graphic image: protection, collection, creation, classificationIn Gartner’s research analysis on “How to Deploy the Most Effective Advanced Persistent Threat Solutions,” the firm says that organizations can benefit from five technical styles of threat prevention to combat increasingly sophisticated malware. The firm advises enterprises to employ at least two of its recommended “Five Styles of Advanced Threat Defense” — Network Traffic Analysis, Network Forensics, Payload Analysis, Endpoint Behavior Analysis and Endpoint Forensics — in order to protect organizations at three crucial levels: the network, payload and endpoint.[1]

Dell SonicWALL’s network security solutions delivers on two of these styles to protect an organization’s data from ever-evolving malware attacks by providing advanced Network Traffic Analysis (Style 1) and sophisticated Payload Analysis (Style 3) via our best-in-class network security solutions. Dell’s Global Response Intelligent Defense (GRID) Network provides comprehensive protection against a multitude of threats, from attacks through mobile devices to traditional malware on PCs that burrows its way into networks.

Before delving further into these styles, it’s important to understand that Dell SonicWALL next-generation firewalls (NGFWs) are unique because of their patented Reassembly-Free Deep Packet Inspection® (RFDPI) engine that scans all network traffic, regardless of port or protocol. This stream-based inspection engine can stop the most advanced attacks, even those that are launched by cyber criminals using the sophisticated evasion techniques.  Dell’s high-performance NGFWs also offer an array of real-time protection capabilities, including on-board countermeasures against entire malware families and a wide variety of software exploits. In addition, our botnet protection service enables us to block connections originating from IP addresses that are known to have bad reputations. Dell NGFW protection is extended further by our cloud-assisted threat prevention technology, which taps into a vast database (14+ million) of malware countermeasures that resides in the Dell SonicWALL GRID Network. 

While there’s a new trend to place sandboxing security products in line with network security appliances, Dell SonicWALL performs similar Payload Analysis (Style 3) via our GRID Network, Dell SonicWALL Threat Center and Dell Security Portal. The GRID Network compiles data on the latest threats through a myriad of sources, including more than one million sensors around the world that monitor traffic for threats and a team of security specialists that gathers threat information from spam caught by our email security products. Suspicious files are also analyzed, verified and classified by the GRID Network’s sandboxing tools and by our in-house threats research team. Countermeasures are then crafted, tested for false positives and then distributed to our customers around the world. The Dell SonicWALL Threat Center monitors global network activity in real time, and our team of experts proactively delivers countermeasures and dynamic updates to combat the latest threats. Finally, the Dell Security Portal gives users the ability to drill down on the location and type of threats in order to get more knowledge to defend their enterprise.

In terms of delivering on the critical need for Network Traffic Analysis (Style 1), Dell SonicWALL’s Application Traffic Analytics and real-time visibility provide detailed insight into network traffic, giving a granular view of what’s going on.

In addition to the various styles of malware protection covered by Gartner’s analysis, organizations should be mindful of other major areas of risk.  Solutions like Dell SonicWALL Secure Mobile Access ensure mobile endpoints used for remote connection are interrogated, deemed secure and are not, for example, ‘rooted’ or ‘jail broken.’ Moreover, managing credentials and identity in a consistent and secure manner is also a critical area of concern and can be addressed with Dell Identity and Access Management solutions. Advanced Persistent Threats are clearly relentless, but Dell Connected Security solutions are equally relentless in protecting our customers.



[1] How To Deploy the Most Effective Advanced Persistent Threat Solutions, Gartner - September 24, 2013