Today SonicWall is making a flurry of announcements across its network security portfolio. The company is emphasizing the commonality of the announcements across their breach detection and prevention platform, as well as the heavy emphasis on wireless and mobile access and security.
“This is the biggest release in SonicWall’s history,” said John Gordineer, SonicWall’s director of product. “Five major product launches on the same day is a big step forward for us. We are starting to see the pace of innovation at SonicWall really turn up.”
Gordineer also stressed that the announcements really need to be seen as components of a unified platform, rather than as five new products.
“We are making some really dramatic enhancements to our breach detection and prevention platform, all of which contribute to a layered security experience,” he said. “Doing five things in one day is a proof point of innovation around the platform. There is also a strong theme around wireless and mobile access – this idea of providing additional security for remote and wireless workers. The new 802.11ac Wave 2 has created new challenges around managing bandwidth and scanning traffic. The need to encrypt all the SSL connections coming in at a very high throughput needs to be seamless.”
The new SonicOS 6.5 is the most significant of the announcements, because it touches on all the other components.
“The 6.5 OS supports the platform vision and drive to automated breach prevention,” said Dmitriy Ayrapetov, director of product management at SonicWall. “It also affects the most customers and partners, so has the highest impact.”
Ayrapetov said that while the OS release could have been presented as all about wireless features – about 20 of the almost 60 new features relate to wireless – the most significant feature is a new UI.
“The old UI had gotten somewhat dated,” he indicated. “We redesigned the UI/UX [user experience], with that UX analysis driving the redesign of the UI. We broke it into 3 portions – monitor, investigate, and manage, with the latter being when you take action. This is the first major leap into better usability.”
Ayrapetov said that when you log in, instead of a massive menu of different capabilities, you now see three different tabs.
“It’s a single pane of glass, with three tabs,” he said. “It’s presented in an easier way.”
“We realize that we have 18,000 partners, and that our partners’ engineers get trained up on the UI,” Gordineer said, “That can become sticky, so we realize the challenge of upgrading. We have built in a toggle so partners can learn at their own pace. Partners have given very positive feedback on that capability.”
Other SonicOS 6.5 enhancements include improved threat API capabilities which help build automated security platforms that can leverage third-party threat intelligence feeds. Remote access is now all done with HTML5 — Java, and remote flash have been dumped. The many new wireless features enable security and connectivity for mobile users. Multi-domain authentication support gives a simple and fast way to manage and enforce security policies across an entire organization.
“We have also expanded our relationship with Dell Networking, and can now support daisy chaining for larger warehouse deployments,” Ayrapetov said.
Multiple changes have also been made to make troubleshooting easier, adding serviceability features and GMS capabilities to make maintenance and deployment easier for partners
“If we can make partners 10 per cent more effective by reducing troubleshooting, that makes us 10 per cent more effective as well,” Ayrapetov said.
The new NSA 2650 firewall is a campus device, and one of SonicWall’s most important firewalls. It enables threat prevention over 2.5 gigabit Ethernet wired and 802.11ac Wave 2 wireless networks. It also supports twice the number of DPI connections as before, and offers 12,000 DPI SSL connections, an increase of 12X. It also supports multi-engine sandboxing via the Capture Advanced Threat Protection (ATP) service.
“This is the first firewall in the industry to support the new multi-gigabit standards,” Ayrapetov said. “The standard supports 2.5, 5 and 10 gigabit Ethernet, so customers can use existing infrastructure to go beyond 1 GB without having to redo the whole thing.”
That 12x increase in DPI SSL connections is huge, Ayrapetov stressed.
“What matters now is who can scan and decrypt best for malicious traffic, in the same way that three years ago what mattered most was sandboxing capability,” he said. “We have heavily invested in this to emphasize the need to decrypt to scan for ransomware and malware.”
The third element of the announcement is new SonicWave 802.11ac Wave 2 wireless access points.
“SonicWave is a new brand, which expands our portfolio,” Ayrapetov said. It is an expansion of the existing APs we offer. We are building in a lot of future-proofing capabilities, like a built-in Bluetooth radio and third scanning radio.”
There are three SonicWave models, two indoor, and one outdoor – SonicWall’s first outdoor AP.
“We are pricing these very aggressively for market penetration,” Ayrapetov said. “They are up to 50 per cent cheaper than their equivalent competition.”
The current 802.11ac Wave 1 APs will remain, despite the aggressive pricing of the Wave 2s.
“They will still be more expensive than the old access points, so we are keeping Wave 1 for the price sensitive market,” Gordineer said.
The new SonicWall Cloud Analytics application expands on management and reporting capabilities.
“There are two new components,” Ayrapetov said. “The global management systems have been updated to stay in line with the 6.5 OS. They are now much easier to deploy, and have new health monitoring tools.”
The other new element is a suite of cloud analytics for network forensics.
Finally, the new Secure Mobile Access OS 12.1 extends remote worker security with secure, policy-enforced access to email, file servers and corporate applications using federated single sign-on.
“This now has our Capture ATP service,” Ayrapetov said. “We launched it on our firewalls first, then on email and Office 365. Now it is on Secure Mobile Access.”
The other new element to this OS is the federated single sign-on.
“It lets you access from anywhere,” Ayrapetov said. “You log into the portal, and with one click can get into Concur, Salesforce or other applications. You eliminate re-using passwords and force people to go through the portal.”
The SonicOS 6.5, NSA 2650 firewall and SonicWave wireless APs are available immediately. SMA 12.1 and Cloud Analytics will be available in early Q4 in North America and Europe.