DataCenterNews Asia Pacific - Specialist news for cloud & data center decision-makers
Asia
Guides
#
disaster recovery
#
multi-cloud
#
power / energy
#
software defined wide area network
#
storage
Search
#
Firewalls
#
Hybrid Cloud
#
Network Security

Video: 10 Minute IT Jams - The latest update from Sonicwall

Wed, 8th Mar 2023
FYI, this story is more than a year old
Author image
By Tom Raynel, Managing Editor

Zero trust is the future of cybersecurity. This was the message from Josh Joseph, Senior Solutions Engineer at SonicWALL, as he explained how companies are managing security in an increasingly hybrid working environment.

Speaking on 10 Minute IG Gems, Joseph outlined the evolving challenges of data protection as more businesses migrate to the cloud or combine cloud, hybrid, and traditional IT environments. "SonicWALL helps its customers build, scale and manage security across cloud, hybrid and traditional environments, letting customers evolve their secure cloud adoption at their own pace," he said.

But how does zero trust fit into this changing landscape?

"Zero trust is nothing but a security model formed on the principle never trust but always verify," Joseph explained. "What it typically means is, be it an external guest or an internal employee, anybody who's trying to access a certain resource needs to be verified, and that has to be done continuously."

Zero trust security, or ZTNA (Zero Trust Network Access), is emerging as a key IT solution for organisations looking to provide secure access to company resources, data, or applications. It works through "clearly defined, granular access control policy", Joseph said, meaning every user and device must be identified, authenticated, and authorised each time they attempt to connect.

For companies looking to transition their businesses to ZTNA, Joseph suggested they must move on from the "traditional perimeter approach to a more data- and user-centric approach". In practical terms, that means businesses need to pay close attention to who their users are, what access they require on a need-to-know basis, which resources they're trying to access, and - crucially - what device they are connecting from. "If that device they're connecting from is an organisation-approved device or not, and if it falls under the company's compliant policies - these are some of the factors," he said.

The goals driving enterprises towards zero trust frameworks are clear, Joseph argued: "The primary focus of a zero trust network access for any organisation would be based on five pillars - identifying the device, user, network, application workloads and data." SonicWALL's own solutions allow organisations to enforce zero trust network access with "complete ease", he added. Once applications or data - whether on-premise or in the cloud - are connected to SonicWALL's point of presence, integration with multi-factor authentication and single sign-on adds additional layers of security. Users are then "continuously authenticated, audited in order to verify the user's identity and also what kind of device they are connecting from", with network connectivity allowed only after strict verification.

SonicWALL offers two main solutions in this space. The first is its flagship product, SMA, which integrates the zero trust security model for "granular access control by verifying who needs to access what resources and from what device they are connecting from", Joseph said. The second, launched in 2020, is the cloud-native Secure Access platform, which is designed for businesses with distributed infrastructures. "It is a 100% cloud-native architecture solution with over 30 plus points of presence globally," he explained. "Your users could be sitting anywhere - some people in the US, Australia, India - and organisations will have their data in different locations as well."

One of the biggest concerns among businesses is whether zero trust really offers a security advantage over more familiar solutions, such as VPNs, especially with more employees now working remotely. Joseph did not mince words about VPN shortcomings. "One of the major problems with VPNs is that VPN normally backhauls user traffic when a user is trying to access a corporate data centre and thus it slows down internet performance," he said. Such setups also provide "very little visibility" for organisations with multiple cloud data centres, and "traditional VPN solutions do not offer a device posture check", leaving companies with higher risks of data leaks when device identity checks are not enforced.

Turning to endpoint security, Joseph was keen to clarify what Endpoint Detection and Response (EDR) really means. "EDR is nothing but it's a next-generation antivirus," he said. "It's an endpoint security solution which continuously monitors your endpoints to detect and also respond to any cyber threats." EDR solutions analyse events occurring on devices such as laptops and desktops, identify suspicious activity, generate alerts, and help organisations investigate and remediate these issues.

SonicWALL's EDR offering, Capture Client, is designed to give administrators deep insight and control. The system allows threat hunting and can "kill or quarantine as necessary", Joseph said, and features "rollback for an endpoint in case there was an infection or a compromise to a previous non-cut state".

In choosing an EDR solution, Joseph recommended that organisations look for four core capabilities: continuous monitoring and data collection across endpoints, threat pattern analysis, automatic response to contain threats (rather than requiring manual action as with traditional antivirus), and embedded forensic tools for deeper analysis and threat hunting.

SonicWALL's Capture Client is "capable of providing continuous behaviour monitoring which leverages cloud intelligence" and uses both static and dynamic analysis for behavioural protection. The solution also includes "web filtering" to help organisations block access to millions of known malicious URLs and prevent phishing attacks or malicious downloads, with policies managed centrally.

Integration remains a key consideration, particularly as organisations use a mix of security products. Joseph was clear that SonicWALL's solution is designed to play well with others. "With integration, you can integrate Capture Client with our SonicWALL firewalls. We also have open APIs to support integration with any third-party platform," he said. The system supports integration with security incident and event management tools, as well as popular remote monitoring and management platforms, he added.

As the interview concluded, Joseph reflected on the mission behind SonicWALL's work: "It's been great to learn more about SonicWALL and what we're doing to make life easier for our customers," he said. "Absolutely a pleasure - thanks for the invite."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Nutanix & Pure Storage partner for scalable virtual workloads
Radware & SUSE launch integrated Kubernetes security for edge
Hyundai deploys HCloud in global Equinix centres for car services
Businesses turn to quantum AI despite high costs & confusion
HPE unveils enhanced AI-powered security for cloud & network
Top stories
Hitachi Vantara details gains in energy efficiency & carbon cuts
Astrikos.Ai appoints four senior leaders to drive global growth
Nutanix & Pure Storage team up for flexible virtual workloads
Hyundai Motor rolls out HCloud platform for 10 million users
Teradata links with ServiceNow to boost AI agents & analytics