SonicWall News: SonicOS 7, SonicOSX 7, and NSM Released
SonicWall have certainly been busy lately.
In the business firewall space, there’s understandably a lot of focus on physical firewall hardware. After all, that is what we sell (for the most part!). However, it’s really software that does all the legwork.
“When it comes to any network security tools, software is where the magic lies.“
So, let’s explore these new releases, translate some of the jargon, and discover why these advancements are so compelling.
SonicOS 7 Overview
SonicOS 7 is an updated operating system which runs on SonicWall’s newest generation of SME firewall hardware. SonicOS 7 now comes as standard on SonicWall TZ570, TZ570W, and TZ670 firewalls and will eventually replace the previous SonicOS versions 6 and 6.5.
SonicOS 7 Benefits
- Much faster than previous instances of SonicOS because it now runs on a much more efficient Linux infrastructure.
- TLS 1.3 decryption capabilities mean that the firewall can now inspect most encrypted traffic for zero-day threats.
- Fresh, intuitive user interface which provides a real-time, at-a-glance picture of network usage and threat insights.
- Simplified policy visualisations which add meaningful insight into policy deployment.
- New APIs that enable seamless integration with other security tools like SIEM, NAC, SOAR and more.
- Multi-instance support allows users to run multiple “instances” of the same firewall through one piece of hardware – ideal for shared/serviced premises.
What You Need to Know About SonicOS 7
The new SonicOS is truly “new and improved” in every way over its previous versions. Firstly, it’s orders of magnitude faster than previous iterations as it now uses a much smoother Linux-based infrastructure. Faster operations mean a faster firewall, and a faster firewall means more efficient incident detection, quicker reaction times, and more effective cyber-protection all-round.
Deep Packet Inspection (DPI) is an essential function of next-generation firewalls. It examines the contents of incoming and outgoing data packets for malware and other nasties before sending them on their way. Given that most internet traffic is now encrypted, it’s important that DPI tools can handle common encryption standards in order to keep a network safe.
The modern internet is increasingly using an encryption standard called TLS 1.3, though recent instances of SonicOS could only decrypt up to TLS’s previous version, 1.2. Therefore, TLS 1.3 encrypted threats could still slink by unnoticed.
This changes with SonicOS 7. The new OS can fully decrypt and inspect data packets encrypted with TLS 1.3, giving increased security oversight and stopping zero-day threats in their tracks.
The OS’s user interface has had a significant facelift, making it much easier for less experienced users to set up and use. Simple, intuitive graphical interfaces are especially important for smaller businesses, as they’re typically less likely to have dedicated IT support on standby 24/7.
This new interface provides intuitive controls and “at a glance” reporting that anyone with a passing knowledge of your network can understand. Particularly worth mentioning are the new security rule visualisation screens which allow you to see how your configurations actively impact current traffic patterns.
SonicWall’s REST API now enables you to link your firewall to third-party security tools, providing wall-to-wall network security oversight. Enriching the firewall’s usage data with data from other security tools gives a total, holistic picture of your overall security posture.
New multi-tenant support is ideal for shared or serviced premises. It basically allows multiple different networks to run their own, segmented version of the firewall software through a single firewall box – no need to invest in separate boxes for each network!
SonicOS 7 continues to support all of the essential features we’ve come to expect from SonicWall – Capture ATP sandboxing , high speed VPN support , a robust gateway antivirus, and content filtering controls.
Building on the capabilities of SonicOS 7, SonicOSX 7 provides an amplified suite of robust cyber security controls designed to benefit large, distributed enterprises. SonicOSX 7’s new Unified Security Policy allows you to maintain consistent rules and policies network-wide. New enterprise-grade NSa, NSv, and NSsp firewalls all run SonicOSX 7.
SonicOSX 7 Benefits
- Builds upon all of the benefits of SonicOS 7 with an extra unique feature set designed to benefit larger, distributed organisations.
- Unified, infrastructure-wide policy controls which are designed to manage security across fragmented networks and locations.
- Paints a true picture of your total security landscape, without siloing network usage data between locations, branches, data centres, etc.
- Comprehensive security management tools which help minimise configuration errors and eradicate security flaws.
What You Need to Know About SonicOSX 7
On first glance, SonicOSX 7 features much of the same benefits as its SME counterpart: a new, fast, and flexible operating system; a freshly redesigned interface; TLS 1.3 deep packet inspection; improved API compatibility; high speed VPN support; and powerful gateway cyber security controls designed by a trusted industry leader.
However SonicOSX 7 is much more than simply “a version of SonicOS for larger organisations.”
SonicOSX 7 is a much more powerful animal, providing the kind of true enterprise-level support that large, distributed workforces need to stay secure at scale. Yet it does so by retaining a simple, intuitive, data-driven interface which provides an ongoing, up to the minute picture of traffic and network usage.
Where SonicOSX 7 really shines is in SonicWall’s new Unified Security Policy capabilities. This provides IT administrators with a single, centralised location to manage the kinds of granular policy controls needed on larger networks.
Larger enterprises will generally need to accommodate a wide variety of network uses. From remote working VPN users; to endpoints that deal with sensitive data; to different software use and network load between departments; and even networked Internet of Things (IoT) devices; enterprise network admins have a lot of different functionalities to secure. However, SonicOSX 7’s central, easy to use portal makes it easy to manage and audit security standards across widely varying and geographically distributed teams.
Network Security Manager (NSM)
SonicWall’s Network Security Manager is an essential investment if you have numerous SonicWall firewalls within your IT estate. Put simply, NSM enables you to manage and audit multiple instances of firewall hardware through a single, centralised control panel. With it, you can consolidate and harmonise policy controls, view estate-wide network usage reports, and monitor your whole organisation’s threat landscape.
- An essential security management platform for companies with multiple sites or otherwise using numerous instances of firewall hardware.
- Empowers you to roll out consistent, company-wide policy and security changes across environments without having to individually configure firewall units.
- Audit firewall policy from one central, analytics-driven interface; enabling informed IT security decisions and a speedy response to cyber incidents, wherever they may arise.
- Minimises misconfiguration errors and IT security data silos between branches or networks, therefore strengthening company-wide policy.
- Provides holistic, joined-up, real-time and historical analytics covering your whole IT estate.
- Compatible with numerous SonicWall devices that run SonicOS/X 6, 6.5, and 7 software across small, medium, large, and virtual deployments.
When you operate multiple sites or firewalls, maintaining consistent, company-wide policy controls can be a real challenge. Without centralised control, each firewall needs to be managed independently, meaning that inconsistencies and manual errors easily arise.
It’s situations like these where SonicWall Network Security Manager comes to the rescue. It’s a single, central, cloud-based dashboard that securely connects to all of your individual firewalls providing access to company-wide network policy controls and usage reports simply and easily.
Want to enforce or alter an infrastructure-wide policy or rule? With NSM, it’s as simple as a few clicks. As soon as you make your changes, you can roll them out to the whole organisation with no fiddly repetition or inconvenient downtime. Understandably, this helps you minimise wasted time (and therefore wasted spend) on IT security and policy management.
As well as providing real-time logs of network activity, NSM also retains in-depth historic reporting data about all of your firewalls – 7 days’ worth of information on the Essential plan, 365 days’ worth on the Advanced plan. These centralised analytics can help you gauge your true security posture, hunt down potential threats, and make informed IT security decisions.
Feel you could benefit from the above tools? Get in touch with the team at Just Firewalls today and we’ll walk you through our free, no-obligation cyber security health check. We may even be able to maximise your current security systems for free! Get in touch with the team today on 0808 1644414 or request a call back.