SonicWall NetExtender is an application for Windows, Mac, and Linux that allows a remote user to access applications, files, resources, and more from the base network while being protected by that base network’s security apparatus.
To use it, a remote user will need an active SonicWall VPN license. A VPN, also known as virtual private network, is a secure way of accessing company data from anywhere in the world. SonicWall VPNs work in tandem with NetExtender as a means of routing a remote user’s device, desktop or mobile device, safely to the base network.
How Can SonicWall NetExtender Improve Your Remote Workforce
By offering VPN licenses to a remote workforce, you provide your business & users all the same protection capabilities they’d receive if they were working in the office. When remote employees work through NetExtender, they have the freedom to work at efficient speeds with more direct access to files and apps. On top of that, they get security capabilities only available to users connected to your base network.
Benefits At A Glance
Access secure files from anywhere in the world
Use all the business-critical applications you’re used to
Extend on-premises levels of security to employees working from home
Maintain compliance requirements
How Much Do VPNs With SonicWall NetExtender Cost
SonicWall virtual private network solutions are designed for scalable cost. The solution depends on the number of licenses you’ll need, which VPN protocols you use, and what configuration or support options are included. To learn more about the different types of SonicWall VPN clients that work through NetExtender, check out our comparison between SonicWall SSL VPN & Global VPN.
Configuring the right SonicWall VPN solution isn’t the easiest thing to do. Our network security experts are on standby to help guide you through the decision making process. To start your scalable SonicWall VPN solution through NetExtender, call 317-225-4117 or reach out via our secure contact form.
VPN. If you hadn’t heard these three letters together before March 2020, you’ve surely heard them now. With businesses and their employees the world over exposed to work from home scenarios – many for the first time – any conversation about secure remote access involves the term. So what is a VPN? The very basic definition is – it’s a virtual private network. But that phrase is just begging for further explanation. So gather ‘round – virtually of course – as we unpack VPNs and why they’re so important for telework.
The virtual part of VPN means just that – it requires no physical connection. Instead, a virtual tunneling protocol establishes the connection. Gophers would be jealous of the number of these tunnels out there, but of course, they don’t damage any golf courses or yards. The tunneling is achieved by a process known as encapsulation. Basically, while your remote user’s data still does have to travel through the public internet to get to the other side (i.e. your network), the virtual tunnel covers it. That means, it’s private.
So the tunnel itself offers privacy to a degree, but to achieve the full security benefits of a VPN, it must be encrypted. The public internet can see that a tunnel exists, but encryption – either via SSL (secure sockets layer) or IPSec (internet protocol security) prevents anyone from seeing what’s inside. The user and the network the user connects to are the only ones who can decrypt it, with passwords (multifactor authentication recommended) and certificates.
Getting back to the types, while both SSL and IPSec provide the encryption needed to keep that virtual tunnel private, there are a couple key differences. SSL VPN allows secure remote access through a web browser – without requiring specialized client software – making it simple to deploy. Unlike SSL, IPSec VPN functions at the network layer, and it does typically require a separate hardware or software solution. We compared SonicWall’s VPN service offerings (one SSL and one IPSec) in a recent post, and in a handy chart that could offer some assistance as to which is best for your scenario.
Oh and one more note on privacy, when a user connects via VPN, it also obscures the device’s IP address. That means someone trying to track its location will only get the IP address of the network the user is connected to – a feature many non-business users find handy.
So in our quest to answer the question “what is a VPN?” we’ve explored the virtual and private aspects, now let’s examine the network component. Network in this case means a user’s remote device is connected to your organization’s network. Depending on the connection type, they may have access to all of it, or just specified apps, services, and files. Either way, the VPN connection allows users access to what they need to get work done – all while protected by your existing network security. A VPN in essence extends your network’s reach to wherever your employees need to access it. And in the age of the teleworker, this secure remote access is a must.
Is your VPN connection a little slow?
Check out our video for some tips on how to speed up your VPN connection:
For more talk about all things network security, take a listen to our Ping Podcast, available wherever you listen. And for all your cybersecurity research needs in one place, visit our Knowledge Hub.
Fortinet FortiClient is purpose-built to simplify advanced security capabilities, so even small business owners with limited IT staff or resources can roll out enterprise-grade networking. Looking to keep remote worker endpoints sanitary? FortiClient unifies all the endpoint features you expect out of a premium end user platform including secure remote access, sandboxing, and behavior-based scanning for ransomware and encrypted malware.
Fortinet brings it together with seamless Security Fabric Integration, ensuring that all of the Fortinet security fabric components such as FortiGate Firewalls, FortiAnalyzer, wireless APs, and managed switches share a unified view of every endpoint. Automated advanced threat prevention through the use of FortiSandbox catches both known and never-seen-before threats. This integrated framework is centrally managed on the single-pane-of-glass dashboard offered through a FortiGate next generation firewall. This is fast to set up, too! You’re one FortiClient download away from securing all of your endpoints, on-premise or remote. Activation codes are typically delivered next business day.
Remote access with auto-connecting FortiClient VPN
With companies rushing to get remote workers set up on secure remote connections, many small business owners are turning to FortiClient VPN which takes advantage of both SSL VPN and IPSec VPN to provide secure remote access over the fastest and most stable protocol available. This means almost any Internet-connected location can offer secure access to company applications and resources, regardless of the details of its environment. FortiClient automatically connects endpoints to VPNs and maintains an always-up connection, so remote workers require little to no training on how to connect to a VPN from home – or anywhere else.
FortiClient increases visibility & control over endpoints
FortiClient provides end-to-end visibility into all of the endpoints on a network, allowing administrators to view endpoint health at a glance. By integrating endpoints into the Fortinet Security Fabric, the endpoint protection systems, firewall, and security services on the network communicate in real-time to ensure system compromises never go unnoticed. This translates into early detection for network administrators in case of an attack, allowing IT teams to respond quickly.
The FortiOS 6.0 operating system enables endpoint telemetry intelligence, which accurately identifies Indicators of Compromise. Fortinet determines what constitutes an Indicator of Compromise by checking real-time web filter logs on each endpoint against a threat database groomed by FortiGuard Labs. If a potential match is flagged, Fortinet assigns a threat score to that endpoint, measuring overall end user health and reporting this data back to a centrally-managed dashboard through the FortiGate firewall. Plus, network administrators love the automated response capabilities that FortiClient’s telemetry allows, letting them quarantine suspicious endpoints on the fly.
Stop advanced threats like ransomware
FortiGuard Labs provides up-to-the-second threat protection based on real-world data collected from security sensors around the globe. FortiSandbox harnesses this threat intelligence for behavioral scans of all files & applications present on FortiClient endpoints. That means even if threats are hidden in encrypted data packets, FortiClient will root them out and send them to quarantine before any payloads can detonate. Email-borne threats–especially dangerous to remote workers–are blunted thanks to these real-time scans and shared intelligence.
Don’t believe us that FortiClient is a next generation endpoint service? Industry validation titans such as NSS Labs and Gartner consistently stand behind this solution, providing top marks for FortiClient in annual benchmarking tests. In the NSS Labs 2019 Advanced Endpoint Test, Fortinet’s FortiClient blocked 100% of malware thrown at it. See how to get FortiClient for your business.
Small business owners rushing to get their hands on a SonicWall VPN for their remote workers have a lot of questions. We have a lot of answers. Below are the four questions that business owners and network administrators should be able to answer before they buy a SonicWall VPN solution and get their employees working from home.
Global VPN Clients are best used in Windows-only environments
SSL VPN is better suited to mixed-use environments where employees use many device types
Global VPN Clients can be a bit harder and more costly to install, especially for smaller businesses
SSL VPN is delivered in a client that won’t eat up a lot of resources
Price-wise, both SonicWall VPN options are about the same
Global VPN Clients use IPSec to connect hosts to entire private networks
SSL VPNs connect users to specific services & apps inside secure networks
2. How many SonicWall VPNs does my firewall support?
Did you know that all SonicWall TZ and NSa firewalls include at least one SSL VPN or Global VPN license? However, each firewall model has a maximum capacity of clients that it can connect to and protect. After this threshold, service becomes spotty, slow, and unsecure!
In most cases, a firewall can support more Global VPN licenses than it can SSL VPN licenses. However, small business owners may lean towards SSL VPN because TZ firewalls actually support far more SSL VPNs than they do IPSec clients.
3. How do I increase performance for remote workers?
SSL VPN licenses require a lot of performance to process all of the secure data they transfer and inspect. Setting up a dedicated Secure Mobile Access appliance such as a SonicWall SMA 210 or SonicWall SMA 410 remote access appliance can greatly improve speed, uptime, and stability for your employees working from home, lessening the burden on your firewall.
4. How do I provide extra protection for remote workers?
Just because your employees are working from their couch doesn’t mean your security can slouch. The fact is, hackers always find a way to exploit the hottest news in the world to their benefit. Expect attackers to target home users with spearphishing, social engineering, encrypted malware, and more. Now is the time to ensure your mobile workers are locked down with advanced network security solutions like SonicWall’s Capture Advanced Threat Protection for SMA, extending the same great cloud-based multi-engine sandboxing protection to your secure access infrastructure that networks worldwide enjoy through a high-end firewall.
The Jane Austen of Network Security? What on Earth does that even mean?
Well, the similarities are there:
You’ve probably heard of it. In fact, it may be the first example that pops into your head when the subject is brought up.
Someone you know probably has one, and they highly recommend it.
Competitors are jonesing for a similar success story of their own.
It’s been around for years and isn’t leaving anytime soon.
Its popularity is based on the fact that the product is, in fact, really damn good.
You can pick it up on the cheap (hence the cents) instead of dishing out big bucks on a hyped-up new release that you’re not sure you’ll even like.
Just as Jane Austen is an indisputable bestseller that can be trusted to fly off store shelves at a regular clip, the SonicWall TZ300 is one of the most popular next-generation firewalls sold across the web. These appliances are in high demand and this week we intend to parse out precisely why the second smallest of the SonicWall TZ series, the TZ300, is a timeless classic.
Some Quick Stats
Max speed: 1.3 Gbps
Interfaces: 7 x GbE, 1 USB, 1 Console
Optional Interfaces: 100+ add-on ports with X-Series network switches
Security Processors: 2 x 800 MHz
VLAN Interfaces: 25
Appliance-Only Price: $484.00
Deciphering the buzzwords
The TZ300 is designed to provide the Maserati of network protection at the price-point of a Mazda. In short, the TZ300 is the Mazda Miata of firewalls. With the TZ Series, SonicWall committed to making cyber security bells-and-whistles accessible even to the small business owner who may not have the budget squirreled away for the info sec equivalent of a supercar.
The TZ Series utilizes the same code base and many of the same features as the SonicWall SuperMassive series, a series designed to provide security suitable for multinational corporations, hospital campuses, and far-flung remote databases. Not only does this mean that your network administrator will be treading familiar waters if they have previous experience with these bigger, badder SuperMassives, but it also means you can rest assured knowing you have access to some of the same tools, interfaces, and resources that cash-flush networking giants use.
Firewalls have gotten clever. The firewalls of yesteryear amounted to not much more than a lightly-guarded gateway between your network and the outside world. However, the next generation of firewalls saw the rise of new, smarter features designed to up the work load on a firewall’s list of chores.
SonicWall’s Reassembly Free Deep Packet Inspection (RFDPI) ensures that both inbound and outbound traffic is scanned and validated before passing through your perimeter.
Intrusion Prevention Systems (IPS) actively work to keep network raiders at bay.
Multiple security processors are constantly comparing data packets in your network environment to archives of threat signatures updated in real time.
Next-generation is a designation given to firewalls that act as more than just a slack-jawed bouncer standing in the doorway. Instead, the TZ300 is an active, efficient sentry prowling your perimeter.
The TZ Series was built to work with your system, not in spite of it. A TZ300 added to an existing network can be easily monitored and managed remotely through SonicWall’s Global Management System (GMS). In addition, the sheer ease of setting up secure remote access throughVPN tunnels qualifies the TZ300 as a fine contender when expanding networks to accommodate remote users.
The SonicWall TZ300 is scalable because it possesses the versatility required to fill many roles. When the needs of your organization evolve, you can trust the TZ300 to evolve with you.
Sandboxes & Signatures
Perhaps one of the most exciting aspects of the TZ300 is its compatitibility with SonicWall’s Capture Advanced Threat Protection (ATP). We wrote about Capture ATP in a previous blog post, so be sure to slide on over to that article for further details.
Capture ATP is a best-in-class sandbox client included in an Advanced Gateway Security Suite. With cloud-based signature scanning and three separate processing engines to triple-check against known threats, Capture ATP is the gold standard in network fortress-building. Most importantly, it catches zero-day threats like ransomware at the gateway and quarantines the malicious data until you decide its fate. With Capture ATP and a SonicWall TZ300, you’ll leave the next Petya or Wannacry stranded in limbo while your network carries on, uninterrupted.
Start your next chapter
It’s powerful. It’s affordable. It does everything you’re looking for, plus a little more. And that’s just a few of the reasons why the SonicWall TZ300 has secured its title as a best-seller. 1.3 gigs of throughput? Comprehensive security features? A sub-$500 price tag? Much like your favorite book, the TZ300 is a classic that you will keep coming back to time and time again.
As Bring Your Own Device (BYOD) and Remote Access policies ramp up, so too does the mad dash to secure these new endpoints. Gartner predicted that by 2017, half of employers will require employees to supply their own device for work purposes. With so many fresh attack surfaces, employers scramble to assemble additional security layers that prevent data leakage and intrusions. The nature of BYOD proves challenging as devices in the wild show volatility without proper VPN and next-gen firewalls to lock down security.
Secure Mobile Access – Powerful, cost-effective secure mobile and remote access means that your users have access to applications wherever they’re working, so they stay productive and your company stays competitive.
SonicWall VPN – Ensure secure access to crucial applications for Android & iOS mobile devices using SSL and policy-based enforcement.
Next-Generation Firewalls – Next-Gen Firewalls provide you the power to execute cutting-edge security without your performance withering away.
Secure Remote Access – SonicWall Secure Remote Access solutions provide users with easy-to-use, secure, and clientless remote access to necessary resources on the corporate network.
Aventail SRA Connect Mobile – SonicWALL Aventail with Connect Mobile provides robust remote access solutions for smart phone users, with “in-office” access optimized for the device.
Trouble setting things up?
Firewalls.com provides a video library chock full of helpful how-to’s and troubleshooting guides. One of our certified engineers will provide the answers you crave to set up your remote access VPNs.
Firewalls.com is a value-added reseller of firewall appliances & a vendor of managed security and Firewall-as-a-Service support. Whether you’re looking to add an appliance to your security set-up or expand BYOD and remote access security, we provide solutions that get you secure and keep you secure. Contact our sales staff to answer questions you may have about your network, next-gen firewalls, or BYOD!
The “Failed to open IPSec driver” occurs when the IPSec driver failed to install during the Global VPN Client install on Vista even though no error was displayed during the installation.
This issue has been resolved in the SonicWall Global VPN Client version 4.0.0 or newer (update: the latest version of SonicWall Global VPN Client as of April 2020 is 4.10).
NOTE: If the issue persists after the upgrade, follow these steps:
1. Uninstall Global VPN Client using Add/Remove Programs in the Control Panel.
3. Run the Global VPN Client cleaner tool to remove the Deterministic Networks (DNE) driver. A link to download this tool is available as a related item link.
5. Reinstall the Global VPN Client software.
If you are using Windows 7 then follow these steps:
1. Install the Global VPN Client
3. Open device manager
4. Click “View”, then “Show Hidden Devices”.
5. Expand “Non Plug n Play Drivers”
6. Open the SonicWall IPSec device and set startup type to Automatic
7. Click Start to get the driver up again.
8. Reboot again to check if your new settings worked.