Contact Us

Subscribe

At vero eos et accusamus et iusto odio as part dignissimos ducimus qui blandit.

Social List

When Trust Breaks Down: Why at This Time CDML Recommends Switching from SonicWall SSL VPN to CDML Remote Access + MFA for Remote Access

An IT administrator transitions from VPN to secure remote desktop connections protected by MFA, representing safer business connectivity after VPN vulnerabilities.

When Trust Breaks Down: Why at This Time CDML Recommends Switching from SonicWall SSL VPN to CDML Remote Access + MFA for Remote Access

Click here to view/listen to our blogcast.  

Firewalls protect the network perimeter for most businesses. Lately serious cyber-attacks against firewalls have been dominating the headlines. Fortinet, Cisco, TP-link and other devices have been under attack.

In the last few months, SonicWall firewalls, particularly their SSL VPN feature, have been at the center of alarming cybersecurity headlines. Attackers have successfully exploited vulnerabilities to gain unauthorized access, sometimes bypassing multi-factor authentication (MFA) and moving laterally inside corporate networks.

Then, in September 2025, SonicWall confirmed an even more serious incident: hackers breached its MySonicWall cloud backup system, stealing configuration backup files for customer devices. That means that for thousands of organizations, attackers may now have detailed blueprints of how their networks are built and protected.

If you’re using SonicWall SSL VPN to connect remotely, this is not the time for business as usual.

What Happened – and Why It Matters

SonicWall’s SSL VPN vulnerability (CVE-2024-40766) has been actively exploited by threat actors, including ransomware groups such as Akira. In some cases, attackers successfully bypassed MFA and compromised domain controllers within hours of gaining access.

But even organizations that patched promptly are facing new risks after SonicWall confirmed that attackers breached its MySonicWall cloud backup infrastructure, stealing configuration files for a subset of devices.

Those stolen files contained:

  • Firewall configuration data, VPN settings, and NAT rules
  • Network topology and user/group mappings
  • Encrypted credentials and encoded system information

While SonicWall reports that passwords were encrypted, the rest of the data provides attackers with a map of network defenses which can be used to target organizations more precisely.

To its credit, SonicWall has since disabled cloud backup access, rotated encryption keys, and urged all customers to change credentials, regenerate VPN keys, and audit access logs. But these steps don’t undo the fact that confidential network details may already be in hostile hands.

Why SSL VPN Access Is Now Riskier Than Ever

The combination of active exploits and leaked configuration data creates a perfect storm. Here’s why:

  • Known targets: Attackers can identify which SonicWall models are in use and what ports are exposed.
  • Custom attack scripts: With knowledge of VPN and firewall configurations, exploits can be tailored for maximum success.
  • Vendor infrastructure exposure: The compromise of SonicWall’s own cloud backups proves that even trusted vendors can become weak links.
  • Persistent risk: Even patched devices may remain vulnerable if credentials or topology details have been leaked.

For businesses handling sensitive information, especially those bound by Department of Health (DoH) or Department of Financial Services (DoF) regulations, these developments raise serious compliance concerns. Remote access methods that rely on a possibly compromised perimeter are now a liability.

CDML’s Recommendation: Switch to CDML Agent + MFA for Secure Remote Access

Until SonicWall resolves its issues and fully restores confidence, CDML recommends using Splashtop Business with Multi-Factor Authentication as a safer, temporary alternative.

Here’s why Splashtop is the smarter short-term solution:

  • Same Remote Access as CDML Uses: The agents are already installed on the PCs managed by CDML, so no other software is required.
  • No exposed VPN endpoint: Eliminates the open SSL VPN port that attackers are currently exploiting.
  • Built-in MFA enforcement: MFA is mandatory for every connection, not optional.
  • TLS + AES-256 encryption: Protects every session with the same level of encryption used by banks.
  • Granular access control: Limit who can connect, when, and to which endpoints.
  • No vendor cloud dependency for firewall configs: Reduces risk from third-party cloud breaches.
  • Low cost, high protection: At only $10/user/month, it’s a small price compared to the cost of a breach or ransom demand.

CDML can help manage access permissions with MFA for your entire remote team via the CDML Client Portal with minimal disruption and full security integration.

Implementation Plan

If your organization currently relies on SonicWall SSL VPN, here’s a safe migration path:

  • Assess current VPN usage – Identify users, devices, and access requirements.
  • Provision Remote Access with MFA – Provision secure remote access to office PCs through CDML’s Client Portal.
  • Disable or restrict SSL VPN – Temporarily disable SonicWall SSL VPN or restrict by IP and user group.
  • Rotate credentials – Update all firewall admin and VPN passwords. Regenerate certificates and keys.
  • Monitor access logs – Enable SonicWall and Splashtop logging for visibility and auditing.
  • Re-evaluate when SonicWall restores full trust – When SonicWall’s systems are verified secure, you can choose to resume SSL VPN usage if desired.

For Regulated Industries: Compliance Implications

Organizations under NYDFS 23 NYCRR 500, HIPAA, or GLBA must maintain secure remote access controls and incident response plans. Continuing to use a potentially compromised VPN product may violate your obligation to maintain reasonable safeguards.

Switching to the CDML Remote Access + MFA not only mitigates the immediate risk but also demonstrates proactive compliance showing that your organization acted swiftly to protect customer and patient data.

How CDML Can Help

CDML Computer Services can assist your business by:

  • Managing remote access to endpoints for your team.
  • Hardening your SonicWall configuration and rotating credentials
  • Conducting a remote access security audit to ensure regulatory compliance
  • Monitoring and patching firewalls and endpoints under an SLA
  • Advising on when it’s safe to re-enable SSL VPN access

For most clients, we can transition your remote users to CDML Remote Access within one business day and provide ongoing management for just $10 per user per month.

Final Thoughts

SonicWall remains a respected vendor, but trust has to be rebuilt after these recent incidents. Until that happens, a temporary shift to a more controlled and isolated remote access model makes sense—especially when compliance, data integrity, and business continuity are on the line.

If your organization uses SonicWall SSL VPN, contact CDML today to discuss how we can help you switch to a safer remote access setup with CDML Remote Access and MFA.

Stay safe. Stay informed. Stay compliant.

Empowering business growth through innovation using secure, sustainable solutions.

📞 Contact us here: https://cdml.com/contact/
📚 Read more on our blog: https://cdml.com/blog-2
📺 Listen to our blogcasts: https://www.youtube.com/@CDMLComputerServices

Post Tags :
Prev Post

Next Post

Icon

Elevating Customer Experience.

Icon
+1 718-393-5343
Girl in a jacket

CDML is an acronym for “Computers Dominate My Life.” Today this statement rings true for all of us. At CDML Computer Services, Ltd. we pride ourselves on the fact that we’re able to solve our customers’ computer problems quickly and efficiently. Our goal is to take our customers’ business in to the future with minimal obstacles and maximum results!

Services

Get Help

Contact Us

53-43 198th Street,
Fresh Meadows,
NY 11365
Phone: +1 718-393-5343
Email: [email protected]

© Copyright 2025 CDML Computer Services, Ltd. All Rights Reserved.