Block advanced cyberattacks faster and more accurately with memory-based, on-premises sandboxing for real-time malware and ransomware prevention. Skip the cloud. Maintain compliance. Keep complete custody of your files.

File Inspection in Your Environment


Real-Time Deep Memory Inspection (RTDMI)

Capture Security appliance’s exceptional accuracy helps eliminate false positives and negatives, while yielding lightning-fast verdicts and accurate detection rates. The technology offers minimal impact to end users due to its high performance, and lower latency rates – all the while maintaining custody of your files.


Broad Type File Analysis

CSa supports analysis for a broad range of file types, including executable programs (PE), DLL, JAR, PDFs, and MS Office documents, plus multiple operating systems including Windows, Android, and multi-browser environments.


Easy Administration & Reporting

Easy-to-understand reports clearly show why something was blocked, detailing the analysis results for files sent to the service including frequency, sources, verdicts and other insights around files submitted for analysis.


Multiple Deployment Options

Deploy CSa in your main datacenter and/or have it referenced by multiple locations via IP address, FQDN, or with the REST API. Alternatively, manually upload files into CSa for quick analysis and results.


Integrate with the SonicWall Ecosystem

The SonicWall ecosystem of security products, already fully integrated with the cloud-delivered Capture ATP analysis, is able to enforce inline security with features such as Block Until Verdict. The same capabilities are supported when the SonicWall products are connected to the CSa series instead of the cloud Capture ATP.