Jul 08 2021

Review: SonicWall Cloud Edge Secure Access

With least-privilege access and advanced microsegmentation, SonicWall leverages the principles of zero trust to protect cloud-first organizations.

Businesses of all sizes deal with the problem of nonstop cybersecurity threats. Larger enterprises have an even more difficult time because of the size and complexity of the networks they manage. The stakes are high: The average cost of a data breach is now $3.86 million, according to a recent IBM study. The study found that $137,000 of that number was due to the impact of remote work.

This growing cost per breach is often associated with the push for businesses to create remote workforces amid COVID-19 and to subsequently operate on cloud platforms. The success of 5G, meanwhile, proliferates the number of connected devices. As a result, cloud breaches are predicted to increase for companies of all sizes and in all sectors.

Effective cloud security requires businesses to leverage solutions that offer services for a distributed enterprise and remote workforce. These security platforms must deliver instant and secure access to sites and resources on hybrid clouds, while also providing zero-trust and least-privilege policies that can be segmented by various profiles — down to the device and user level.

Approaching Security as a Service

In my testing, the SonicWall Cloud Edge Secure Access platform proved well-suited to address all of these issues. This cloud-native platform is offered as a service to protect site-to-site and hybrid cloud connectivity to the most popular public cloud platforms, including Amazon Web Services, Microsoft Azure and Google Cloud.

SonicWall Cloud Edge Secure Access not only securely connects remote or onsite users to corporate resources on any cloud platform or multiple cloud platforms, it also further prevents even authorized users from accessing parts of the network where they have no legitimate business.

This prevents the occasional disgruntled employee from making mischief. More important, it eliminates one of the biggest challenges in cloud security: malicious lateral movement by threat actors who do gain access. So, even if a hacker compromises a valid user’s identity, that actor will have severely restricted permissions by default and be under constant scrutiny by the platform.

The platform knows things like where users are accessing the network from, the devices they are using, their historical access records, their authorization levels and the kinds of activity they are attempting to perform. Cloud Edge even leverages microsegmentation to thwart unauthorized lateral movement across clouds. 

Cloud Edge also employs least-privilege protocols. That means awarded permissions are never permanent, and users must be reauthenticated by the platform even when performing previously authorized tasks. This is handled automatically by Cloud Edge and applies to every user interaction.

A final impressive aspect of Cloud Edge is the administration interface. Navigating the complex nature of zero-trust networking protection was relatively easy in testing, with most features handled automatically by the platform with minimal user direction needed.

As businesses move more workloads into more clouds, securing those workloads is increasingly complex. SonicWall delivers the peace of mind that cloud-first organizations need.

SonicWall

Taking the Sting Out of Regulations

For many IT security teams, dealing with audits, often required by regulations, is an expensive and time-consuming challenge. For companies operating both onsite and in the public cloud, these varied topologies add a layer of complexity that further slows the progress of audits.

Poor visibility into cloud infrastructure, applications, users and operations is a big reason for these challenges. Auditing processes in most industries, and for most businesses, entails being able to find, document and report on compliance issues. This includes fixes that are made and proof of the remediation.

SonicWall Cloud Edge Secure Access is built around software-defined perimeter architecture. That means it is designed to address regulatory issues. It decouples the controller, which authenticates users and devices, from the gateways that act as trust brokers. In audits that explore potential breaches in the cloud, this capability is helpful in providing proof of effective security. 

Cloud Edge Secure Access Foiled Wi-Fi Hijackers

SonicWall Cloud Edge Secure Access further distributes the gateways close to end user locations and scales rapidly as needed to maintain peak performance. This separation of functions also stops common cyberthreats, such as distributed denial of service, Slowloris, SYN flood and public Wi-Fi hijacking attacks.

With regard to compliance and public Wi-Fi hijacking, the automatic Wi-Fi security capability of Cloud Edge proactively monitors the environment and automatically activates a secure access connection in all public hotspots. This extra layer of protection stops Wi-Fi interceptions, which often result in data theft as well as compliance violations.

When combined with the other various features, this solution provides complete monitoring and reporting for compliance audits. Cloud Edge can therefore provide regulatory compliance assistance and robust, zero-trust security at the same time.

TRENDnet TI-PG541i

ROBUST: Least-privilege policies for multiple profiles
UNIVERSAL: Security on-premises or in the cloud
INTEGRATED: Site-to-site and hybrid cloud connectivity