Sonicwall Capture Advanced Threat Protection Service Datasheet 108060

User Manual:

Open the PDF directly: View PDF .
Page Count: 3

SonicWall® CAPTURE ADVANCED

THREAT PROTECTION SERVICE

Discover and stop zero-day and other unknown aacks

For eecve zero-day threat protecon,

organizaons need soluons that include

malware-analysis technologies and can

detect evasive advanced threats and

malware — today and tomorrow.

To protect customers against the

increasing dangers of zero-day threats,

SonicWall Capture Advanced Threat

Protecon Service — a cloud-based

service available with SonicWall

rewalls — detects and and can block

advanced threats at the gateway

unl verdict. This service is the only

advanced-threat-detecon oering

that combines mul-layer sandboxing,

including full system emulaon and

virtualizaon techniques, to analyze

suspicious code behavior. This powerful

combinaon detects more threats than

single-engine sandbox soluons, which

are compute-environment specic and

suscepble to evasion.

The soluon scans trac and extracts

suspicious code for analysis, but unlike

other gateway soluons, analyzes a broad

range of le sizes and types. Global-

threat intelligence infrastructure rapidly

deploys remediaon signatures for newly

idened threats to all SonicWall network

security appliances, thus prevenng

further inltraon. Customers benet

from high-security eecveness, fast

response mes and reduced total cost

of ownership.

A cloud-based, mul-engine soluon for stopping unknown and zero-day aacks at the gateway

Benets:

• High security eecveness

against unknown threats

• Near real-me signature deployment

protects from follow on aacks

• Reduced total cost of ownership

Network an-virus

Cloud an-virus

Botnet filtering

URL filtering

Intrusion prevenon

Mul-engine SonicWall

Capture cloud

SSL decrypon

Sandbox

Filtered traffic

Judgment

Grey listed files

Traffic

2

Features

Mul-engine advanced threat analysis —

SonicWall Capture Service extends

rewall threat protecon to detect

and prevent zero-day aacks. The

rewall inspects trac, and detects and

blocks intrusions and known malware.

Suspicious les are sent to the SonicWall

Capture cloud service for analysis.

The mul-engine sandbox plaorm,

which includes virtualized sandboxing,

full system emulaon and hypervisor-

level analysis technology, executes

suspicious code and analyzes behavior,

provides comprehensive visibility

to malicious acvity while resisng

evasion taccs and maximizing zero-day

threat detecon.

Broad le type analysis — The service

supports analysis of a broad range of

le sizes and types, including executable

programs (PE), DLL, PDFs, MS Oce

documents, archives, JAR and APK, plus

mulple operang systems including

Windows and Android. Administrators

can customize protecon by selecng

or excluding les to be sent to the

cloud for analysis by le type, le size,

sender, recipient or protocol. In addion,

administrators can manually submit les

to the cloud service for analysis.

Blocks unl verdict — To prevent

potenally malicious les from entering

the network, les sent to the cloud

service for analysis can be held at the

gateway unl a verdict is determined.

Rapid deployment of remediaon

signatures — When a le is idened

as malicious, a signature is immediately

available to rewalls with SonicWall

Capture subscripons to prevent follow-

on aacks. In addion, the malware

is submied to the SonicWall Threat

Intelligence Team for further analysis and

inclusion with threat informaon into the

Gateway An-Virus and IPS signature

databases. Addionally, it is sent to URL,

IP and domain reputaon databases

within 48 hours.

For best zero-day threat

protecon, the soluon is

architected to dynamically

add new malware analysis

technologies as the threat

landscape evolves.

The SonicWall Capture reporng page displays daily at a glance results. Colored bars on the

report indicate days where malware was discovered. Administrators have the ability to click on

individual daily results and apply lters to quickly see malicious les with results.

© 2017 SonicWall Inc. ALL RIGHTS RESERVED. SonicWall is a trademark

or registered trademark of SonicWall Inc. and/or its aliates in the U.S.A.

and/or other countries. All other trademarks and registered trademarks

are property of their respecve owners.

SonicWall, Inc.

5455 Great America Parkway | Santa Clara, CA 95054

Refer to our website for addional informaon.

www.sonicwall.com

3

Reporng and alerts — The SonicWall

Capture Service provides an at-a-glance

threat analysis dashboard and reports,

which detail the analysis results for les

sent to the service. including source,

desnaon and a summary plus details

of malware acon once detonated.

Firewall log alerts provide nocaon

of suspicious les sent to the SonicWall

Capture Service, and le analysis verdict.

About Us

SonicWall has been ghng the cyber-

criminal industry for over 25 years,

defending small, medium size businesses

and enterprises worldwide. Our

combinaon of products and partners

has enabled a real-me cyber defense

soluon tuned to the specic needs of

the more than 500,000 global businesses

in over 150 countries, so you can do more

business with less fear.

SUPPORTED PLATFORMS

SonicWall Capture Service is

supported on the following SonicWall

network security appliances running

SonicOS 6.2.6 and higher:

SuperMassive 9600

SuperMassive 9400

SuperMassive 9200

NSA 6600

NSA 5600

NSA 4600

NSA 3600

NSA 2600

TZ600

TZ500 and TZ500 Wireless

TZ400 and TZ400 Wireless

TZ300 and TZ300 Wireless

A detailed analysis report is also available for analyzed les to facilitate remediaon.

DataSheet-AdvancedThreatProtecon-US-VG-28515