Sonicwall Capture Advanced Threat Protection Service Datasheet 108060
User Manual:
Open the PDF directly: View PDF .
Page Count: 3

SonicWall® CAPTURE ADVANCED
THREAT PROTECTION SERVICE
Discover and stop zero-day and other unknown aacks
For eecve zero-day threat protecon,
organizaons need soluons that include
malware-analysis technologies and can
detect evasive advanced threats and
malware — today and tomorrow.
To protect customers against the
increasing dangers of zero-day threats,
SonicWall Capture Advanced Threat
Protecon Service — a cloud-based
service available with SonicWall
rewalls — detects and and can block
advanced threats at the gateway
unl verdict. This service is the only
advanced-threat-detecon oering
that combines mul-layer sandboxing,
including full system emulaon and
virtualizaon techniques, to analyze
suspicious code behavior. This powerful
combinaon detects more threats than
single-engine sandbox soluons, which
are compute-environment specic and
suscepble to evasion.
The soluon scans trac and extracts
suspicious code for analysis, but unlike
other gateway soluons, analyzes a broad
range of le sizes and types. Global-
threat intelligence infrastructure rapidly
deploys remediaon signatures for newly
idened threats to all SonicWall network
security appliances, thus prevenng
further inltraon. Customers benet
from high-security eecveness, fast
response mes and reduced total cost
of ownership.
A cloud-based, mul-engine soluon for stopping unknown and zero-day aacks at the gateway
Benets:
• High security eecveness
against unknown threats
• Near real-me signature deployment
protects from follow on aacks
• Reduced total cost of ownership
Network an-virus
Cloud an-virus
Botnet filtering
URL filtering
Intrusion prevenon
Mul-engine SonicWall
Capture cloud
SSL decrypon
Sandbox
Filtered traffic
Judgment
Grey listed files
Traffic

2
Features
Mul-engine advanced threat analysis —
SonicWall Capture Service extends
rewall threat protecon to detect
and prevent zero-day aacks. The
rewall inspects trac, and detects and
blocks intrusions and known malware.
Suspicious les are sent to the SonicWall
Capture cloud service for analysis.
The mul-engine sandbox plaorm,
which includes virtualized sandboxing,
full system emulaon and hypervisor-
level analysis technology, executes
suspicious code and analyzes behavior,
provides comprehensive visibility
to malicious acvity while resisng
evasion taccs and maximizing zero-day
threat detecon.
Broad le type analysis — The service
supports analysis of a broad range of
le sizes and types, including executable
programs (PE), DLL, PDFs, MS Oce
documents, archives, JAR and APK, plus
mulple operang systems including
Windows and Android. Administrators
can customize protecon by selecng
or excluding les to be sent to the
cloud for analysis by le type, le size,
sender, recipient or protocol. In addion,
administrators can manually submit les
to the cloud service for analysis.
Blocks unl verdict — To prevent
potenally malicious les from entering
the network, les sent to the cloud
service for analysis can be held at the
gateway unl a verdict is determined.
Rapid deployment of remediaon
signatures — When a le is idened
as malicious, a signature is immediately
available to rewalls with SonicWall
Capture subscripons to prevent follow-
on aacks. In addion, the malware
is submied to the SonicWall Threat
Intelligence Team for further analysis and
inclusion with threat informaon into the
Gateway An-Virus and IPS signature
databases. Addionally, it is sent to URL,
IP and domain reputaon databases
within 48 hours.
For best zero-day threat
protecon, the soluon is
architected to dynamically
add new malware analysis
technologies as the threat
landscape evolves.
The SonicWall Capture reporng page displays daily at a glance results. Colored bars on the
report indicate days where malware was discovered. Administrators have the ability to click on
individual daily results and apply lters to quickly see malicious les with results.

© 2017 SonicWall Inc. ALL RIGHTS RESERVED. SonicWall is a trademark
or registered trademark of SonicWall Inc. and/or its aliates in the U.S.A.
and/or other countries. All other trademarks and registered trademarks
are property of their respecve owners.
SonicWall, Inc.
5455 Great America Parkway | Santa Clara, CA 95054
Refer to our website for addional informaon.
www.sonicwall.com
3
Reporng and alerts — The SonicWall
Capture Service provides an at-a-glance
threat analysis dashboard and reports,
which detail the analysis results for les
sent to the service. including source,
desnaon and a summary plus details
of malware acon once detonated.
Firewall log alerts provide nocaon
of suspicious les sent to the SonicWall
Capture Service, and le analysis verdict.
About Us
SonicWall has been ghng the cyber-
criminal industry for over 25 years,
defending small, medium size businesses
and enterprises worldwide. Our
combinaon of products and partners
has enabled a real-me cyber defense
soluon tuned to the specic needs of
the more than 500,000 global businesses
in over 150 countries, so you can do more
business with less fear.
SUPPORTED PLATFORMS
SonicWall Capture Service is
supported on the following SonicWall
network security appliances running
SonicOS 6.2.6 and higher:
SuperMassive 9600
SuperMassive 9400
SuperMassive 9200
NSA 6600
NSA 5600
NSA 4600
NSA 3600
NSA 2600
TZ600
TZ500 and TZ500 Wireless
TZ400 and TZ400 Wireless
TZ300 and TZ300 Wireless
A detailed analysis report is also available for analyzed les to facilitate remediaon.
DataSheet-AdvancedThreatProtecon-US-VG-28515