SonicWall Inc. has unveiled a wave of forthcoming products, including its first threat protection solution equipped with technology from endpoint detection and response (EDR) vendor SentinelOne, its first line of virtual firewalls, its first web application firewall, and the first RESTful API for its SonicOS operating system.
All of those offerings are currently in public beta testing and slated to enter general availability in the second quarter of the year.
The new threat protection solution, named Capture Client, integrates SonicWall’s firewalls with SentinelOne’s machine learning-based continuous behavior monitoring functionality, allowing users to block malicious traffic at the firewall in real time.
“Unlike the detection focus of other EDR-equipped solutions, Capture Client delivers the SentinelOne endpoint protection platform, which is focused on prevention, with investigation and hunting tools for detection and response,” said Dmitriy Ayrapetov, Milpitas, Calif.-based SonicWall’s executive director of product management, in lightly-edited remarks emailed to ChannelPro.
Working in tandem with SonicWall firewalls, Capture Client can perform deep packet inspection of encrypted SSL traffic using trusted SSL certificates. It also includes system rollback functionality that allows companies to restore infected endpoints to their pre-breach state.
“[That] reduces a significant number of manual hours applied to recovery from incidents like ransomware outbreaks,” Ayrapetov says.
SonicWall announced an agreement to deliver solutions in partnership with SentinelOne, which is based in Mountain View, Calif., last September.
“The partnership has proven most effective by enabling us to ultimately remove complexity from business environments with the best of firewall and endpoint in a common platform,” Ayrapetov says.
SonicWall NSv, the vendor’s new virtual firewall service, provides the same deep packet inspection, security control, and networking functionality as SonicWall’s physical firewalls in a software-based form factor, enabling businesses to extend automated breach detection and prevention into private and public cloud environments.
SonicWall plans to deliver the solution in a variety SKUs spanning entry-level, mid-range, and high-end use cases. A shared cloud management console will enable technicians to administer physical and virtual firewalls through a single interface.
Like NSv, SonicWall’s web application firewall is also software-defined, and delivered as a stand-alone solution.
“The SonicWall WAF is not just a feature additionally available with next-generation firewalls,” Ayrapetov says. “It is delivered as a dedicated virtual appliance to maximize throughput and efficacy.”
Powered by multiple deep packet inspection engines and informed by real-time threat intelligence from SonicWall’s Capture Labs research unit, the new product is designed to block denial-of-service attacks, context-aware exploits, and other unwanted web traffic before it can connect with web applications. It includes performance-enhancing application delivery functionality, including load balancing, SSL offloading, and WAN acceleration, as well.
The new version of SonicOS introduced today is the operating system’s first significant update since version 6.5 reached market last September. SonicWall described that release, which included a completely re-designed interface as well as new wireless security and connectivity features, as one of the most significant in the product’s history.
Version 6.5.1 adds a new API that lets users and third-party management, ticketing, and orchestration platforms automate configuration functions, turning SonicWall firewalls into core elements of a programmable security fabric.