Call us
+44 (0)20 8830 6820

SonicWall Cloud Application Security Advanced 5000 - 9999 Users

Cloud App Security Advanced package includes Capture ATP and Data Leak Protection for 5000-9999 Users 1 YR
SKU: 02-SSC-2152

SonicWall's Cloud App Security (CAS) has proven it's ability to stop low-volume, difficult targeted phishing, credential harvesting and zero-day attacks that bypass Microsoft, Google and conventional Secure Email Gateway (SEG) security filters.

As an integral component of the SonicWall Capture Cloud Platform, the SonicWall Cloud App Security (CAS) extends a complete defense-in-depth security stack for Microsoft 365 and Google Workspace users. The CAS advantage rests primarily on its proven ability to stop low-volume, difficult targeted phishing, credential harvesting and zero-day attacks that bypass Microsoft, Google and conventional Secure Email Gateway (SEG) security filters.

CAS’s API-based, multi-layered inline threat prevention system is invisible to hackers, providing highly effective email and data protection for cloud email and SaaS applications. The solution quickly deploys within minutes and employs a combination of machine learning (ML), artificial intelligence (AI) and big-data analyses to provide powerful anti-phishing, attachment sandboxing, click-time URL analysis, impersonation and Data Leak Protection (DLP).

This version includes "Data Leak Protection" and "Office Message Encryption integration" (not included in the basic version).
Cloud App Security - catches what others miss

Scan All Email Traffic and Embedded Content

CAS works seamlessly with Microsoft 365 and Google Workspace security filters, such as Exchange Online Protection (EOP). It scans all messages and embedded content, including inbound, outbound and internal emails, detecting advanced phishing, credential harvesting and ransomware attacks bypassing preceding security filters.

Using multiple AI models and ML engines that constantly adapt to new phishing schemes, CAS prevents Business Email Compromise (BEC) and blocks targeted phishing, credential harvesting, malware, zero-days, account takeover (ATO) and insider threats with increased efficiency and reduced false positives. It takes defensive actions before malicious content reaches user inboxes and before sensitive data leaks and alerts relevant personnel and products such as an admin or security analysts about potential compromises for post-delivery remediation or recovery measures.

When using inline protection, no email, links or attachments can reach the inbox until CAS scrutinizes and decides they are 100% harmless.

Synchronous Threat Protection

Integration with the SonicWall Capture Cloud Platform security framework uniquely enables all SonicWall security solutions to work together for synchronous threat management. This allows CAS to leverage the SonicWall Capture ATP service, the only threat detection offering that combines multi-layer sandboxing, to analyze suspicious attachments and files. Threats revealed are used to create countermeasures at one part of the defense chain, which immediately benefits all other parts of the defense ecosystem in real-time. The entire process significantly reduces the window of exposure and false positives.

CAS leverages the SonicWall Capture Advanced Threat Protection (Capture ATP) making it the only threat detection offering that combines multi-layer sandboxing to analyse suspicious attachments and files.

Business Benefits

  1. Adopt cloud email and SaaS applications without fear
  2. Safe, productive users anytime, anywhere, and on any device
  3. IP and critical data protected
  4. Audit-ready, compliance
  5. Eliminate capital expenditure of maintaining on-prem infrastructure

Operational Benefits

  1. Deploy in minutes and secure with ease, granularity and zero user impact
  2. 100% API-based, nothing to install, no rerouting of traffic, no agent to deploy
  3. Apply policy in a consistent manner across all apps
  4. 100% visibility into every user, file, permission, and configuration change
  5. Visibility into all SaaS apps associated with user’s Microsoft or G Suite account

Security Benefits

  1. Catch phishing and zero-day attacks that Microsoft ATP and SEGs miss
  2. Block harmful messages, URLs and attachments from reaching the inbox
  3. Scan all emails preventing insider threats from compromised or trusted internal accounts
  4. Synchronous threat management via Capture Cloud Platform
  5. Visibility and control of data movements and prevent data leaks
We use SonicWall Cloud App Security in addition to O365 Email Security to ensure that as much spam and phishing as possible will be caught before getting to the end user. No system is 100%, but this one is pretty close.
— Tim Gustafson, System Administrator, PCES Corp

Cloud Email Security

  1. In-line Threat Protection
    No email, links and/or attachments can reach the inbox until CAS has scanned and determined they are 100% harmless.
  2. Scans all emails
    Examines any inbound, outbound and internal emails that EOP and ATP miss.
  3. Policy-based Configuration
    Provides custom policy workflows to manage threats and run in 3 possible modes – Protect Inline, Detect and Prevent or Monitor Only.
  4. Machine Learning for Anti-Phishing
    Employs multiple machine-learning models trained on attacks that evade Office 365 and G-Suite and analyzes over 300 indicators of phishing per message, even when the hackers try to change its characteristics.
  5. Anti-Spoofing
    Protects corporate brand and users from email fraud and impersonation attacks.
  6. Brand Impersonation Protection
    Detects email that might spoof the domain, images, the language or just the look and feel of the most likely spoofed companies on the internet.
  7. User Impersonation Detection
    Knows employees by name and role, making it possible to identify messages that are attempting to impersonate a real person.
  8. Business Email Compromise Detection
    Uses multi-factor spoof detection data and advanced contextual analysis for identifying messages that might exploit human nature to reveal confidential information. Tight integration with the inbox makes it possible to interact with the user to second-guess suspicious conversations--”Do you trust this sender?”
  9. Page Emulation Analysis
    Goes beyond domain reputation checks and file analysis by examining the pathway and resulting pages to look for phishing design and behavior.
  10. URL rewriting and time-of-click analysis
    Blocks malicious URLs before they are delivered to the user’s inbox. It can disarm the URL, making it non-clickable. Then, it replaces the URL with a text warning (“embedded URL removed for security reasons”) and redirects the link to the inspection service for time-of-click analysis protection.
  11. Attachment Sandboxing
    Blocks malicious email attachments from reaching your users ’inbox.
  12. Post-delivery Protection
    Retracts malicious messages, removing it from the user’s inbox after initial delivery.
  13. Post-detection Alerts
    Alerts relevant personnel and products such as an admin, analyst, EDR or SIEM about potential compromises for remediation or recovery.
  14. Forensic Analysis
    Shows timeline of steps malware took as it detonated in the SonicWall Capture ATP sandbox. This exportable visualization of advanced malware forensics comes in the form of a bar chart with insights into process, registry, and Network/HTTP events.
  15. Analytics
    Monitor every action, including real-time and historical events, made in your SaaS environment.
  16. Reporting Dashboard
    CAS custom report queries are flexible, and context based. Search by sender, subject, recipient or attachment name speeds up the pace of a forensic search.
  17. Email- native education opportunities
    Automated emails alert end users to threats, provide key details into the malicious message, and provide a link to further reading about phishing attacks.

SaaS Security and Advanced Threat Protection

  1. Account Takeover & Insider Threats Protection
    CAS analyzes every user event across multiple SaaS apps, comparing historical behavior, anomalous activity, and profiles of real-world breaches to identify attacks in real time.
  2. Zero-day Malware Protection
    Applies SonicWall Capture ATP multi-engine sandboxing to identify new malware variants within seconds and with fewer false positives. Quarantines all threats before users download them while preventing them from being stored and propagated through apps such as Dropbox, OneDrive and G Drive.
  3. Active Form Analysis
    If the resulting page includes a form, CAS identifies look-alike content and malicious code. If a page looks like a Microsoft login but the form posts to an unrelated site, CAS prevents the link from reaching the inbox.
  4. Shadow SaaS Monitoring
    Identifies risky cloud applications your employees are using in the office or at home that have been connected to your approved SaaS accounts, without redirecting traffic or using a proxy
SonicWall Cloud App Security lets us secure a Microsoft Office 365 E3 or F1 plan with SonicWall Advanced Threat Protection. It provides visibility for applications which are used in the company and additional data leakage prevention.
— Daniel Franz, Senior IT Architect at Data-Sec

Data Security

  1. DLP and O365 Email Encryption Integration
    Identifies confidential information and applies context-aware policies that confine the data to a particular organization or work group. Ensures PCI, HIPAA, PII, or other protected content does not leak.
  2. Policy-based O365 Email Encryption
    Automates the encryption of O365 cloud emails - whether sent internally or externally - without deploying new infrastructure, using the protocols you already know and trust. Enforces regulatory compliance across all your SaaS with cloud-aware, context-sensitive, policy workflows.
  3. Data Classification
    Automates the encryption of emails - whether sent internally or externally - without deploying new infrastructure, using the protocols you already know and trust


  1. Compliance Templates
    Reduce administrative overhead by using simple compliance templates to meet sensitive data protection requirements for SOX, PCI, HIPAA and GDPR.
  2. Compliance Audit
    Access historical event data for retrospective compliance auditing as well as real time reporting.
  3. Compliance Enforcement
    Automates the encryption of emails - whether sent internally or externally - without deploying new infrastructure, using the protocols you already know and trust
back to top