SonicWall Capture Advanced Threat Protection

SONICWALL CAPTURE ADVANCED THREAT PROTECTION SonicWall Capture Advanced Threat Protection service is a cloud-based network sandbox that analyzes suspicious code to help discover and stop newly developed malware.

• Multi-engine cloud sandbox that includes virtualization, hypervisor level analysis and full-system emulation
• High security effectiveness at diagnosing new threats
• Automated breach prevention enabled by blocking files until a security verdict is determined
• Near real-time signature deployment protects organizations from follow-on attacks
• Email and app notifications with robust reporting from the sandbox environment

MULTI-ENGINE ADVANCED THREAT ANALYSIS Capture executes suspicious code and analyzes behavior simultaneously in multiple engines. This provides you with comprehensive visibility into malicious activity, while resisting evasion tactics and maximizing zero-day threat detection. BROAD FILE TYPE ANALYSIS Analyze a broad range of operating systems and file types, including executable programs, DLL, PDF, MS Office documents, archives, JAR and APK. BLOCK UNTIL VERDICT To prevent potentially malicious files from entering the network, files sent to the cloud for analysis can be held at the gateway until a verdict is determined. RAPID DEPLOYMENT OF REMEDIATION SIGNATURES When a file is identified as malicious, a hash is immediately created within Capture and later a signature is sent to firewalls to prevent follow-on attacks. REPORTING AND ALERTS Capture Advanced Threat Protection offers an at-a-glance dashboard with reports that detail the analysis results for files sent to the service, including session information, OS information, OS activity and network activity.