- CVE logged nearly 4,000 new vulnerabilities with more than two-thirds of them associated with network attacks.
- Ransomware was spotted as far back as 2005, but rarely seen until its recent return to the world stage as the most popular payload for spam, phishing and exploit campaigns, collecting an estimated of $200 million in ransom payout globally so far. The fear of infections and subsequent business disruptions has forced institutions to begin augmenting their existing defense model to address this threat.
- According to NSS Labs, the malicious use of encryption is rapidly growing and allowing criminals to use it as an effective evasion technique. When encrypted connections are improperly managed and go uninspected, they become defenseless tunnels for concealing malware downloads and command and control (C&C) communication, spreading infections and most serious of all, extracting massive amounts of data.
- In November, the Mirai botnet management framework launched the largest mass-scale distributed denial of service (DDoS) attacks on record, using hundreds of thousands of Linux-based IoT devices that took down a major DNS service provider. IoT-based attack is anticipated to be one of the fastest growing and most prevalent attack vectors in 2017.
- A new breed of exploit kits surfaced leveraging cryptographic algorithms to encrypt and obfuscate landing pages and malicious payloads to spread ransomware at scale more effectively.
Moreover, organizations are quickly embracing new technologies such as cloud and virtualization to advance their digital business ambition. As they embrace these new technology platforms, they find themselves needing to augment their network architecture to meet new data, capacity and connectivity demands.
The biggest question now is what we can do differently in our cyberdefense model to scale performance, secure us from advanced threats and help enable organizations to grow and move securely forward. SonicWall introduces the latest update to its next-generation firewall SonicOS operating system, version 18.104.22.168. Many of new features in the release are focused on three primary outcomes of the firewall system.
1. Enhancing breach prevention capabilities
- Deep packet inspection of SSH (DPI-SSH) to detect and prevent advanced encrypted attacks that leverage SSH, block encrypted malware downloads, cease the spread of infections, and thwart command and control (C&C) communications and data exfiltration
- Threat API platform designed to receive any and all proprietary, OEM and third-party threat intelligence feeds to combat a wide variety of advanced threats such as zero-day, malicious insiders, compromised credentials, ransomware and APTs
- Biometric authentication technology on the user mobile device such as fingerprints that cannot be easily duplicated or shared to securely authenticate the user identity for network access.
- Additional security extensions include granular SSL controls and DPI-SSL of IPv6 encrypted traffic, DNS Proxy to securely control both incoming and outgoing DNS traffic to eliminate any potential DNS cache poisoning, DNS spoofing, and buffer overflow attacks transmitted through DNS commands and more
2. Improving ease of use and management
- Auto-provisioning VPN simplify and reduce complex distributed firewall deployments down to a trivial effort by automating the initial site-to-site VPN gateway provisioning while security and connectivity occurs instantly and automatically. As an added advantage, policy changes are centrally managed and automatically updated on every VPN peer across the WAN environment.
3. Increasing scalability and connectivity
- Dell X-Series Switch extensibility enhanced network security flexibility and scalability that adapts to service-level increases and ensures network services and resources are continuously available and protected when capacity grows without having to upgrade the firewall system.