Sonicwall update to support 2048 bit certificates

As mentioned here, support for 1024 bit signed certificates is being phased out by certificate and browser authorities at the end of 2013. This means that device manufacturers and online services providers are having to update to maintain capabilities.

SonicOS revisions

Dell have published information detailing the minimum firmware revisions for their Dell Sonicwall firewalls which will meet the certificate requirements. If your Sonicwall firewall was installed with the current SonicOS after October 2011 or has had its firmware brought up to date since November 2011, it should support 2048 bit certificates. If it’s more than two years since it was updated, it almost certainly won’t support 2048 bit certificates.

You can find out the required firmware revision for your particular firewall and how to check your current revision on this Dell support page If you need any help doing this, get in touch with IS People.

Impact

Dell state that “Existing security services on Dell SonicWALL firewalls that use 1024-bit certificates will continue to block previously-known threats” but add that “the lack of updates may expose the protected network to new threats and exploits. In addition, you will NOT be able to activate and renew security services.”

So your firewall should continue to work. However, if the firmware is old enough to need updating to support 2048 bit certificates, it will be missing a lot of interim security updates as well and so should really be brought up to date anyway.