Project Summary

Redesigning SonicWall's endpoint security management platform

SonicWall's endpoint security platform CaptureClient helps security administrators detect, analyze and mitigate threats on endpoints to safeguard an organization's network and data. SonicWall approached us because they were receiving a large volume of customer support tickets for Capture Client. We redesigned CaptureClient, to improve navigation, scalability, and efficiency.

My Role
  • Stakeholder communication
  • Research interviews and testing
  • Redesigning information architecture, policy management, and dashboard workflows
  • Low and high-fidelity wireframes
  • Prototyping using Invision

Awanee Joshi, Shravani Khatti, Sayali Lonkar




18 Week (MAR - JUL 2020)


21% decrease in number of customer tickets related to policy configuration.


Areas of Friction

After conducting user research and understanding their product, we found three significant problems.

  • Technical labels provide no hint of what to expect upon clicking.
  • Deep navigation and sub-navigation increased number of clicks needed for tasks.
  • The discoverability of items below the visible portion of the interface is hampered.
  • Adding or editing policies requires navigating back and forth between 4 pages.
  • The workflow starts from selecting a policy/template instead of selecting users or devices which seemed counterintuitive to users.
  • No option to copy and apply similar policies to other tenants.
  • Lack of visual hierarchy affects efficiency and learnability.
  • Threat and device widgets took up excessive space, hiding key actionable data.
  • Dashboard lacks a structured layout.

Key Value Additions

Though I redesigned the entire CaptureClient Platform, I think a few value additions made the most impact on the user experience.


Our interviews with new users of the CaptureClient application revealed that the top labels in the navigation needed to be more intuitive, and users had to open all the tabs to know what they would find there. Therefore I eliminated the individual sub-pages in the left navigation to directly showed the pages upfront for efficiency and clarity.

Information Architecture

The architecture was redesigned based on the items themselves rather than the type of function. This eliminated unnecessary segregation and grouped related functionalities. For example, policy configuration now includes blacklists, exclusions, device control, and configuration settings. Threat detection was moved to a prominent navigation item for quick access by security analysts. Overall, the redesign improves organization and usability.

Policy Management User-flow

An inheritance feature was introduced for security policies to simplify updates. Most policies remain unchanged for device and user groups, except in special cases. Analysts can now edit a policy for a user group by selecting the group, turning off inheritance, and updating the policy. This user-centric approach reduced seven steps as compared to the previous flow.


I designed two different dashboard views on the selected scope - an all-tenant view and a single-tenant view. Only actionable data was displayed to make them concise and avoid information overload.

Tenant Onboarding

We redesigned the tenant set-up flow in CaptureClient to address difficulties in tracking tenant settings when adding a new tenant. A step-by-step guide automatically appears when a new tenant is added, improving the overall experience, which users appreciated.


Based on user research findings, we introduced a reports module to the product to address the need for security analysts to send reports to their higher management. Previously, analysts would often send screenshots of the dashboard as reports. The new module allows users to select the desired data type and generate comprehensive reports, improving the reporting process significantly.


This project utilized User Centered design (UCD) process which consisted of the following phases

Empathize & Understand
Define & Analyze
Ideate & conceptualize
Test & Iterate

Understanding the Business / Product

I started the journey by first understanding SonicWall's business goals about CaptureClient.

Expert Review

Before starting our user research interviews, I looked at the existing CaptureClient platform from a basic heuristics lens. For example, the navigation had multiple sub-menus, which, when all expanded, hampered the discoverability of items that go below the fold. First, this helped me identify the obvious quick fixes and secondly helped me gain a better understanding of the product and the domain.

User Research

We conducted 1:1 interviews with our target users in the following steps

1) Participant recruitment

To recruit the right kind of users for research and usability testing

2) Interview Outline

Crafting a questionnaire based on user research goals

3) User Research Report

The responses collected were summarized into a detailed user persona and insights document

Our research goals were -

User Research Documentation

User Persona

We documented our research findings into two personas - Security Analyst and Security Administrator.

User Interview Insights
Propagation from tenant to devices

Top-down propagation of exclusions and all other security policies would significantly reduce the deployment time, as changing policies specific to a device is only done occasionally.

Updates common across tenants

There are scenarios where the same policy must be applied to all customers. Adding a change to all tenants together could be helpful (e.g. adding an exclusion to all tenants).

Labor effort > False positives

Users preferred the labor effort of maintaining a static list of users over dealing with false positives of a dynamic list.

Tone of voice affects response

Users don't typically react urgently when they see Infected devices or active threats due to the tone of voice."It makes you think like this is the end of the world, but really it is not."

Usability Testing

Usability testing was conducted on the redesigned workflows, including dashboard, scope interaction, policy management, group creation, and tenant onboarding. We made iterative design improvements based on the feedback received to enhance the usability further.

Design enhancements made based on feedback
Major enhancements
  • Highlight the Scope feature and its functionality
  • Incorporate the overall summary of tenant health (Summarized > Top 5)
  • Additional widgets + Managing widgets functionality under “Customization” of dashboard
  • In “Policy Management” provide double-check / alert messages while updating settings
  • Manage widget settings on Unified Dashboard (P.S provide licenses information)
Minor enhancements
  • Find out an alternative to display “Admin review” as a part of tenant onboarding (Loading-time)
  • Clear visibility/clarity of type of license enabled (Basic OR Advanced) while onboarding a tenant
  • Refinement of content in Policy review
  • Provide success messages in a standardized format

UX Specs and annotations

I also built a UX specifications document on Keynote that thoroughly describes the new features and how they work. The final UI-aligned designs are peppered with pointers that refer to a detailed description of each individually marked element on the screen.


- 21% decrease in number of customer tickets related to policy configuration.
- Customer testimonial on SonicWall's website after CaptureClient 3.5 with our designs was released.

Use real data
The best part of this project was that we had real data to work with for our wireframes based on their existing platform. This made usability testing easier, and users could relate to the content, which helped us find the right labeling system.
Always start your ideation with a sketch
Sketching our ideas and testing them internally early on helped us get to a more refined stage before we presented them to our stakeholders. The amount of effort that we put in was much less compared to the valuable feedback that we got just based on a sketch.
Keep Communicating
As the domain of cybersecurity itself is so complex, it was necessary for us to be in touch with our stakeholders to understand the nuances of the behavior patterns of their different customers and the features of their product. We set up daily cadence calls to run our ideas by them, and through that, we got some excellent insights into the domain.

Thanks for stopping by!

Find something you like? Contact me at

Facebook Logo
Twitter Logo