FAQ - Capture Security Appliance 1000

12/22/2023 0 People found this article helpful 148,203 Views

Description

What is the total file throughout for CSa 1000?
The appliance supports 14800 files per hour. It is a mix of Reputation lookup, Static analysis, and Dynamic analysis.
What is the reputation and global threat lookup throughput for CSa 1000?
The appliance provides a throughput of 12,000 files per hour for reputation and global threat lookup, ensuring rapid and efficient threat detection and mitigation.
What is the throughput for PE files in CSa 1000?
The appliance has a throughput of 300 files per hour to sandbox Portal Executable files (PE) using our patented RTDMI technology. It facilitates real-time identification and analysis of potential threats to enhance overall network security.
What is the throughput for non-PE files in CSa 1000?
The appliance offers a throughput of 2,500 files per hour for real-world file mix analysis, enabling comprehensive scanning and analysis of various file types to identify potential threats effectively.
What is the maximum file size that CSa 1000 can handle?
The appliance supports files of up to 100 MB in size, allowing for the analysis of relatively large files to ensure comprehensive threat detection and mitigation.
What is the maximum archive scan depth for CSa 1000?
The appliance supports a maximum archive scan depth of 3, enabling thorough scanning and analysis of multiple layers within archived files for enhanced threat detection.
Which SonicWall devices are supported by CSa 1000?
The appliance is compatible with the following SonicWall devices
1. TZ, NSa & SuperMassive (running SonicOS 6.5.4.6/7.0.1 and above)
2. Email Security 10.X
3. NSsp Series
4. NSv Series (7.x and Above)
What types of file formats does the CSa 1000 support for analysis?
The appliance supports a wide array of file types for analysis, including various executable, document, archive, and virtual machine file formats, ensuring comprehensive threat detection across different file types commonly used in business environments. Here is the list of file formats.
- .cpl .dll .drv .exe .elf .ocx .scr .sys .doc .dot .wbk .docx .docm .dotx .dotm .docb .xls .xlt .xlm .xlsx .xlsm .xltx .xltm .xlsb .xla .xlam .xll .xlw .ppt .pot .pps .pptx .pptm .potx .potm .ppam .ppsx .ppsm .sldx .sldm .o .dylib .bundle .dmg .pdf .jar .apk .rar .bz2 .bzip2 .7z .xz .gz .zip
- For the files submitted from the UTM firewall, the file type supported is limited as shown in the screenshot below
What is the data retention period for the CSa 1000?
The appliance offers unrestricted data retention, limited only by the available storage capacity, allowing businesses to retain critical data for as long as needed.
What certifications does the CSa 1000 hold?
The appliance is certified with FIPS 140-2 and ICS, demonstrating its compliance with stringent security standards and regulations to ensure the highest level of data protection and network security.
How does the CSa 1000 handle threat protection?
The appliance utilizes advanced threat intelligence and multi-engine sandboxing technology to proactively identify and mitigate a wide range of cyber threats, including malware, ransomware, and other file-based threats.
How can businesses integrate the CSa 1000 into their existing network infrastructure?
The appliance is designed for easy integration with SonicWall products such as Firewalls, Email security, and Endpoint security products. For Non-SonicWall products, customers can write API-based scripts to integrate their products with CSa 1000.
Does CSA require a reboot for firmware upgrades/patches installed?
For firmware updates reboot is required but for intelligence updates reboot is not required.
How does RTDMI work and how different it is from Traditional Sandbox?
- SonicWall’s RTDMI technology detects and blocks malware that does not exhibit any malicious behavior and hides its weaponry via encryption. By forcing malware to reveal its weaponry into memory, the RTDMI engine proactively detects and blocks mass-market, zero-day threats and unknown malware.
- Modern malware writers implement advanced techniques, including custom encryption, obfuscation, and packing, as well as acting benign within sandbox environments, to allow malicious behavior to remain hidden. These techniques often hide the most sophisticated weaponry, which is only exposed when run dynamically and, in most cases, is impossible to analyze in real-time using static detection techniques.
- SonicWall Capture Labs researchers leveraged a variety of deep-learning techniques to analyze code blocks of hundreds of terabytes of malware and related high-quality metadata of extracted features, and those combined insights resulted in the RTDMI solution.
Where can I download the latest firmware for the CSa 1000?
You can find more details here. How to download the Closed Network Firmware and upgrade the Capture Security Appliance(CSA)?

Not Finding Your Answers?

ASK THE COMMUNITY

Was This Article Helpful?

YES NO

FAQ - Capture Security Appliance 1000

Description

Related Articles

Categories

Not Finding Your Answers?

Was This Article Helpful?

Article Helpful Form

Article Not Helpful Form

Follow Us

Subscribe to newsletter

Stay In Touch