NetThreat

Important SonicWall Security Update: Remote Access Products Under Investigation

27/01/2021

SonicWall has been investigating a possible coordinated attack on its internal systems.

No doubt most of our customers will have seen communications from SonicWall over the past few days relating to a potential security breach they are investigating.

Initially, all Firewall, NetExtender and Remote Access (SMA) solutions were under suspicion.  As of now, all firewall, NetExtender and SMA 1000 solutions have been confirmed as secure.

SonicWall are continuing to investigate the Virtual Office portal and HTTPs administration elements of the SMA 100 series appliances only (SMA 200, 210, 400, 410 and 500v).

 

Following an investigation SonicWall has released an update regarding impacted products:


Products NOT AFFECTED:


SonicWall Firewalls (all generations):  NOT affected. NO action required.
NetExtender VPN Client: NOT affected. NO action required.
Global VPN Client/IPSec : NOT affected. NO action required.
SMA 1000 Series: NOT affected. Continue to use your SMA 1000 series appliance and associated clients. NO action required.
SonicWave Access Points: NOT affected. NO action required.


Products UNDER INVESTIGATION:


SMA 100 Series: The SMA 100 Series REMAINS UNDER INVESTIGATION. However, SMA 100 series products may be used safely in common deployment use cases.

 

WHAT SHOULD I DO IF I HAVE AN SMA 100 SERIES APPLIANCE?


If you do have an SMA 100 series appliance, it is high likely that your deployment is secure, even if SonicWall’s investigations do identify it as the source of the security breach (it is only currently under investigation).

But you should still read SonicWall’s knowledge base article on the issue which will be updated as and when they have more information to share.


SMA 100 customers should deploy MFA.  This enables the use of a one-time password for users and can be simply (and at no cost) integrated into your solution.  There is more information and instructions on the link above.

 

IS THERE ANYTHING I SHOULD DO IF I AM A CUSTOMER WITH ANOTHER PRODUCT?


If you are a customer of SonicWall using a product from another part of their range then your product is not affected by this issue.

SonicWall (and NetThreat)  STRONGLY RECOMMEND that you deploy MFA, enabling the use of a one-time password for remote access, this can be done simply (and at no cost) and should now be seen as a critical part of your security stance.

Talk to us about this, or check out the links on the Knowledge Base article for instructions.

 

« Back
© Developed by CommerceLab