https://www.sikich.com

SonicWALL – Capture Advanced Threat Protection

Timothy Longueil

Mar 11 2019

2 min read

Security within the IT infrastructure requires a proactive approach. Every day, more threats and malware that can destroy your business are discovered — how can you best protect yourself? With a Next-Generation firewall from Sikich and our partner, SonicWALL.

SonicWALL has always been strong in incorporating network security into their products. Other than your router, your firewall is usually the last device, or hop, inside your network before getting to the outside or vice versa.

Until recently, Sikich has been deploying these security gateways using SonicWALL’s subscription service, Comprehensive Gateway Security Suite (CGSS). This suite of security features includes Gateway Anti-Virus (GAV), Intrusion Prevention System (IPS), Anti Spyware, Application Visualization and Control, and Botnet/GeoIP filtering, along with content filtering. This has been our go-to for years, and it works great at keeping threats and malicious files from getting inside the network. This has been a great step forward in network security for many of our clients.

More recently, SonicWALL began offering their Advanced Gateway Security Suite which includes all the above features PLUS one very important new feature that SonicWALL calls Capture Advanced Threat Protection (Capture ATP). This service identifies previously unknown files and uploads them to SonicWALL’s servers to be opened and inspected for any malicious payloads, to protect users and organizations from zero-day threats. Included file types are PDFs, Office documents, executables and even archive files that are under 10 MB.

Capture ATP reports a verdict back to your SonicWALL firewall – if the file is determined to be malicious, it’s blocked at the perimeter; if it’s clean, it’s allowed through to the end user. Generally, this takes only a few seconds (depending on your Internet speed) and ensures files never get the chance to enter your network until a clean verdict is given. Once a file receives a clean verdict, the firewall remembers it and it is no longer held at the gateway for inspection, but is given immediate access.

How are you protecting your business from zero-day dangers and the latest threats out in the wild?

Contact the Sikich Tech Team to learn more about how we can build a strong partnership together, strengthen, and empower your business and employees by utilizing the latest technology to meet the needs in this rapidly changing culture.

This publication contains general information only and Sikich is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or any other professional advice or services. This publication is not a substitute for such professional advice or services, nor should you use it as a basis for any decision, action or omission that may affect you or your business. Before making any decision, taking any action or omitting an action that may affect you or your business, you should consult a qualified professional advisor. In addition, this publication may contain certain content generated by an artificial intelligence (AI) language model. You acknowledge that Sikich shall not be responsible for any loss sustained by you or any person who relies on this publication.

About the Author

Timothy Longueil

Timothy Longueil is a Senior Network Consultant and Project Engineer at Sikich that works closely with organizations to improve productivity and increase overall profit. Timothy also holds many advanced certifications, including Microsoft 365 Enterprise Administrator Expert (M365 EA), CompTIA A+, CompTIA Network+, Certified SonicWALL Security Administrator (CSSA) Microsoft Certified Solutions Expert (MCSE) and Microsoft Certified Solutions Associate (MCSA). Timothy’s attention to detail allows him to troubleshoot as well as to design and deploy advanced, complex solutions for organizations in the Chicagoland area while providing documentation, communication, support, and sales alongside working closely with the key decision-makers of the organization. Timothy has performed 50+ Microsoft 365 Exchange Online migrations and Teams Phone System deployments for clients, and is currently performing new deployments in the rapidly emerging Microsoft Cloud Technologies Platform. Timothy’s primary areas of focus are Microsoft cloud services such as Azure or Microsoft 365, Windows Server and Active Directory, Virtualization through either VMware or Hyper-V, Backup/Disaster Recovery/Business Continuity and Network routing/switching/security/VPN.