03/26/2020 842 People found this article helpful 457,613 Views
Capture Advanced Threat Protection (ATP) is sold as an add-on security service to the firewall, similar to Gateway Anti-Virus (GAV).
Capture ATP helps a firewall identify whether a file is malicious or not by transmitting the file to the cloud where the SonicWall Capture ATP service analyzes the file to determine if it contains a virus or other malicious elements. Capture ATP then sends the results to the firewall. This is done in real time while the file is being processed by the firewall.
This document explains how files are analyzed by your SonicWall Appliance and Capture ATP.
All files are sent to the Capture ATP cloud datacenter that you selected when enabling the Capture service over an encrypted connection. Files are analyzed and deleted within minutes of a verdict being determined; they are not transferred to any other locations, unless a file is found to be malicious.
Malicious files are submitted via an encrypted HTTPS connection to the SonicWall threat research team, located in Santa Clara California or Bangalore India, for further analysis and to harvest threat information. Files are not transferred to any other location for analysis.
Malicious files are deleted after harvesting threat information within 30 days of receipt. The SonicWall privacy policy can be accessed at:
https://www.mySonicWall.com/privacypolicy.aspx