Products
- Next Generation Firewalls:
- TZ Series
  - Gen 7:
  - TZ270
  - TZ270 Wireless
  - TZ370
  - TZ370 Wireless
  - TZ470
  - TZ470 Wireless
  - TZ570
  - TZ570 Wireless
  - TZ570P
  - TZ670
  - Gen 6
    - TZ300P
    - TZ350
    - TZ400
    - TZ500
    - TZ600P
- NSa Series
  - Gen 7:
  - NSa 2700
  - NSa 3700
  - NSa 4700 NEW!
  - NSa 5700 NEW!
  - NSa 6700 NEW!
  - Gen 6
    - NSa 2650
    - NSa 3600
    - NSa 3650
    - NSa 4600
    - NSa 4650
    - NSa 5600
    - NSa 5650
    - NSa 6600
    - NSa 6650
    - NSa 9250
    - NSa 9450
    - NSa 9650
- NSSP Series
  - Gen 7:
  - NSSP 10700 NEW!
  - NSSP 11700 NEW!
  - NSSP 13700 NEW!
  - NSSP 15700
- SuperMassive Series
  - SuperMassive 9200 Series
  - SuperMassive 9400 Series
  - SuperMassive 9600 Series
  - SuperMassive 9800 Series
- Network Security
  - Capture Cloud Platform
  - Capture Security Appliance
  - Security Services
  - Network Security Manager
- Access Security:
- Cloud Edge Secure Access
- Secure Access
  - Secure Remote Access
    - Compare SSL-VPN Options
    - Mobile Connect
  - Secure Mobile Access
- Wireless Access Points
  - WiFi Cloud Manager
  - WiFi Planner
  - 200 Series:
  - SonicWave 231c
  - SonicWave 224w
  - SonicWave 231o
  - 400 Series:
  - SonicWave 432o
- Switches
  - SonicWall Switch SWS12-8 NEW!
  - SonicWall Switch SWS12-8POE NEW!
  - SonicWall Switch SWS12-10FPOE NEW!
  - SonicWall Switch SWS14-24 NEW!
  - SonicWall Switch SWS14-24FPOE NEW!
  - SonicWall Switch SWS14-48 NEW!
  - SonicWall Switch SWS14-48FPOE NEW!
- Cloud Security:
- Cloud App Security
- Cloud Firewall (NSv)
  - Gen 7:
  - NSV 270
  - NSV 470
  - NSV 870
- Endpoint Security:
- Email Security
  - Hosted Email Security
  - Hardware Appliances
  - Software Solutions
  - Legacy Appliances
  - Subscriptions & Support
  - Email Security Platform
- Central Management
  - UMA EM5000
  - GMS Management Software
- Legacy Products:
- Legacy Products
  - Product Lifecycles
  - Wired TZ Models
  - Wireless TZ Models
  - NSa Series
    - NSa 220
    - NSa 220 Wireless
    - NSa 240
    - NSa 250M
    - NSa 250M Wireless
    - NSa 2400
    - NSa 2400MX
    - NSa 2600
    - NSa 3500
    - NSa 4500
    - NSa 5000
  - NSa E-Class Series
  - SMA Appliances
    - SMA 200
    - SMA 400
    - SMA 6200
  - SonicWave Series
    - 400 Series:
    - SonicWave 432e
    - SonicWave 432i
  - SuperMassive Series
  - Wireless Network Security
    - SonicPoint ACi
    - SonicWall SonicPoint N2
  - PRO Series
    - PRO 3060
    - PRO 4060
  - SRA Series
  - SSL-VPN
  - WXA Series Models
    - WXA 2000 Appliance
    - WXA 4000 Appliance
  - Endpoint Security
    - Endpoint Anti-Virus
- Accessories/Other Products:
- Accessories
  - RackMount Kits
    - RM-SW-T4
    - RM-SW-T5
    - RM-SW-T6
    - RM-SW-T7
  - SFP/SFP+ Modules
  - All Accessories
- Other Products
  - Remote Implementation
- View All Products
Trade-Up
- Customer Loyalty Program
- Secure Upgrade Plus
Licenses & Add-ons
- Security Services:
- Comprehensive Gateway Security Suite
- Advanced Gateway Security Suite
- TotalSecure Services
- Capture ATP Service
- GAV/IPS Services
- Anti-Spam Service
- Deep Packet Inspection Services
- Application Intelligence and Control Service
- Endpoint Protection:
- Capture Clients
- Content Filtering Service
- Other Licenses & Add-ons:
- Management & Reporting
  - Capture Security Center
  - GMS Management Software
  - Analytics
- Support Options
  - Support Overview
  - Remote Implementation
  - Dynamic Support 24x7
  - Product Lifecycle Status
- Global VPN Client Licenses
- SSL VPN Licenses
- SonicWall High Availability
- HA Conversion Upgrades
- SonicOS Upgrades
- Legacy products
  - Viewpoint Reporting
  - Enforced Anti-Virus & Anti-Spyware
  - Analyzer
- View All Licenses, Subscriptions & Renewals
Promotions
- Other Promotions
- View All Promotions
Resources
Quote Request
Contact Us
⭐️NEW PRODUCTS

The Latest SonicWall News
Product and Solution Information, Press Releases, Announcements

SonicWALL Internet Threat Prevention Keeps Vulnerability Out of Customers' Networks
Posted: Tue Aug 11, 2009 11:06:00 AM

SonicWALL, Inc. , a leading secure network infrastructure company, has deployed protection against SSL Certificate Null Byte Poisoning vulnerability (CVE-2009-2408). Users of the company's Unified Threat Management Firewall technology, which protects against viruses, Trojans, worms and other threats and vulnerabilities, automatically receive updated signatures designed to repel security threats. This vulnerability allows attackers to perform "man-in-the-middle" session hijacking various browser and non-browser based SSL implementations. Once an attacker successfully obtains a specially crafted null byte stuffed certificate designed to imitate the origin content server, privacy of the data can be compromised since there will be no distinguishable notification to the user that the secure connection has been intercepted by an unknown 3rd party. In addition, SSL sessions compromised as a result of the above mentioned vulnerability, can be used to install unwanted trojans and malware on the victim's computer. The vulnerability was first publicly disclosed during BlackHat security conference briefings in Las Vegas on July 29-30, 2009. On July 31, 2009, users of SonicWALL's Unified Threat Management technology received updated signatures designed to protect against this threat. SonicWALL has issued the following IPS signature IPS SID: 1266 EXPLOIT - SSL Server Certificate Null Byte Poisoning. SonicWALL has developed unique technologies to deliver zero day gateway anti-virus, anti-spyware and intrusion prevention signatures to its subscribers on a continual basis, allowing them to defend against new and existing Internet attacks and exploits such as phishing, viruses, DHA or DoS attacks and more. Customers with a current subscription to SonicWALL's gateway threat prevention services are not affected by this vulnerability.


« Return to News List