SonicWall Capture Advanced Threat Protection (ATP)
Effective on-prem and cloud based advanced threat protection with multi-solution flexibility
SonicWall Capture Advanced Threat Protection (ATP)
SonicWall Capture ATP is a cloud-based, multi-engine sandbox that revolutionises advanced threat detection. Included with Capture ATP, SonicWall’s patented Real-Time Deep Memory Inspection™ (RTDMI) blocks zero-day and unknown threats at the gateway — even those that hide via encryption or don’t exhibit malicious behavior.
The Advanced Protection You Need, Where You Need It
SonicWall Capture ATP scans a broad range of file
types to prevent zero-day attacks, targeted
malware, advanced ransomware and more. Capture ATP
analyzes behavior in a multi-engine sandbox
platform that includes full system emulation,
hypervisor-level analysis, virtualized sandboxing
and RTDMI™, which uses real-time, memory-based
inspection techniques to force malware to reveal
its weaponry into memory.
By giving admins the ability to block until
verdict, create customized policies and scan
select files in the cloud, SonicWall Capture ATP
combines the efficiency of automation with greater
flexibility and control.
Key Benefits
- Advanced Threat Protection: Detects unknown malware before it enters the network
- Real-Time Deep Memory Inspection (RTDMI™): Identifies hidden or dormant malware with memory-based analysis
- Sandboxing: Detects evasive threats with multiple analysis engines
- Broad File Type Coverage: Inspects various file types
- Automated Threat Blocking: Blocks files at the gateway until verdict based on your policies
- Seamless Integration: Integrates with SonicWall solutions across your security architecture
Click image to enlarge
100% Threat Detection in Third-Party Testing
Independent ICSA Labs testing found that SonicWall Capture ATP delivers better threat protection than competitors.
100%
Detection of Unknown Threats
5
Total Perfect Scores
10
Consecutive ICSA ATD Certifications
Click image to enlarge
Threat Mitigation at Every Layer
Capture ATP strengthens threat mitigation by blocking advanced threats across cloud, network, and endpoint environments. Its real-time detection, multi-layer sandboxing, and integration with global threat intelligence ensure comprehensive protection against today’s evolving cyber threats
-
Cloud
Capture ATP integrates with cloud-based applications and services, inspecting incoming files and data for malicious content. It blocks threats before they infiltrate cloud environments. -
Network
Capture ATP scans all traffic entering the network, detecting and blocking malware at the network perimeter before it reaches endpoints and/or critical systems. Administrators can configure network traffic rules to filter files by type, size, or protocol, allowing granular control over which files are analyzed and which are allowed into the network. -
Endpoint
By blocking threats at the endpoint, Capture ATP helps prevent malware from spreading laterally through the endpoint. If a malicious file is detected, Capture ATP generates a signature in real-time, ensuring all connected endpoints are protected from follow-on attacks.
Capture ATP is a flexible and effective advanced threat protection with numerous deployment options to protect organizations of all sizes. By scanning and analyzing a wide range of file types and sizes, its global threat intelligence quickly deploys remediation signatures, ensuring fast response times, and high security effectiveness.
Superior Threat Prevention. Faster, More Accurate Verdicts.
Stop Unknown Malware and Zero-Day Threats
Blocks malware, even if it’s hiding in encryption or not behaving maliciously.
Inspect More File Types
Supports analysis for PE, DLL, PDF, MS Office docs, archives, JAR and APK — plus multiple OSs.
Block Until Verdict
Potentially malicious files can be held at the gateway until an admin takes action.
Rapid Remediation
Files go from inspection to verdict within milliseconds, stopping follow-on attacks and ensuring a better user experience.
Capture ATP Integration
By combining multi-engine sandbox technology, system emulation and virtualization techniques, SonicWall Capture ATP detects more threats faster than single sandbox solutions.
- The solution scans traffic and extracts suspicious code for analysis.
- Malware capabilities are replicated over various environments — all without detection.
- SonicWall Capture Labs rapidly deploys remediation signatures to SonicWall
- security products, so threats that fail anywhere fail everywhere.
Multi-Engine Sandbox. Multi-Solution Flexibility.
Delivering unparalleled real-time threat detection and protection, the SonicWall Capture ATP service with RTDMI can be added to a variety of SonicWall’s latest security products:
Secure Remote Access
Connect and secure your growing remote workforce and devices.
Firewalls
Defend your physical networks from malware, intrusions and more with best-in-class protection.
Wireless Security
Enhance Wi-Fi security and performance with cloud-based deployment and management solutions.
Cloud App Security
Protect business-critical SaaS apps — including Microsoft Office 365, G Suite, Box and Dropbox — in real time.
Virtual Firewalls
Defend your business and data within virtual networks, for both public and private clouds.
Secure Email
Shield your organization from advanced email threats, including targeted phishing attacks, ransomware and BEC.
