need to know the security benefits of SonicWall

We have a SonicWall TZ600.  A manager wants to know in easy to understand terms what the security benefits the firewall is providing us.  Can someone help me word something that would be understandable?  I am new to SonicWall.  We were using a CISCO ASA.
mkramer777Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Blue Street TechLast KnightCommented:
Hi mkramer777,

There are some fundamental concepts you should know about security:
Security is not a product it is a continuing persistent & rigorous process. What works very well today may not work very well tomorrow because things change...technology changes...threats change...new vulnerabilities spring up, etc.
• There is no panacea!
• One of the better security architectures is a multi-layered one. This means security services should overlap each other (without causing compatibility issues or degradation of performance).

But regardless, you still should select the best defenses you can because although there is no silver bullet if your solution does not have the capabilities required to protect your organization from today's current threat landscape you have effectively moved your company into a not-if-but-when security posture.

SonicWALL, IMO, is going to be your best bet for a number of reasons but here are a few:
1. One of the best affordable machine learning security products on the market today;
2. SonicWALL beats out all other vendors 65-75% of the time in discovering new malware;
3. Their Network Sandbox is unparalleled - they can stop known and unknown threats at the gateway (before they reach the network). It is the first of its kind that blocks until you have a verdict in real-time (speaking of greylisting; obviously whitelists/blacklists don't require a judgement/verdict processing). It implements a full code detonation process and they are the only vendor capable of running RTDMI (Real-Time Deep Memory Inspection), which stops Spectre & Meltdown exploits. It's a revolutionary multi-engine virtual sandbox that processes all engines in parallel. Furthermore, it won CRN product of the year when it had only been release for 2 months unseating other competitors that had been there for far longer.
4. Their DPI-SSL inspection engine - This was a first in the market move as well to sanction MiTM (Man-in-the-Middle) attacks to fully inspect encrypted packets against the full SecStack. With now 72% of the Internet traffic being encrypted if you are not inspecting it you are not running a security baseline defense. Ransomware and numerous attacks & payloads are all fully encrypted.

No other vendor, that I know of, blocks as many attacks currently (2.6 Trillion IPS attacks and 7.2 Billion Malware Attacks).

Other vendors blocking capabilities' don't even come close. For example, last year Fortinet blocked 4,000 Ransomware attacks per day or 1,460,000/yr. SonicWALL blocked 1,747,900 Ransomware attacks per day or 638,000,000/yr. In the same year, SonicWALL blocked as many Ransomware attacks in a single day as Fortinet did for the entire year!

Look at the WannaCry ransomware outbreak: All the NHS sites protect by other vendors, including Sophos & Cisco went down...the SonicWALL protected sites were unaffected because SonicWALL blocked the vulnerabilities 3 weeks in-advanced via IPS.

Here are a few questions to ask potential vendors:
• Can they block Cerber - I highly doubt it! SonicWALL did before it was even known to the world.
• Can they block BadRabbit and how do they?
• Can they they block zero-day outbreaks? Again, I doubt many can. And if they start selling you on not having to patch because of their security advancements - Flags up/don't buy it - its a poor security practice to say so and do so.
• Also, ask if or how they inspect encrypted Internet traffic, especially when now 72% of web sessions are encrypted.

Additionally, compare all these vendors with the amount of vulnerabilities in the CVE & NVD dBs and you will see SonicWALL has one of the best (lowest) counts across the board. Cisco, for example, has many well-known/public backdoors that have been exploited by gov agencies.

Let me know if you have any questions!

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.