Redesigning SonicWall's endpoint security management platform.
18 Weeks
(March - July 2020)
Project Summary

Project Overview

SonicWall's endpoint security platform CaptureClient helps security administrators detect, analyze and mitigate threats on endpoints to safeguard an organization's network and data. SonicWall approached us because they were receiving a large volume of customer support tickets for Capture Client. We redesigned CaptureClient, to improve navigation, scalability, and efficiency.


- 21% decrease in number of customer tickets related to policy configuration.

My Role

  • Stakeholder communication
  • Research interviews and testing
  • Redesigning information architecture, policy management, and dashboard workflows
  • Low and high-fidelity wireframes
  • Prototyping using Invision

The Problem

After conducting user research and understanding their product, we found three significant problems.

Design process

This project utilized User Centered design (UCD) process which consisted of the following phases

Empathize & Understand
Define & Analyze
Ideate & conceptualize
Test & Iterate

Understanding the Business / Product

I started the journey by first understanding SonicWall's business goals about CaptureClient.

Expert Review

Before starting our user research interviews, I looked at the existing CaptureClient platform from a basic heuristics lens. For example, the navigation had multiple sub-menus, which, when all expanded, hampered the discoverability of items that go below the fold. First, this helped me identify the obvious quick fixes and secondly helped me gain a better understanding of the product and the domain.

User Research

We conducted 1:1 interviews with our target users in the following steps

1) Participant recruitment

To recruit the right kind of users for research and usability testing

2) Interview Outline

Crafting a questionnaire based on user research goals

3) User Research Report

The responses collected were summarized into a detailed user persona and insights document

Our research goals were -

User Research Documentation

User Persona

We documented our research findings into two personas - Security Analyst and Security Administrator.

User Interview Insights

Propagation from tenant to devices

Top-down propagation of exclusions and all other security policies would significantly reduce the deployment time, as changing policies specific to a device is only done occasionally.

Updates common across tenants

There are scenarios where the same policy must be applied to all customers. Adding a change to all tenants together could be helpful (e.g. adding an exclusion to all tenants).

Labor effort > False positives

Users preferred the labor effort of maintaining a static list of users over dealing with false positives of a dynamic list.

Tone of voice affects response

Users don't typically react urgently when they see Infected devices or active threats due to the tone of voice."It makes you think like this is the end of the world, but really it is not."

Key Value Additions

Though I redesigned the entire CaptureClient Platform, I think a few value additions made the most impact on the user experience.


Our interviews with new users of the CaptureClient application revealed that the top labels in the navigation needed to be more intuitive, and users had to open all the tabs to know what they would find there. Therefore I eliminated the individual sub-pages in the left navigation to directly showed the pages upfront for efficiency and clarity.

Information Architecture

The architecture was redesigned based on the items themselves rather than the type of function. This eliminated unnecessary segregation and grouped related functionalities. For example, policy configuration now includes blacklists, exclusions, device control, and configuration settings. Threat detection was moved to a prominent navigation item for quick access by security analysts. Overall, the redesign improves organization and usability.

Policy Management User-flow

An inheritance feature was introduced for security policies to simplify updates. Most policies remain unchanged for device and user groups, except in special cases. Analysts can now edit a policy for a user group by selecting the group, turning off inheritance, and updating the policy. This user-centric approach reduced seven steps as compared to the previous flow.


I designed two different dashboard views on the selected scope - an all-tenant view and a single-tenant view. Only actionable data was displayed to make them concise and avoid information overload.

Tenant Onboarding

We redesigned the tenant set-up flow in CaptureClient to address difficulties in tracking tenant settings when adding a new tenant. A step-by-step guide automatically appears when a new tenant is added, improving the overall experience, which users appreciated.


Based on user research findings, we introduced a reports module to the product to address the need for security analysts to send reports to their higher management. Previously, analysts would often send screenshots of the dashboard as reports. The new module allows users to select the desired data type and generate comprehensive reports, improving the reporting process significantly.


Usability Testing

Usability testing was conducted on the redesigned workflows, including dashboard, scope interaction, policy management, group creation, and tenant onboarding. We made iterative design improvements based on the feedback received to enhance the usability further.

Design enhancements made based on feedback
Major enhancements
  • Highlight the Scope feature and its functionality
  • Incorporate the overall summary of tenant health (Summarized > Top 5)
  • Additional widgets + Managing widgets functionality under “Customization” of dashboard
  • In “Policy Management” provide double-check / alert messages while updating settings
  • Manage widget settings on Unified Dashboard (P.S provide licenses information)
Minor enhancements
  • Find out an alternative to display “Admin review” as a part of tenant onboarding (Loading-time)
  • Clear visibility/clarity of type of license enabled (Basic OR Advanced) while onboarding a tenant
  • Refinement of content in Policy review
  • Provide success messages in a standardized format

UX Specs and annotations

I also built a UX specifications document on Keynote that thoroughly describes the new features and how they work. The final UI-aligned designs are peppered with pointers that refer to a detailed description of each individually marked element on the screen.


- 21% decrease in number of customer tickets related to policy configuration.
- Customer testimonial on SonicWall's website after CaptureClient 3.5 with our designs was released.



Next Project

Thanks for stopping by!

Find something interesting? Contact me at