SonicWall Capture Security Appliance CSa 1000

Call us
+44 (0)20 8830 6820

Capture Security Appliance CSa 1000

This is the base appliance. No intelligence updates or support is included.

SKU: 02-SSC-2853

£26,553.28

(not including discount)

The SonicWall Capture Security appliance™ (CSa) brings Capture Advanced Threat Protection™ (ATP) and sandboxing malware analysis to on-premises deployment scenario.

This appliance offers customers with compliance and policy restrictions against sending files to cloud analysis, or who prefer for all of their data to remain inside their organization, an ability to take advantage of the superior threat detection capabilities formerly offered only in the cloud.

The CSa 1000 can analyse suspicious files coming from other SonicWall products to provide rapid, high accuracy detection of previously unseen threats, with the customer retaining custody of their files. Additionally, the REST API functionality on the CSa opens up the benefits of this highly effective file analysis capability to threat intelligence teams, third-party security systems and any software stack that can integrate with published APIs.

The CSa uses a combination of reputation-based checks, static file analysis and SonicWall’s patented Real-Time Deep Memory Inspection™ (RTDMI) engine for dynamic analysis. This ensures that it provides not only the best possible detection rate of malicious files, but also does this efficiently, in the shortest possible time. The SonicWall ecosystem of security products, already fully integrated with the cloud-delivered Capture ATP analysis, is able to enforce inline security with features such as Block Until Verdict. The same capabilities are supported when the SonicWall products are connected to the CSa series instead of the cloud Capture ATP.

Licensing

This is the base SonicWall CSa 1000 Appliance. No intelligence updates or support is included. To include the full package, please see

Capture Security Appliance CSa 1000 with Intelligence Updates and Support Bundle

Highlights

Memory-based inspection with RTDMI
Multi-Stage Analysis with reputation check, static analysis and dynamic analysis
API access for threat analysis
Broad file type support
Block Until Verdict support
High security effectiveness
Reporting and Role-Based Access

The CSa 1000 brings the technology from SonicWall’s Capture ATP, a cloud-based service trusted and used by over 150,000 customers across the globe, into an appliance form factor

CSa also gets regular intelligence updates (license required) to synchronize with the threat intelligence gathered globally via SonicWall Capture ATP file analysis
CSa offers insight into files submitted from all sources with an easy-to-navigate dashboard and file analysis history, providing an insight into the frequency, sources, verdicts and other insights around files submitted for analysis
Reporting capabilities provide a global view into ATP protection across the organization, with the ability to schedule regular reports configured based on different roles
Administrators can grant granular access to the CSa 1000 to a variety of roles, with the ability to restrict access to any part of the UI
Security analysts can be given access to scanning history, with the ability to modify the allowed devices and whitelist/ blacklist, as well as report any suspected false positives or false negatives
Network-level administrators can be granted access to the operational configuration of the appliance while being restricted, for confidentiality reasons, from seeing the submitted files and their sources

SonicWall CSa 1000 Introduction Video: