SonicWall Capture Advanced Threat Protection is a cloud-based security service designed to enhance your NSA 2600 firewall’s ability to detect and block advanced, unknown, and zero-day threats. Leveraging a multi-engine sandboxing approach and Real-Time Deep Memory Inspection (RTDMI™), Capture ATP analyzes suspicious files in real time, ensuring threats are stopped before they reach your network.
Key Features:
- Multi-Engine Advanced Threat Analysis
Suspicious files are sent to SonicWall’s Capture cloud service, which uses virtualized sandboxing, full system emulation, and hypervisor-level analysis to detect evasive malware. This in-depth inspection ensures high accuracy and maximum protection against zero-day threats. - Broad File Type Support & No File Size Limits
Capture ATP supports a wide range of file types, including PE, DLL, PDFs, Office documents, archives, JAR, and APK files, across Windows, Android, and macOS. Administrators can set granular controls to customize which files are sent for analysis. - Block Until Verdict
Files sent to the cloud for analysis are held at the gateway until a verdict is determined, preventing potential threats from entering the network. - Rapid Threat Signature Deployment
Once a threat is identified, new signatures are immediately pushed to all connected firewalls. Malware is also analyzed further by SonicWall’s threat intelligence team, contributing to updates for GRID Gateway Anti-Virus, IPS, and reputation databases within 48 hours. - Comprehensive Reporting & Alerts
An intuitive dashboard provides detailed analysis reports, including file behavior, OS/network activity, and session data. Alerts notify administrators of any suspicious files processed by the Capture service.
