- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
Product Notifications
Recent Notifications
Notifications by Category
May 2022
05/17/2022
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Command as a 'root' user which potentially leads to remote command execution vulnerability or denial of service (DoS) attack. NOTE: SMA 1000 series products are not affected by this vulnerability. AFFECTED PRODUCT(S)SMA100 series firmware 10.2.1.4-31sv and earlier versions.SMA100 series firmware 10.2.0.9-41sv and earlier versions.CPE(S) WORKAROUNDNoneFIXED SOFTWARESMA100 series firmware
April 2022
04/25/2022
Effective December 20, 2020, EN 60950-1:2006 was withdrawn and EN 62368-1:2014 is the replacement standard for the presumption of conformity with Directive 2014/35/EU (Low Voltage Directive or LVD), which applies to SonicWall POE switches in European Union (EU) countries and was also adopted by the United Kingdom (UK). The scope of this impact is as follows:Certain SonicWall POE switches placed in the EU and UK markets after December 19, 2020, may not be compliant with EN 62368-1:2014. Further action is required for these appliances.All SonicWa
04/21/2022
UPDATED: 3 p.m. EST, Jan. 22On January 20, 2022, at around 9.30 p.m. (U.S. EST), SonicWall started to receive reports that some SonicOS 7.0 firewall users were experiencing service disruptions in the form of reboot loops or connectivity issues.CauseCertain firewalls running SonicOS 7.0 were not able to correctly process the signature update published on Jan. 20. During signature update parsing by one of the components within SonicOS, a corner case error condition led to a restart or connectivity disruption. Firewalls are designed to fetch new s
February 2022
02/02/2022
Feb. 2 Update: An earlier version of this article indicated that firmware 9.0.0.10 would be compatibile with end-of-support (EOS) SRA models. Additional investigation has found that the supported 9.0.0.10 firmware and the unsupported SRA models are incompatible. The last SRA models reached EOS status in 2019 and are no longer supported per Terms of Service.SonicWall is aware of a vulnerability, reported by CrowdStrike, impacting end-of-support Secure Remote Access (SRA) products, specifically the SRA 4600 running an old version of firmware (9.0
January 2022
01/07/2022
Starting January 1, 2022, SonicWall Email Security products began experiencing an issue causing junk box and message log updates to fail. Administrators and email users will face the following two issues:Inability to access junk box or un-junk new emailsInability to trace the incoming/outgoing emails through message logsSonicWall customers using the following Email Security or firewall products should make note of the below updates:Hosted Email Security: FULLY PATCHED – The fix was deployed in North America and Europe instances on Jan. 2. No ac
October 2021
10/28/2021
What is the vulnerability?A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains. The following SonicWall products are impacted by this non-critical vulnerability:PlatformsImpacted VersionTZ, NSa (GEN7)7.0.1-R1262 and olderNSv (Virtual GEN7)7.0.1-R1283 and olderNSsp (GEN7)7.0.1-R579 and olderNSa, TZ, SOHO W, SuperMassive 92xx/94xx/96xx (GEN6+)6.5.4.7 and olderNSsp 12K, SuperMassive 98006.5.1.12 and olderSuperMassive 10K6.0.5.3-94o and olderNSv (Virtu
September 2021
09/24/2021
Security Notice: Critical Arbitrary File Delete Vulnerability in SonicWall SMA 100 Series Appliances
A critical vulnerability (CVSS 9.1) in SMA 100 series appliances, which includes SMA 200, 210, 400, 410 and 500v, could potentially allow a remote unauthenticated attacker the ability to delete arbitrary files from a SMA 100 series appliance and potentially gain administrator access to the device.The vulnerability (SNWLID-2021-0021) is due to an improper limitation of a file path to a restricted directory potentially leading to arbitrary file deletion as ‘nobody.’There is no evidence that this vulnerability is being exploited in the wild.SonicW
August 2021
08/10/2021
Some versions of SonicWall Analytics On-Prem contain a critical (CVSSv3 9.8) Java Debug Wire Protocol (JWDP) service vulnerability that potentially can be leveraged by a remote, unprivileged user to execute arbitrary code within the system.SonicWall PSIRT is not aware of active exploitation in the wild.ImpactThe vulnerability allows for unauthenticated remote exploitation. Deployment of SonicWall Analytics 2.5 and earlier are ‘on-prem’ and should be in a secure network segmentation not exposed to the internet. Temporary MitigationsUntil the bel
July 2021
07/15/2021
Through the course of collaboration with trusted third parties, including Mandiant, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware in an imminent ransomware campaign using stolen credentials. The exploitation targets a known vulnerability that has been patched in newer versions of firmware.SonicWall PSIRT strongly suggests that organizations still using 8.x firmware review the information below an
07/08/2021
Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP Protocol allows an attacker to cause a crash or potentially read sensitive information from the memory locations.OverviewSonicWall Switches running certain versions of impacted firmware may contain a vulnerability that could be leveraged for an OOB (Out-Of-Bounds) read by sending a specially crafted LLDP packet.ImpactOut-of-bounds Read allow attackers to cause a SonicWall switch crash or potentially read sensitive information from other memory locations. A crash can
June 2021
06/22/2021
SonicWall physical and virtual firewalls running certain versions of SonicOS may contain a vulnerability where the HTTP server response leaks partial memory. This can potentially lead to an internal sensitive data disclosure vulnerability.At this time, there is no indication that the discovered vulnerability is being exploited in the wild.RESOLUTIONSonicWall strongly advises customers apply the respective SonicOS patch immediately. After reviewing this security advisory, please go to MySonicWall and download the appropriate SonicOS patch releas
06/15/2021
UPDATE: June 15, 2021 | 10 a.m. PDTAdditional analysis confirms that one of the requirements for the vulnerability to be triggered is that the potential attack must come from the same origin IP as the active management session. That requires the admin to either have their machine compromised, or the attacker and the admin reside on the same remote network. Both of these scenarios are exceptionally unlikely. While we have yet to see this vulnerability exploited in the wild, SonicWall still recommends the upgrade for all impacted users.June 14, 2
May 2021
05/27/2021
May 27, 2021, 11:30 a.m. PDT.SonicWall has validated and patched a post-authentication vulnerability (SNWLID-2021-0014) within the on-premises version of Network Security Manager (NSM). This vulnerability only impacts on-premises NSM deployments. SaaS versions of NSM are not affected.This critical vulnerability potentially allows a user to execute commands on a device’s operating system with the highest system privileges (root).SonicWall customers using the on-premises NSM versions outlined below should upgrade to the respective patched version
05/20/2021
Update: May 20, 2021. 10 a.m. PDT.SonicWall engineering has completed the fix to remove duplicate client entries for all tenants that are not using static groups within Capture Client 3.6. If you are such a customer and still have issues, please contact SonicWall Technical Support.IssueActionsStatusSlowness, longer-than-normal load times or timeout errors while working within the Capture Client 3.6 management console.Performance improvements applied by SonicWall on May 19, 2021.ResolvedInstances of clients displaying an “Unlicensed” status or d
April 2021
04/29/2021
Update: April 29, 2021, 12:30 P.M. CSTSonicWall is announcing the availability of new firmware versions for both 10.x and 9.x code on the SMA 100 series products, comprised of SMA 200, 210, 400, 410 physical appliances and the SMA 500v virtual appliance.Upgrade StepsAll organizations using SMA 10.x or SMA 9.x firmware should immediately implement the following:Upgrade to the latest SMA 100 series firmware available from www.mysonicwall.com.SMA 100 series 10.x customers should upgrade to 10.2.0.7-34sv firmware.SMA 100 series 9.x customers should
04/20/2021
Through the course of standard collaboration and testing, SonicWall has verified, tested and published patches to mitigate three zero-day vulnerabilities to its hosted and on-premises email security products.In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild.’ It is imperative that organizations using SonicWall Email Security hardware appliances, virtual appliances or software installation on Microsoft Windows Server immediately upgrade to the respective SonicWall Email Security version listed belo
March 2021
03/08/2021
SonicWall will be updating IP addresses for the Hosted Email Security (HES) platform in North America. NOTE: HES for Europe does not need to update IPs.Network administrators will need to update access rules to allow for the following HES subnets:173.240.210.0/24173.240.213.0/24173.240.214.0/24204.212.170.0/24The subnets can also be found in the HES FAQ KB article and firewall settings.HES FAQ KB article: https://www.sonicwall.com/support/knowledge-base/sonicwall-hosted-email-security-faq/170504903060180/Firewall rules for HES: https
January 2021
01/15/2021
Updated January 15, 2021The U.S. Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) have confirmed that malicious threat actors have been and are actively exploiting vulnerabilities in SolarWinds Orion products, specifically affecting versions 2019.4 through 2020.2 HF1. These malware variants are capable of transferring data, file execution, system profiling, rebooting and more.Both SolarWinds and the CISA strongly suggest that organizations using SolarWinds Orion verify the version they’re run
October 2020
10/28/2020
The SonicWall Product Security Incident Response Team (PSIRT) collaborated with a third-party research firm to test, confirm and correct discovered vulnerabilities related to physical and virtual SonicWall next-generation firewall appliances. These findings included:In some cases, vulnerabilities allowed remote attackers to cause Denial of Service (DoS) attacks against a firewall, which may lead to an appliance crash.In some cases, there existed a cross-site scripting (XSS) vulnerability in the firewall's SSL-VPN portal as well as possible user
10/28/2020
Knowledge BaseHow Do I Configure The SSL-VPN Feature For Use With NetExtender Or Mobile Connect?How Can I Enable Port Forwarding And Allow Access To A Server Through The SonicWall?How Can I Configure WAN GroupVPN For Connecting With Global VPN Client?How Can I Setup SSL-VPN?L2TP VPN Configuration On Mac OS XPornographic Websites Not Blocked Due To "Not Rated" CategorizationHow Do I Recover Or Reset The Administrator Password For A SonicWall Firewall Appliance?How To Configure High Availability (HA)SSL VPN Client Is Connected And Authenticated B
Product Categories
Analyzer
06/04/2020
As previously announced, SonicWall Analyzer 8.5 reached “End of Support” on the 24 April, 2020.Please see the SonicWall Analyzer product Lifecycle page: https://www.SonicWall.com/support/product-Lifecycle-tables/SonicWall-analyzer/software/.As the Analyzer license is perpetual and hence does not expire, customers can continue to use Analyzer. However, since 24 April 2020, any new cases logged will not be supported. This includes patches, bug fixes and new feature updates.SonicWall On-premise Analytics 2.5 is the replacement
Email Security
01/07/2022
Starting January 1, 2022, SonicWall Email Security products began experiencing an issue causing junk box and message log updates to fail. Administrators and email users will face the following two issues:Inability to access junk box or un-junk new emailsInability to trace the incoming/outgoing emails through message logsSonicWall customers using the following Email Security or firewall products should make note of the below updates:Hosted Email Security: FULLY PATCHED – The fix was deployed in North America and Europe instances on Jan. 2. No ac
GMS
03/26/2020
SonicWall will discontinue support for Infobright MYSQL reporting database in GMS/Analyzer on November 30, 2018 All GMS/Analyzer customers using Infobright MYSQL reporting database must migrate from Infobright MYSQL reporting database to PostGres reporting database on or before November 30, 2018 to continue availing support services on GMS/Analyzer reporting.SonicWall will continue supporting PostGres reporting database in GMS/Analyzer. Please refer the to the following knowledge base article for more details: GMS Upgrade Matrix and Considerati
12/20/2019
The disclosure by Palo Alto Networks Unit 42 is not a vulnerability to the current SonicWall Global Management System (GMS). The issue referenced only affects older versions of the GMS software (versions 8.1 or earlier; no longer supported). GMS 8.1 was replaced by version 8.2 in December 2016. Customers and partners running GMS 8.2 and newer are not vulnerable. SonicWall and the Capture Labs threat research team continuously update its products to provide industry-leading protection against the latest security threats, so it is crucial that cu
NSA Series
03/26/2020
Active Retirement Mode Announcement SonicWall is initiating the Active Retirement Mode (ARM) notification for the SonicWall NSA E6500. Active Retirement Mode is the second phase of the SonicWall End of Life process outlined at the end of this document. During this phase SonicWall will no longer actively manufacture or sell the products listed below. In addition, SonicWall may release a limited number of new features and will issue bug fixes only to the latest version of firmware available for the device After the ARM phase ha
03/26/2020
SonicWall previously announced that the SonicWall Enforced Client offerings (both McAfee and Kaspersky) are End of Life (EOL) and no longer available for purchase starting April 2018. McAfee also previously announced an EOL for the endpoint technology that was used; with Kaspersky it was a strategic decision to no longer sell the product due to government concerns raised by the product around data privacy. SonicWall now announces the End of Support dates for SonicWall Enforced Client as follows: January 11th 2019 – Limited Support for SonicWal
12/20/2019
What Is Bad Rabbit Ransomware? On Tuesday, Oct. 24, a new strand of ransomware named Bad Rabbit appeared in Russia and the Ukraine and spread throughout the day. It first was found after attacking Russian media outlets and large organizations in the Ukraine. The initial installer masquerades as a Flash update. Interestingly, this malware contains a list of hardcoded Windows credentials, most likely to brute force entry into devices on the network, according to SonicWall Capture Labs Threat researchers. Are SonicWall Customers Prote
12/20/2019
Active Retirement Mode AnnouncementDell SonicWALL is initiating the Active Retirement Mode (ARM) notification for the Dell SonicWALL NSA 220 series. Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below. In addition, Dell SonicWALL may release a limited number of new features and will issue bug fixes only to the latest version of firmware available for the
12/20/2019
SonicWall has received notification of a tech scam that involves entities posing as authorized SonicWall partners, often to gain access to the systems or computers of individual consumers and small businesses. SonicWall has confirmed that these parties are not authorized SonicWall distributors or partners, and that they are using non-standard approaches like requesting access to an end user’s computer, asking end users download files onto their device or demand sensitive personal or financial information. SonicWall sells its network security so
12/20/2019
SonicWall - Last Day Order Announcement for SonicWall NSA 250M Wireless Model Last day Order Announcement SonicWall is initiating the Last Day Order (LDO) notification for the SonicWall NSA 250M Wireless. Last Day Order is the first phase of the SonicWall End of Life process outlined at the end of this document. During this phase, authorized SonicWall partners and distributors may purchase NSA 250M Wireless hardware SKUs from SonicWall. After the LDO phase has ended, SonicWall will no longer accept orders for the SKU
12/20/2019
The Sonicwall Capture Labs Threats Research team have come across a variant of the DesuCrypt ransomware called InsaneCrypt. This variant uses RC4 encryption and encrypts files immediately upon execution. Unlike earlier ransomware, there are no threatening countdown timers and ransom payments amounts immediately presented to the victim. Instead, as is the growing trend with most ransomware today, the victim must communicate with the operator via email for further instructions. Detected as: InsaneCrypt.RSM InsaneCrypt.RSM_2 BTC
NSA SeriesTZ Series
12/20/2019
This week, the SonicWall Capture Labs Threat Research Team has received reports of unsolicited emails that came with a link to download a fake UPS shipping label creator which dropped a malicious jar file only to install a RAT. Sonicwall Capture Labs provides protection against this threat with the following signatures: GAV: Java.Fake.UPS (Trojan) GAV: Jrat.A (Trojan) Full details about this threat can be found on our Security Center. Follow us on Twitter for real time threat updates: https://twitter.com/SonicWall
NSa Series
10/28/2021
What is the vulnerability?A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains. The following SonicWall products are impacted by this non-critical vulnerability:PlatformsImpacted VersionTZ, NSa (GEN7)7.0.1-R1262 and olderNSv (Virtual GEN7)7.0.1-R1283 and olderNSsp (GEN7)7.0.1-R579 and olderNSa, TZ, SOHO W, SuperMassive 92xx/94xx/96xx (GEN6+)6.5.4.7 and olderNSsp 12K, SuperMassive 98006.5.1.12 and olderSuperMassive 10K6.0.5.3-94o and olderNSv (Virtu
Secure Mobile Access
02/02/2022
Feb. 2 Update: An earlier version of this article indicated that firmware 9.0.0.10 would be compatibile with end-of-support (EOS) SRA models. Additional investigation has found that the supported 9.0.0.10 firmware and the unsupported SRA models are incompatible. The last SRA models reached EOS status in 2019 and are no longer supported per Terms of Service.SonicWall is aware of a vulnerability, reported by CrowdStrike, impacting end-of-support Secure Remote Access (SRA) products, specifically the SRA 4600 running an old version of firmware (9.0
07/15/2021
Through the course of collaboration with trusted third parties, including Mandiant, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware in an imminent ransomware campaign using stolen credentials. The exploitation targets a known vulnerability that has been patched in newer versions of firmware.SonicWall PSIRT strongly suggests that organizations still using 8.x firmware review the information below an
12/20/2019
On February 8, 2018, a SMA WAF signature update was pushed to all customers that have enabled WAF on the SonicWall Secure Mobile Access appliance. This is a typical occurrence, however, two signatures displayed a negative impact on ActiveSync connections, commonly associated with webmail. Upon discovery, SonicWall initiated the process to retract the update until the offending signatures have been corrected. If you are negatively impacted by this update please perform the provided workaround until the signatures are automatically corrected: Nav
12/20/2019
The SMA 1000 and SMA 100 series depend on device ID's to apply End Point Control (EPC) policies to end users. Device ID's are generated at the time an end user connects to an SMA appliance using Mobile Connect. Recently Apple has changed security guidelines for third party apps. Apps can no longer pull or use device hardware ID's due to privacy concerns (https://developer.apple.com/reference/uikit/uidevice/1620059-identifierforvendor). Because of this recent change end users with Mobile Connect 5 may no longer recieve correct EPC policies. Any
SonicPoint Series
12/20/2019
On October 16, 2017 security researchers made public earlier findings in which they demonstrated fundamental design flaws in WPA2 that could theoretically lead to man-in-the-middle (MITM) attacks using key reinstallation attacks (KRACKs). Exploiting the vulnerability could enable cyber criminals to steal confidential information such as email, credit card numbers, passwords and more. The WPA2 design flaws are protocol vulnerabilities and are not implementation specific. Both wireless access points and wireless clients are susceptible. Details o
12/20/2019
On January 4th, 2018 security researchers made public earlier findings on two processor vulnerabilities known as Spectre and Meltdown. Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. So far, we are tracking and providing updates on the following three known variants of the issue: Variant 1: bounds check bypass (CVE-2017-5753) Variant 2: branch target injection (CVE-2017-5715) Variant 3: rogue data cache load (CVE-2017-575
Support Alert
05/17/2022
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Command as a 'root' user which potentially leads to remote command execution vulnerability or denial of service (DoS) attack. NOTE: SMA 1000 series products are not affected by this vulnerability. AFFECTED PRODUCT(S)SMA100 series firmware 10.2.1.4-31sv and earlier versions.SMA100 series firmware 10.2.0.9-41sv and earlier versions.CPE(S) WORKAROUNDNoneFIXED SOFTWARESMA100 series firmware
03/08/2021
SonicWall will be updating IP addresses for the Hosted Email Security (HES) platform in North America. NOTE: HES for Europe does not need to update IPs.Network administrators will need to update access rules to allow for the following HES subnets:173.240.210.0/24173.240.213.0/24173.240.214.0/24204.212.170.0/24The subnets can also be found in the HES FAQ KB article and firewall settings.HES FAQ KB article: https://www.sonicwall.com/support/knowledge-base/sonicwall-hosted-email-security-faq/170504903060180/Firewall rules for HES: https
08/10/2021
Some versions of SonicWall Analytics On-Prem contain a critical (CVSSv3 9.8) Java Debug Wire Protocol (JWDP) service vulnerability that potentially can be leveraged by a remote, unprivileged user to execute arbitrary code within the system.SonicWall PSIRT is not aware of active exploitation in the wild.ImpactThe vulnerability allows for unauthenticated remote exploitation. Deployment of SonicWall Analytics 2.5 and earlier are ‘on-prem’ and should be in a secure network segmentation not exposed to the internet. Temporary MitigationsUntil the bel
05/20/2021
Update: May 20, 2021. 10 a.m. PDT.SonicWall engineering has completed the fix to remove duplicate client entries for all tenants that are not using static groups within Capture Client 3.6. If you are such a customer and still have issues, please contact SonicWall Technical Support.IssueActionsStatusSlowness, longer-than-normal load times or timeout errors while working within the Capture Client 3.6 management console.Performance improvements applied by SonicWall on May 19, 2021.ResolvedInstances of clients displaying an “Unlicensed” status or d
05/27/2021
May 27, 2021, 11:30 a.m. PDT.SonicWall has validated and patched a post-authentication vulnerability (SNWLID-2021-0014) within the on-premises version of Network Security Manager (NSM). This vulnerability only impacts on-premises NSM deployments. SaaS versions of NSM are not affected.This critical vulnerability potentially allows a user to execute commands on a device’s operating system with the highest system privileges (root).SonicWall customers using the on-premises NSM versions outlined below should upgrade to the respective patched version
07/08/2021
Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP Protocol allows an attacker to cause a crash or potentially read sensitive information from the memory locations.OverviewSonicWall Switches running certain versions of impacted firmware may contain a vulnerability that could be leveraged for an OOB (Out-Of-Bounds) read by sending a specially crafted LLDP packet.ImpactOut-of-bounds Read allow attackers to cause a SonicWall switch crash or potentially read sensitive information from other memory locations. A crash can
04/20/2021
Through the course of standard collaboration and testing, SonicWall has verified, tested and published patches to mitigate three zero-day vulnerabilities to its hosted and on-premises email security products.In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild.’ It is imperative that organizations using SonicWall Email Security hardware appliances, virtual appliances or software installation on Microsoft Windows Server immediately upgrade to the respective SonicWall Email Security version listed belo
04/29/2021
Update: April 29, 2021, 12:30 P.M. CSTSonicWall is announcing the availability of new firmware versions for both 10.x and 9.x code on the SMA 100 series products, comprised of SMA 200, 210, 400, 410 physical appliances and the SMA 500v virtual appliance.Upgrade StepsAll organizations using SMA 10.x or SMA 9.x firmware should immediately implement the following:Upgrade to the latest SMA 100 series firmware available from www.mysonicwall.com.SMA 100 series 10.x customers should upgrade to 10.2.0.7-34sv firmware.SMA 100 series 9.x customers should
06/15/2021
UPDATE: June 15, 2021 | 10 a.m. PDTAdditional analysis confirms that one of the requirements for the vulnerability to be triggered is that the potential attack must come from the same origin IP as the active management session. That requires the admin to either have their machine compromised, or the attacker and the admin reside on the same remote network. Both of these scenarios are exceptionally unlikely. While we have yet to see this vulnerability exploited in the wild, SonicWall still recommends the upgrade for all impacted users.June 14, 2
06/22/2021
SonicWall physical and virtual firewalls running certain versions of SonicOS may contain a vulnerability where the HTTP server response leaks partial memory. This can potentially lead to an internal sensitive data disclosure vulnerability.At this time, there is no indication that the discovered vulnerability is being exploited in the wild.RESOLUTIONSonicWall strongly advises customers apply the respective SonicOS patch immediately. After reviewing this security advisory, please go to MySonicWall and download the appropriate SonicOS patch releas
09/24/2021
Security Notice: Critical Arbitrary File Delete Vulnerability in SonicWall SMA 100 Series Appliances
A critical vulnerability (CVSS 9.1) in SMA 100 series appliances, which includes SMA 200, 210, 400, 410 and 500v, could potentially allow a remote unauthenticated attacker the ability to delete arbitrary files from a SMA 100 series appliance and potentially gain administrator access to the device.The vulnerability (SNWLID-2021-0021) is due to an improper limitation of a file path to a restricted directory potentially leading to arbitrary file deletion as ‘nobody.’There is no evidence that this vulnerability is being exploited in the wild.SonicW
01/15/2021
Updated January 15, 2021The U.S. Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) have confirmed that malicious threat actors have been and are actively exploiting vulnerabilities in SolarWinds Orion products, specifically affecting versions 2019.4 through 2020.2 HF1. These malware variants are capable of transferring data, file execution, system profiling, rebooting and more.Both SolarWinds and the CISA strongly suggest that organizations using SolarWinds Orion verify the version they’re run
10/20/2021
This Sunday (8/8) during scheduled down time starting at 7 a.m. UTC, our case management platform will be unavailable for approximately 3 .During this maintenance window, end users will not be able to create or update support cases in MySonicWall. Our contact centers will remain open and our support teams will continue to answer calls although they will have limited access to case details.Maintenance Start: 07:00 UTC 2021-08-08Maintenance End: 10:00 UTC 2021-08-08 NOTE: If you have any questions or concerns, please reach out to us on the
03/26/2020
06/01/2019 04:00AM UTC - 06/03/2019 11:00AM UTC This is to notify that CSC-Management, Reporting and Analytics services for the North America region will be upgraded to v1.5 from May 31st, 9 pm to June 3rd, 4 am (PST). During this time, the services will experience downtime. Your firewall will remain active and you can log-in to the firewall web GUI to access it. We apologize for the inconvenience and thank you for your patience. Note: During downtime, you can continue to manage firewalls by logging to them directly. Please ensure that you have
03/26/2020
SonicWall physical firewall appliances running certain versions of SonicOS contain vulnerabilities in code utilized for remote management. At this time, there is no indication that the discovered vulnerabilities are being exploited in the wild, however: SonicWall STRONGLY advises to apply the SonicOS patch immediately. IF you cannot update immediately, as a mitigation please restrict SonicWall management access (HTTPS/HTTP/SSH) to trusted sources and/or disable management access from untrusted Internet sources, then apply the SonicOS patch as s
03/26/2020
05/17/2019 05:00PM UTC - 05/19/2019 05:00PM UTC Please be aware that CSC-Management, Reporting and Analytics services for the Europe region will be upgraded to v1.5 from May 17th, 10 am to May 19th, 10am (PST). During this time, the services will experience downtime. Your firewall will remain active and you can log-in to the firewall web GUI to access it. Please contact SonicWall support for any assistance. We apologize for the inconvenience and thank you for your patience. Note: During downtime, you can continue to ma
03/26/2020
Update as of 7/4/19 2:30 pm EST: The signature (SID 6855) has been removed from the Ultrasurf application. If you continue to experience issues with blocked apps/websites please update the App Control database by logging into the firewall and navigating to MANAGE | Rules | App Control and click Update. Status: Investigating July 4, 2019, 2 a.m. EST Issue: Skype, MS Teams, Slack and other applications may be blocked by App Control Signature ID 6855 - PROXY-ACCESS Ultrasurf. Cause: A new signature was released to block Ultrasurf but this
03/26/2020
What we know about the Critical Remote Code Execution Vulnerability (CVE-2019-1579) Researchers have found several security flaws in popular corporate VPNs, which they say can be used to silently break into company networks and steal business secrets. According to https://techcrunch.com/2019/07/23/corporate-vpn-flaws-risk/ “Devcore researchers Orange Tsai and Meh Chang said the flaws found in the three corporate VPN providers — Palo Alto Networks, Pulse Secure and Fortinet — are ‘easy’ to remotely exploit.” Once the SSL VPN server is compromis
03/26/2020
On Thursday, April 11, researchers from the Carnegie Mellon University Software Engineering Institute published a global vulnerability regarding virtual private network (VPN) applications storing authentication and/or session cookies insecurely in memory and/or log files.At this time, SonicWall is not aware of any situation where a currently valid session token is written to log files outside of very specific debug configurations, which are being eliminated as a precaution to prevent any potential misuse. As such, SonicWall customers using IPSE
10/28/2020
The SonicWall Product Security Incident Response Team (PSIRT) collaborated with a third-party research firm to test, confirm and correct discovered vulnerabilities related to physical and virtual SonicWall next-generation firewall appliances. These findings included:In some cases, vulnerabilities allowed remote attackers to cause Denial of Service (DoS) attacks against a firewall, which may lead to an appliance crash.In some cases, there existed a cross-site scripting (XSS) vulnerability in the firewall's SSL-VPN portal as well as possible user
10/28/2020
Knowledge BaseHow Do I Configure The SSL-VPN Feature For Use With NetExtender Or Mobile Connect?How Can I Enable Port Forwarding And Allow Access To A Server Through The SonicWall?How Can I Configure WAN GroupVPN For Connecting With Global VPN Client?How Can I Setup SSL-VPN?L2TP VPN Configuration On Mac OS XPornographic Websites Not Blocked Due To "Not Rated" CategorizationHow Do I Recover Or Reset The Administrator Password For A SonicWall Firewall Appliance?How To Configure High Availability (HA)SSL VPN Client Is Connected And Authenticated B
04/16/2020
SonicWall is continuing to monitor COVID-19 (coronavirus) and the ever-evolving global impact it is having on our international community. The world is testing its ability to go remote or work from home during this outbreak. Many companies find themselves with the need to rapidly scale their remote work capabilities. Existing SonicWall firewall administrators can learn more about configuring and troubleshooting remote workforce access by visiting Popular firewall SSLVPN and GVC articles for the remote workforce. Existing SonicWall SMA admini
09/17/2020
A vulnerability in SonicWall’s cloud-based product registration system that was publicly reported by a media outlet was quickly researched, verified and promptly patched on August 26, 2020. Approximately two weeks earlier, SonicWall identified the reported vulnerability (SNWLID-2020-0005) as part of its PSIRT program, and rapidly created a fix that underwent full testing and certification.At no time did SonicWall detect, or become aware of, any attempted exploitation of the vulnerability in the cloud-based product registration system. The fix w
09/17/2020
As of 2/13/2020 Chrome has updated to version 80.0.3987.106 which no longer causes issues with firewall management.In February 2020 Chrome released software version 80. In this version there were changes made to how cookies and JavaScript are handled. Due to this update, SonicWall firewalls using the self-signed certificate, are not able to be managed. Firewalls that use a trusted certificate (for example a GoDaddy CA root) are not affected by this Chrome update.Our engineering teams are working on this issue to provide a resolution to customer
09/17/2020
There exists a potential domain name collision vulnerability in SonicWall SSL-VPN technology that could result from a security misconfiguration of the impacted products.SonicWall is not aware that the reported vulnerability has been exploited or that any customer has been negatively impacted by the vulnerability.A domain name collision occurs when an attempt to resolve a name used in a private namespace (e.g., under a non-delegated top-level domain, or a short, unqualified name) results in a query to the public Domain Name System (DNS). When th
09/17/2020
SonicWall SwitchesSonicWall Switches offer multi-gigabit wired performance that lets you rapidly scale your branch networks through remote installation. Available in seven models — ranging from eight to 48 ports, with gigabit and 10 gigabit ethernet ports — SonicWall Switches deliver network switching that accommodates the growing number of mobile and IoT devices in branch locations and provides the network performance needed to support cloud-delivered applications. SonicWall Switches also fit seamlessly into your existing SonicWall ecosystem,
05/06/2020
SonicWall recently launched a new online community to connect cybersecurity professionals. This is the go-to place for SonicWall users, partners, employees, and experts to ask questions, find answers and connect with one another from around the world. The community can be viewed by anyone and is free to join!What does SonicWall Community offers?Learn about best practices and use SonicWall to lower total cost of ownership and maximize the value derived from SonicWall products.Connect with product management and support to ask questions, get help
12/20/2019
SonicWall firewalls and other appliances are not impacted by VPNFilter. SonicWall researchers are continuing to monitor developments surrounding VPNFilter and have so far confirmed that no SonicWall appliances are impacted by the malware. SonicWall customers are being advised that there is no need to reboot or take any action on any SonicWall appliance. On May 23 2018, researchers at Cisco Talos published a report documenting a new sophisticated modular malware system known as VPNFilter. More than 500,000 devices around the world are said to b
Switch Series
04/25/2022
Effective December 20, 2020, EN 60950-1:2006 was withdrawn and EN 62368-1:2014 is the replacement standard for the presumption of conformity with Directive 2014/35/EU (Low Voltage Directive or LVD), which applies to SonicWall POE switches in European Union (EU) countries and was also adopted by the United Kingdom (UK). The scope of this impact is as follows:Certain SonicWall POE switches placed in the EU and UK markets after December 19, 2020, may not be compliant with EN 62368-1:2014. Further action is required for these appliances.All SonicWa
TZ Series
04/21/2022
UPDATED: 3 p.m. EST, Jan. 22On January 20, 2022, at around 9.30 p.m. (U.S. EST), SonicWall started to receive reports that some SonicOS 7.0 firewall users were experiencing service disruptions in the form of reboot loops or connectivity issues.CauseCertain firewalls running SonicOS 7.0 were not able to correctly process the signature update published on Jan. 20. During signature update parsing by one of the components within SonicOS, a corner case error condition led to a restart or connectivity disruption. Firewalls are designed to fetch new s
04/21/2022
UPDATED: 3 p.m. EST, Jan. 22On January 20, 2022, at around 9.30 p.m. (U.S. EST), SonicWall started to receive reports that some SonicOS 7.0 firewall users were experiencing service disruptions in the form of reboot loops or connectivity issues.CauseCertain firewalls running SonicOS 7.0 were not able to correctly process the signature update published on Jan. 20. During signature update parsing by one of the components within SonicOS, a corner case error condition led to a restart or connectivity disruption. Firewalls are designed to fetch new s
04/21/2022
UPDATED: 3 p.m. EST, Jan. 22On January 20, 2022, at around 9.30 p.m. (U.S. EST), SonicWall started to receive reports that some SonicOS 7.0 firewall users were experiencing service disruptions in the form of reboot loops or connectivity issues.CauseCertain firewalls running SonicOS 7.0 were not able to correctly process the signature update published on Jan. 20. During signature update parsing by one of the components within SonicOS, a corner case error condition led to a restart or connectivity disruption. Firewalls are designed to fetch new s
03/26/2020
Researchers have found multiple defects including a Man-in-the-Middle (MITM) vulnerability in versions 1.0.1 and 1.0.2-beta of OpenSSL, the cryptographic software library. For detailed information on the Man-in-the-Middle and other vulnerabilities see the OpenSSL website. SonicWall Firewalls and GMS Are Not Affected SonicWall firewalls (TZ, NSA, E-Class NSA, SuperMassive) and Global Management System (GMS) are NOT affected by the vulnerabilities. Additionally, firewalls with an active Intrusion Prevention Service have, as of June 5, 2014, signa
12/20/2019
High Severity Bug Alert - GMS 8.2 - DO NOT MODIFY ADDRESS OBJECTSSonicWall Support would like to inform you of a problem with a specific feature in GMS 8.2: Modifying the Name of an Address Object. There is a workaround available and a hotfix will be available the week of December 12, 2016. TRIGGER AND SYMPTOMModifying the name of a firewall(s) Address Object through the GMS 8.2 Policy Panel will trigger the firewall to go offline and lose LAN/WAN access. A hard restart in Safe Mode is required to recover the firewall.&nb
12/20/2019
SonicWALL Active Retirement Mode Announcement for Dell SonicWALL TZ 105 Wireless Japan Model Active Retirement Mode Announcement Dell SonicWALL is initiating the Active Retirement Mode (ARM) for the Dell SonicWALL TZ 105 Wireless Japan model. Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below. In addition, Dell SonicWALL may release a limited number of new features and wi
12/20/2019
We know that you need and expect continuous strengthening of your network perimeter. Now you can get more features and power with our latest generation of network security solutions. We’re pleased to announce availability of SonicOS 6.2.5 for SuperMassive, NSA and TZ products. This new operating system delivers both security enhancements and advanced networking features to meet your needs. Here are some of the highlights:Dell X-Series Integrations – Every business has a switch. If you're using TZ300/400/500/600 with the new 6.2.
12/20/2019
Limited Retirement Mode AnnouncementDell SonicWALL is initiating the Limited Retirement Mode (LRM) notification for the Dell SonicWALL ES 300. Limited Retirement Mode is the fourth phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase Dell SonicWALL will no longer develop or release firmware updates or new features for these products. In addition, Dell SonicWALL will no longer offer support contracts. After the LRM phase has ended, Dell SonicWALL will transition the ES 30
12/20/2019
SonicWALL Notice Concerning Privilege Escalation Vulnerability in the Windows NetExtender client (CVE-2015-4173)Dear Customer, A vulnerability CVE-2015- 4173, affects a Registry key used by SonicWALL NetExtender client for Windows exposes the system to a binary planting attack that can be triggered upon login. A malicious binary placed in a specific system folder by a low-privileged user could result in code execution upon an Administrator login.SonicWALL SMB SRA NetExtender versionNetExtender
12/20/2019
Dell SonicWALL - Active Retirement Mode Announcement for Dell SonicWALL TZ 105 Wired ModelActive Retirement Mode AnnouncementDell SonicWALL is initiating the Active Retirement Mode (ARM) notification for the Dell SonicWALL TZ 105 Wired model only. Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below. In addition, Dell SonicWALL may release a limited number
12/20/2019
SonicWALL Active Retirement Mode Announcement for Dell SonicWALL TZ 215 Wireless Japan ModelActive Retirement Mode AnnouncementDell SonicWALL is initiating the Active Retirement Mode (ARM) for the Dell SonicWALL TZ 215 Wireless Japan model. Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below. In addition, Dell SonicWALL may release a limited number of new features and will
12/20/2019
SonicWALL Service Bulletin GMS Analyzer Vulnerability Fix - July 2016Vulnerabilities in the Dell SonicWALL GMS and Analyzer have been resolved.Affected ProductsDell SonicWALL GMS and AnalyzerAffected Software VersionsVersions 8.0 and 8.1.Issue SummaryVulnerabilities were found pertaining to command injection, unauthorized XXE, default account, and unauthorized modification of virtual appliance networking information. To fix these vulnerabilities, Dell highly recommends that existing users of Dell SonicWALL GMS and Analyzer Hotfix 174525.GM
12/20/2019
End of Support AnnouncementDell SonicWALL is initiating the End of Support for GMS 7.0 and 7.1 All official End of Life notifications and phase information are posted on the Product Lifecycle page of our Support web site.Products Affected
12/20/2019
Last Day Order AnnouncementDell SonicWALL is initiating the Last Day Order (LDO) notification for the Dell SonicWALL SonicPoint-Ne Dual-Band. Last Day Order is the first phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase, authorized Dell SonicWALL partners and distributors may purchase SonicPoint-Ne Dual-Band SKUs from Dell SonicWALL. After the LDO phase has ended, Dell SonicWALL will no longer accept orders for the SKUs listed below and the SonicPoint-Ne Dual-Band will tran
12/20/2019
Vulnerabilities in the SonicWALL GMS and Analyzer have been resolved.Affected ProductsSonicWALL GMS and AnalyzerAffected Software VersionsVersions 8.0 and 8.1Issue SummaryVulnerabilities were found pertaining to input validation/filter bypass, SQL Injection, XSS, and Adobe Flex bypass.To fix these vulnerabilities, SonicWall recommends that existing users of SonicWALL GMS and Analyzer upgrade to GMS/Analyzer 8.2.GMS/Analyzer 8.2 is available for download from https://www.mysonicwall.com. Users should log into MySonicWALL and click on Downloads &
12/20/2019
SonicWALL Active Retirement Mode Announcement for SonicWALL TZ 215 Wireless ModelActive Retirement Mode AnnouncementSonicWALL is initiating the Active Retirement Mode (ARM) notification for the SonicWALL TZ 215 Wireless model. Active Retirement Mode is the second phase of the SonicWALL End of Life process outlined at the end of this document. During this phase SonicWALL will no longer actively manufacture or sell the products listed below. In addition, SonicWALL may release a limited number of new features and will issue bug fixes only to the l
12/20/2019
SonicWall Last Day Order Announcement for SonicWall Universal Management Appliance UMA EM5000 Last Day Order Announcement SonicWall is initiating the Last Day Order (LDO) notification for the SonicWall Universal Management Appliance UMA EM5000. Last Day Order is the first phase of the SonicWall End of Life process outlined at the end of this document. During this phase, authorized SonicWall partners and distributors may purchase UMA EM5000 hardware SKUs from SonicWall. After the LDO phase has ended, SonicWall will no longer
12/20/2019
GMS/Analyzer/UMA Command Injection and Arbitrary XML Input Vulnerabilities - January 2016Vulnerabilities in the Dell SonicWALL GMS, Analyzer, and UMA have been resolved.Affected ProductsDell SonicWALL GMS, Analyzer, and UMA EM5000Affected Software VersionsVersions 7.2, 8.0, and 8.1.Issue SummaryFields in the webapp were found to be vulnerable to command injection and a port was found to be vulnerable to arbitrary XML input. To fix these vulnerabilities, Dell recommends existing users of Dell SonicWALL GMS, Analyzer, and UMA update their so
12/20/2019
Watch our technical deep-dive webinar and demo to learn best practices to a successful SonicWall Deep Packet Inspection of SSL (DPI-SSL) service implementation. Watch NowManaging certificate deployment and certificate pinning are among the top challenges when implementing deep inspection of SSL and TLS certificates on a next-generation firewall. Join us for a technical deep-dive webcast and demo to learn best practices to a successful SonicWall Deep Packet Inspection of SSL (DPI-SSL) service implementation. This in-depth session: • Helps size t
12/20/2019
SonicWALL Active Retirement Mode Announcement for Dell SonicWALL TZ 205 Wireless Japan ModelActive Retirement Mode AnnouncementDell SonicWALL is initiating the Active Retirement Mode (ARM) for the Dell SonicWALL TZ 205 Wireless Japan model. Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below. In addition, Dell SonicWALL may release a limited number of new features and will
12/20/2019
We are pleased to announce a new OS release for the entire Secure Mobile Access (SMA) 1000 Series. The new SMA 11.4 OS was released on 04-13-2016 and is available, at no cost, for SMA 1000 appliance customers with an active support contract. Applicable models include; SRA EX6000, SMA 6200, SMA 8200V (Virtual), SRA EX7000, SMA 7200 & SRA EX9000.All SMA models ensure secure access across all key operating systems and mobile devices, including Windows, iOS, Mac OSX, Android, Kindle Fire, Linux and Chrome OS. These solutions increase mobile and
12/20/2019
Dell SonicWALL Active Retirement Mode Announcement for Dell SonicWALL NSA 8500Dell SonicWALL is initiating the Active Retirement Mode (ARM) notification for the Dell SonicWALL NSA E8500. Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below. In addition, Dell SonicWALL may release a limited number of new features and will issue bug fixes only to the latest v
12/20/2019
SonicWALL Active Retirement Mode Announcement for SonicWALL SRA 1600,SRA 4600, SRA EX6000 & SRA EX7000Active Retirement Mode Announcement SonicWALL is initiating the Active Retirement Mode (ARM) notification for the SonicWALL SRA 1600, SRA 4600, SRA EX 6000 and SRA EX 7000. Active Retirement Mode is the second phase of the SonicWALL End of Life process outlined at the end of this document. During this phase SonicWALL will no longer actively manufacture or sell the products listed below. In addition, &
12/20/2019
GMS and Analyzer SystemsCritical Product NotificationDear Customer,An urgent, mandatory hotfix is required to be applied immediately to GMS and Analyzer systems to resolve a high-severity vulnerability. A set of login authentication vulnerabilities has been discovered in SonicWALL GMS and Analyzer systems. These vulnerabilities are design flaws and none of them are a “backdoor” as erroneously reported in the press.Please immediately install a mandatory Hotfix for the products listed below. This Hotfix will remove the
12/20/2019
Dell SonicWALL Notice Concerning Potential Back Doors into Dell SonicWALL FirewallsDear Customer, Over the past few weeks there has been a good deal of press coverage surrounding Juniper Networks related to an internal audit during which unauthorized code was discovered in ScreenOS that could be exploited by a knowledgeable attacker. Juniper has since addressed the issue and has made patches available for the vulnerable versions of its ScreenOS. This has to lead to speculation that products f
12/20/2019
Active Retirement Mode AnnouncementDell SonicWALL is initiating the Active Retirement Mode (ARM) notification for the Dell SonicWALL TZ 215 Wired model. Active Retirement Mode is the second phase of the Dell SonicWALL End of Life process outlined at the end of this document. During this phase Dell SonicWALL will no longer actively manufacture or sell the products listed below. In addition, Dell SonicWALL may release a limited number of new features and will issue bug fixes only to the latest version of firmware available for
WAF Series
03/27/2020
SonicWall Web Application Firewall (WAF) reaches End-of-Sale February 1, 2020 SonicWall is initiating a worldwide End-of-Sale for the Web Application Firewall (WAF) product beginning on February 1, 2020. SonicWall will no longer actively develop or sell the product. Please see the Product Lifecycle Table for a full list of key dates regarding this product. Why is SonicWall initiating End-of-Sale for the Web Application Firewall (WAF)? We are working to create an integrated system that delivers faster protection, detection and correction. We a