SonicWall Hard Disk and Compact Flash Wipe and Destruction Process

03/26/2020 1327 17049

DESCRIPTION:

This article outlines SonicWall’s policy regarding handling of volatile memory on SonicWall Firewalls, Continuous Data Protection (CDP), Email Security, Secure Remote Access and Unified Management Appliance products that contain hard disks and/or compact flash memories (“Products”) when they are returned to SonicWall for service or replacement.  All Products returned to SonicWall are wiped of customer data as described below.

RESOLUTION:

Hard disks that fail to operate upon return to factory are destroyed pursuant to the United States National Association for Information Destruction (“NAID”) proscribed process.  Information pertaining to NAID information destruction may be found at http://www.naidonline.org.
 
Hard disks that are functional upon return to factory are wiped using a process that complies with the United States Department of Defense 5220.22-M standard for data sanitization.  This includes, but is not necessarily limited to, the following steps:

1. Overwrite the entire drive with a defined fixed value.
2. Overwrite the entire drive with the complement value of the first overwrite run.
3. Overwrite the entire drive with pseudo random values.
4. Verify drive operation. 
5. Hard drives that fail step number (4) are destroyed.

Compact Flash (CF) cards are wiped using the card manufacturer’s reset feature, which clears all partition tables and resets all data sectors to a defined fixed value.  CF operation is then verified and defective CF cards are destroyed.