult to hire qualified IT talent–especially talent focused on network security–and their budgets often struggle to accommodate the talent they do find. Automated endpoint detection and response monitored by 24-hour machine learning intelligence adds just the kind of cybersecurity expertise that SMBs need without a higher employee headcount.

Just like modern grocery stores have self-checkout lines and autoworkers now benefit from the assistance of robotics, automation enables small businesses to do more with less to get the job done. Farm out malware expertise and incident response to the bots!

Sophos Intercept X Advanced with EDR

Intercept X Advanced has been a longstanding go-to for network admins looking to add advanced protection to their networks in a comprehensive, integrated system. Sophos Intercept X Advanced now also consolidates that industry-leading protection and EDR into a single solution. Intercept X’s advanced malware prevention significantly eases the workload on the EDR component, allowing you to utilize more of the speed and performance you pay your Internet Service Provider for.

  • Minimize staffing by automating IT tasks usually done by skilled experts
  • Prioritize potential threats & automatically detect security incidents
  • Provide visibility into attack scope, root cause, impact, & network health
  • Hunt for indicators of compromise that may leave your network vulnerable


Fortinet FortiEDR

FortiEDR will be made available to order on May 4th and is already boasting some big benefits and features. An EDR solution purpose-built to detect potential threats, FortiEDR stops breaches in real time, and mitigate the damage of ransomware even on machines that have already been compromised. FortiEDR also extends security to IOT devices with the ability to protect everything from PCs to servers to point-of-sale systems and more.

  • Creates very small network footprint thanks to native cloud infrastructure
  • Enjoy automated EPP with orchestrated response across platforms
  • Stop file-based malware with Fortinet’s kernel-level Next Gen AV engine
  • Eliminate dwell time & reduce post-breach expenses


SonicWall Capture Client

Automated endpoint detection and response is integrated into SonicWall’s Capture Client, bringing together EDR, advanced threat protection, and integrated network security. With unique ransomware rollback capabilities and intuitive attack visualizations, Capture Client offers a comprehensive endpoint protection and EDR environment for any SonicWall network.


  • Next-generation SentinelOne malware protection engine
  • Advanced threat protection with sandbox integration
  • Behavior-based scanning powered by machine learning
  • Unique attack rollback capabilities using Volume Shadow Copy Service
  • Install & manage trusted TLS certificates to leverage DPI-SSL


4 questions SMBs should ask about SonicWall VPN

Small business owners rushing to get their hands on a SonicWall VPN for their remote workers have a lot of questions. We have a lot of answers. Below are the four questions that business owners and network administrators should be able to answer before they buy a SonicWall VPN solution and get their employees working from home.

1. SSL VPN or Global VPN Client?

If you’re shopping for a SonicWall VPN, your first question is probably: what kinds of SonicWall VPN solutions are there? SonicWall offers both SSL VPN and Global VPN Clients. You can take a closer look on our SonicWall VPN comparison page, but here are a few key differences:

  • Global VPN Clients are best used in Windows-only environments
  • SSL VPN is better suited to mixed-use environments where employees use many device types
  • Global VPN Clients can be a bit harder and more costly to install, especially for smaller businesses
  • SSL VPN is delivered in a client that won’t eat up a lot of resources
  • Price-wise, both SonicWall VPN options are about the same
  • Global VPN Clients use IPSec to connect hosts to entire private networks
  • SSL VPNs connect users to specific services & apps inside secure networks

2. How many SonicWall VPNs does my firewall support?

Did you know that all SonicWall TZ and NSa firewalls include at least one SSL VPN or Global VPN license? However, each firewall model has a maximum capacity of clients that it can connect to and protect. After this threshold, service becomes spotty, slow, and unsecure!

In most cases, a firewall can support more Global VPN licenses than it can SSL VPN licenses. However, small business owners may lean towards SSL VPN because TZ firewalls actually support far more SSL VPNs than they do IPSec clients.

  • SonicWall SOHO 250 – supports 5 Global VPN Clients & 25 SSL VPN licenses
  • SonicWall TZ 300 – supports 10 Global VPN Clients & 50 SSL VPN licenses
  • SonicWall TZ 350 – supports 10 Global VPN Clients & 75 SSL VPN licenses
  • SonicWall TZ 400 –  supports 25 Global VPN Clients & 100 SSL VPN licenses
  • SonicWall TZ 500 – supports 25 Global VPN Clients & 150 SSL VPN licenses
  • SonicWall TZ 600 – supports 25 Global VPN Clients & 200 SSL VPN licenses

3. How do I increase performance for remote workers?

SSL VPN licenses require a lot of performance to process all of the secure data they transfer and inspect. Setting up a dedicated Secure Mobile Access appliance such as a SonicWall SMA 210 or SonicWall SMA 410 remote access appliance can greatly improve speed, uptime, and stability for your employees working from home, lessening the burden on your firewall.

The Firewalls.com Remote Worker Bundle combines Secure Mobile Access appliances, SonicWall VPN licensing, and our expert professional configuration services in a comprehensive package to get your workers setup at home fast. The bundle includes a SonicWall SMA 210 or 410 appliance with a 5 user license, expert setup assistance, and a free configuration to make the transition seamless.

4. How do I provide extra protection for remote workers?

Just because your employees are working from their couch doesn’t mean your security can slouch. The fact is, hackers always find a way to exploit the hottest news in the world to their benefit. Expect attackers to target home users with spearphishing, social engineering, encrypted malware, and more. Now is the time to ensure your mobile workers are locked down with advanced network security solutions like SonicWall’s Capture Advanced Threat Protection for SMA, extending the same great cloud-based multi-engine sandboxing protection to your secure access infrastructure that networks worldwide enjoy through a high-end firewall.

Observe and Report – Ping Podcast – Episode 15

Episode 15: Observe and Report

On Episode 15 of Ping: A Firewalls.com Podcast, we talk about SonicWall’s 2020 Cyber Threat Report. We welcome our first repeat guest, Brook Chelmo with SonicWall to dive into some key takeaways from the report, put together by the company’s Capture Labs team with observations from across their worldwide security network. They include the growing targeted nature of attacks like ransomware and phishing as opposed to the old “spray and pray” technique. We also talk about continued concerns about Internet of Things (IoT) and web application (aka cloud) security. And we get an update on the Hildacrypt ransomware cell, first discussed with Brook in Episode 8.

Get a look at the full SonicWall 2020 Cyber Threat Report or just read through some highlights we put together.

In our cyber headlines segment, we discuss a recent DoppelPaymer ransomware attack affecting some major companies, Microsoft’s takedown of the Necurs botnet, and how increasing diversity could help with the cybersecurity talent shortage..

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Remember to subscribe or follow where you can to get the latest episodes as soon as they’re released, and rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

New episodes are released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show!

SonicWall TZ300 discontinued; TZ350 takes the stage

SonicWall’s best-selling SonicWall TZ300 has been a mainstay in small business network security for years, but 2019 proved to be the best time to pass on the torch. The SonicWall TZ300 is officially discontinued. However, from the success of the TZ300 was born the next generation of next gen protection: the SonicWall TZ350. Firewalls are continuously improved and updated in order to keep pace with the cyber arms race. With attacks growing more advanced, more targeted, and more elusive than ever before, SonicWall needed a new star that could truly extend enterprise-level protection to small businesses.

The new SonicWall TZ350 and SonicWall SOHO 250 are the first small office/home office firewalls with enough power and performance to offer SonicWall’s Capture Advanced Threat Protection (ATP), a cloud-based multi-engine sandbox that sports high security effectiveness against advanced persistent threats, zero day vulnerabilities, malware, and ransomware. In fact, the threat research team at SonicWall Capture Labs says Capture ATP identifies and stops over 1,000 new attacks each business day.

SonicWall TZ300

SonicWall TZ300 at a Glance

Firewall Throughput: 750 Mbps

DPI SSL Throughput: 60 Mbps

Threat Prevention Throughput: 235 Mbps

SSL VPN Licenses: 1 Included, 50 Max

SonicWall TZ300 Discontinued

The SonicWall TZ300 was one of the most popular Next Generation Firewalls during its tenure, but this mighty SMB appliance has finally reached retirement age. Last Order Day, the first step in the SonicWall Life Cycle, was issued January 22nd, 2020. That means no more SonicWall TZ300 physical products will be manufactured. The duration of this phase of retirement is dependent on multiple factors like outstanding inventory remaining at distributors.

If you currently own a SonicWall TZ300 and are worried you’re about to lose security services, you’re in luck. Though no more appliances will be sold after this TZ300 discontinued date, annual license subscriptions will still be active and function as normal, and you will still be able to purchase Renewals & Licensing for the SonicWall TZ300 until the official “End of Support” phase in January 2025.

SonicWall TZ350

SonicWall TZ350 at a Glance

Firewall Throughput: 1.0 Gbps

DPI SSL Throughput: 65 Mbps

Threat Prevention Throughput: 335 Mbps

SSL VPN Licenses: 1 Included, 75 Max

The SonicWall TZ350 Rises

The era of choosing between performance and security has ended. SonicWall’s newest generation of firewalls are designed to handle the increased bandwidth demand required by cloud-based Software-as-a-Service apps, video steaming sites, and resource-heavy social media. The SonicWall TZ350 offers significantly higher Deep Packet Inspection capabilities to meet the growing volume of encrypted traffic on the web. This also means that if you’re paying for a gigabit Internet connection, you’ll get greater capacity to utilize that speed and support more users. Plus, the TZ350 firewall includes a DPI SSL license by default, so you’ll be inspecting encrypted traffic right out of the gate.

Wireless networking is easier too with the SonicWall TZ350, which can support both traditional 802.11ac wireless standards as well as the higher performing Wave 2 standards. Wi-Fi speeds and  appetite for mobile connectivity are increasing exponentially, so it’s best to get on more advanced Wave 2 protocols sooner rather than later.

Onboard memory also saw a boost with the SonicWall TZ350 hosting onboard memory up to 1 GB. That means the footprint of users on your network can grow without losing the ability to manage them all with granular rules and policies. It also translates into more robust reporting to illuminate IT decisions.

Upgrade to the TZ350 Today

Don’t wait to be dragged kicking and screaming off your old box. Visit our SonicWall TZ350 page and Live Chat with our team to see how to get enterprise-class security at a small business firewall price-point.

Remote Worker Bundle options make working from home fast & secure

Small businesses are rushing to get their employees working from home. The popularity of virtual conferences and webinars has skyrocketed in response to the threat of coronavirus, influenza, daycare emergencies, potholes, perilous traffic, and political ads on the morning commute. If you’re looking to keep your workforce out of harm’s way, our new Remote Worker Bundle comes with everything you need to maintain network security while employees work from home. Establish fast, safe remote access with a SonicWall SMA 210 or SonicWall SMA 410 expertly configured for your unique network demands, then pair it with 24×7 Support to make the experience flawless for remote employees.

Security risks posed by working from home represent just one problem surrounding secure remote access. Ensuring that the home experience is simple and seamless is integral to maintaining productivity. In addition, small businesses struggle with issues of flexibility, compatibility, and scalability. The Remote Worker Bundle tackles these issues with affordable add-on options for technical support and further concurrent user licensing.

Benefits of the Remote Worker Bundle

When workers come into the office sick, they risk spreading illnesses to the whole staff, but self-quarantining at home doesn’t mean the work has to stop! Our Remote Worker Bundle includes all the fundamental pieces organizations need to set up basic work-from-home security for their employees. Projects never need to be put on pause when remote workers are able to work with all of the company resources and apps they’re used to at their workstation. This bundle is also ideal for any company with a high volume of business travel.

Flexible, scalable remote access for all

SonicWall SMA appliances are compatible with any firewall brand or model you may already be using. Remote workers will be able to access any company printers, applications, files, or cloud resources from the comfort of their home while their session sits behind the same company firewall that protects their data in the workplace! SonicWall’s SMA 210 and SMA 410 appliances are compatible with any cable or DSL connection from any Internet service provider, meaning whatever Internet provider your workers already have at home will work.

Need to add more users? The SMA 210 can support up to 50 users with concurrent licensing and the SMA 410 can protect up to 250 remote workers at once. The best part? Because these stackable user licenses are perpetual, you’ll only ever pay for each user one time–no need for renewals.

Remote worker bundle: configuration included

Ready to wash your hands of remote security risks? To provide secure network access for employees working from home, optimization of remote access appliances and services is critical. The Remote Worker Bundle includes our proprietary remote access configuration service, in which our team of network engineers expertly configure profiles and access groups via SSL or IPSec settings. Additional access control optimization is also incorporated to help further safeguard your data.

All configuration work is completed by our manufacturer-certified network architects at the Firewalls.com Security Operations Center (SOC) in Indianapolis. You’ll even get post-deployment support from the same team of engineers that configured your appliance.

Security best practices when working from home

Bolster your password hygiene – Remote workers carry additional risks to company data. Ensuring that users rely on strong, complex, and lengthy passwords guarantees that your data stays safe even in the case of a lost or stolen device.

Make sure end user protection is up to par – Any device operating on the company network should be properly protected by strong anti-virus capabilities such as SonicWall Capture Client, web filtering, encryption, anti-spam, and malware protection. Mobile workers should enjoy the same air-tight security when roaming as they would at their desk.

Avoid public Wi-FiAs we covered in Episode 14 of our podcast, public wireless networks can be a breeding ground for wireless threats. Advanced threats like evil-twin attacks, rogue access points, ad-hoc networks, and client misassociation can wreak havoc on BYOD users. In a world with growing open wireless networks, Wi-Fi attacks using Emotet malware infected systems are able to not only steal personal information but also spread malware by laterally scanning public wireless networks.

Email security & encryption – The inbox represents one of the biggest attack vectors for users of all kinds, but remote workers are especially at risk. Email applications are the most popular form of remote work as employees peer at their inbox several times throughout the day. Encryption, anti-spam, and email sandboxing services such as Capture ATP for SMA are all great ways to keep the team safe, whether home or away.


Preparing for the Tempest: SonicWall’s 2020 Cyber Threat Report

The Past is Prologue

As Shakespeare once wrote, “the past is prologue.” When it comes to cybersecurity, knowing the recent past – and trends in the threat landscape – is vital to protecting your network against the latest and greatest hazards. And so the past – as in 2019 – is prologue in the 2020 SonicWall Cyber Threat Report. The report is prepared by SonicWall’s Capture Labs threat research team. It provides an in depth look at the cyber threats of 2019 to help businesses, governments, and organizations of all sizes better prepare to stop the threats of 2020. Let’s take a look at some of the highlights of the Cyber Threat Report.

SonicWall 2020 Cyber Threat Report

Ransomware Shifts Strategy

The good news: Ransomware attacks were down in 2019 – 6% in fact – from the all-time high recorded in 2018. There were a grand total of 187.9 million last year. The less good news? Well, you probably saw it in the news. There was an increase in targeted attacks, hitting government networks, power grids, and even schools & hospitals. Attackers more and more are focusing on quality over quantity, looking for targets that are most likely to pay rather than blanketing all corners of the connected world.

Just how many of these targets were hit last year? It’s probably under-reported because victims can be hesitant to reveal a breach. But more than 140 state and local governments were successfully targeted for the year, and over 600 schools and hospitals – just through September. The Cyber Threat Report warns, however, that the average individual can still be a target, too. Researchers note that ransomware operators are more willing than ever to have a dialog and negotiate with their victims to get a payout. They’ll even use things like sextortion scams, a form of blackmail that suggests the attacker has compromising information or images that they’ll release unless the victim pays.

IoT Malware on the Rise

You down with I-o-T? Yeah, probably! While internet of things devices are hardly Naughty By Nature, they’re becoming more and more ubiquitous. As in, if you’re reading this, there’s virtually zero chance you don’t use some type of IoT device(s) in your everyday life. But with that popularity comes greater exposure. In 2019, the Cyber Threat Report indicates there were 34.3 million IoT malware attacks. Oh, and those attack numbers – much like the number of IoT devices – are trending up.

Security has not initially been a priority for most IoT device manufacturers. With no standards in place, devices commonly come with out-of-the-box vulnerabilities like weak or hard-coded passwords, unsecured interfaces, and a lack of secure update mechanisms. An otherwise secure network with vulnerable IoT devices may be leaving a backdoor wide open for hackers to access data.

Encrypted Threats Continue Growth

While transport layer security (TLS) and its predecessor, secure sockets layer (SSL) encryption standards are largely meant for good, bad actors are always looking to spoil the fun. Encryption when used for wholesome purposes ensures privacy and protects data. But hackers use this encryption against a network, sending malicious packers to obfuscate malware files. That can get them through a network’s standard defenses. The Cyber Threat Report shows our aforementioned bad actors sent 3.7 million malware attacks over TLS/SSL traffic in 2019, 27.3% more than the year prior. Why is this technique on the rise? Many firewall appliances don’t have the capability or power to detect, inspect, and stop attacks sent through encrypted traffic.

Defenses Are Improving, Too

Most of this Cyber Threat Report analysis is probably giving you anxiety, so let’s end on a positive note. The forces for good are continually improving their (which also means your) defenses against these hazards. Security advances include faster identification – and in turn faster mitigation – of zero-day threats. For instance, SonicWall is able to ID never-before-seen malware variants about 2 days before malware repository VirusTotal receives samples. Also noted are advancements made in deep memory inspection technology to combat side-channel attacks among others. In SonicWall’s case, that technology is a part of its Real-Time Deep Memory Inspection (RTDMI) engine. You can get a taste of it with a new SOHO 250 or TZ350 bundle. The report additionally spotlights growing momentum of perimeter-less security as traditional boundaries go by the wayside. This includes the introduction of the secure access service edge (SASE), which would combine software and service-based security solutions.

Want to Learn More?

Visit our Threat Dictionary to get updated on some of the latest cyber threats out there today. Shop for SonicWall security solutions like firewalls, web application firewalls, and cloud app security to name a few. And get your very own copy of the full 2020 Cyber Threat Report to dig into all the nitty gritty details yourself.

Tip of the Spear – Ping Podcast Episode 13

Episode 13: Tip of the Spear

We went into this episode with our heads in the cloud, specifically the Office 365 cloud. But as we spoke with SonicWall’s Matt Brennan, we not only learned about a spearphishing campaign that targeted O365 late last year, we also learned why spearphishing – and the related issue of business email compromise – has been among the most financially successful forms of attack for hackers over the past decade. We also heard a real-life example of what happened to a clothing retailer just last year following a breach. And on a brighter note, we talked about how to prevent these email-based attacks from ruining your business, with a look at SonicWall Cloud App Security as part of a layered approach to network protection.

Read Matt’s blog about the Office 365 attack, and learn more about Cloud App Security right here on our blog and on episode 1 of Ping.

In our Headlines, we talk about yet another way emotet could get you (via Wi-Fi), some malicious Chrome web extensions also known as malvertising, and why lawmakers and the Government Accountability Office are worried about the cybersecurity of the 2020 Census.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Remember to subscribe or follow where you can to get the latest episodes as soon as they’re released, and rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

New episodes are released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show!