AUSTIN – At Dell World, Dell unveiled several new security offerings which will offer customers new functionality and partners attractive new revenue opportunities. The major ones are the Dell SonicWALL APT Protection Service and new integrated management of Dell Networking X-Series switches through the Dell SonicWALL firewall interface.
The new offerings won’t come as big news to Dell’s top security partners, as they were previewed with considerable fanfare last month at the Dell Security Peak Performance conference in Las Vegas, where they caused considerable excitement.
The Dell SonicWALL APT Protection Service will be available on both firewalls and email security solutions and is based on a rethinking of how to use sandboxing more effectively. The idea is to get today’s persistent threats by stopping them early and often, to get them before they can deliver their big payload.
“To do this, we need to shorten the response time between us detecting malware and deploying signature protections,” Boris Yanovsky, VP Development Engineering and CTO, Dell Security, said last month at Peak. “So we started thinking about how to change the sandboxing world in the same way we changed intrusion prevention and gateway antivirus, so you don’t have to wait for alerts to come out of the sandbox, to tell you, oh by the way, somebody downloaded a virus on your network, an hour ago. It’s better to know than not to know, I grant you that, but even better would be to stop it as the threat happens.”
The Protection Service does this with a new sandboxing tab in the firewall security services.
“You just need to enable it and check the box ‘Block until Verdict,’” he said. “It holds the connection while the analysis is going on. Immediately the verdict is made, if it’s deemed malicious, the blocking will happen. Once we do the blocking, you will see a report with its connections, what it addresses it communicated with, files it had modified, and registry keys and behaviors that determined if it was malicious or okay.”
This solution is built on multi-layered sandbox technologies that use both system emulation and virtualization techniques which leverage the SonicWALL GRID, Dell’s cloud forensics platform which leverages real time analytics from over 500K connected NGFWs.
Patrick Sweeney, Dell SonicWALL’s Executive Director, Product Management, said that this approach represents a large improvement over traditional services that only tell you about a problem after you have been infected.
“We could set up the service to not block and just say what went where, but blocking bad stuff is more important than anything,” he said. “We are smart with real time traffic, and don’t introduce latency.”
Sweeney also emphasized the importance of Dell doing this through a multi-engine approach, rather than the single engines common in the market.
“We are committed to multi engine implementation, because we don’t believe any one single method will ever be complete,” he said.
Sweeney stressed as well that making this available as a service greatly expands its total addressable market.
“This kind of capability in perimeter-based deployments have only been available to the bug guys, because it’s very expensive,” he said. “Now everyone else can use this as a logical extension of the next generation firewall, and it becomes another affordable subscription service, which fits into small and medium size businesses as well as large.”
Sweeney said this will be exceptionally attractive to Dell SonicWall partners, even the many smaller ones who sell to the micro-level market.
“This subscription is a simple and easy thing to sell to micro-businesses, and smart VARs can make an excellent living providing these services to small businesses and SMBs, as their trusted security advisor,” he said.
The other head-turning innovation, which was also previewed at Peak, is the new integrated management of Dell Networking X-Series switches through Dell’s SonicWALL firewall interface. This lets customers manage and enforce security policies across their network security, switching, wireless and WAN acceleration from a single pane of glass.
“This is important from a distributed enterprise point of view,” Sweeney said. Customers deploy firewalls, wireless and switches and ask ‘why isn’t there one interface for all of this.’ We have now brought that to market.”
Sweeney expects demand for this will be strong, because every organization today tends to be highly distributed, and this is a problem all customers deal with.
“VARS love it because they can consolidate their switches and the firewall, just by going to the firewall and telling it to classify a zone as a switch.”
Other security announcements at Dell World included improvements to Dell Data Protection [DDP], Dell’s encryption offering, which came originally with the 2013 Credent acquisition, but has been massively buttressed since through internal investment.
“We are expanding its core capabilities, and its ability to protect data regardless of where it is located,” said Brett Hansen, Executive Director of Data Security Solutions at Dell Software. To encrypt data as it moves from the endpoint to leading public cloud platforms, DDP had originally supported Box, DropBox, and Microsoft OneDrive.
“Today, with Dell Data Protection | Cloud Edition 2.0, we are expanding this to Google Drive and Microsoft OneDrive for Business,” Hansen said.
Dell Data Protection has also been expanded to server encryption for Windows servers
“This has been in response to requests from some of our most loyal, long time customers,” Hansen said. “It’s not for datacentes, but for servers sitting outside them in regional establishments where they may be exposed. This is very much a ROBO [remote office/ branch office] play – which will be in demand in particular in legal, retail and medical verticals, and state and local government.”
The enhanced Dell Data Protection capabilities are available now. The Dell SonicWALL APT Protection Service will be available later in Q4. The integrated solution of X-Series switches, TZ Series UTM firewalls, SonicPoint Series wireless access points, WAN Acceleration Series and GMS will be available in 2016.