Redesigning SonicWall's endpoint security management platform.
12 Weeks
(March - May 2020)
Project Summary

Project Overview

SonicWall's endpoint security platform CaptureClient helps security administrators detect, analyze and mitigate threats on endpoints to avoid compromising an organization's network and data. SonicWall approached us because they were receiving a large volume of customer support tickets for Capture Client. We redesigned their endpoint security platform - CaptureClient, to improve navigation, scalability, and efficiency.


- 21% decrease in number of customer tickets related to policy configuration.

My Role

  • Communication with stakeholders
  • Research interviews and usability testing
  • Redesigned information architecture, policy management and dashboard workflows
  • Insight synthesis into design ideas
  • Low and high-fidelity wireframes

The Problem

After conducting user research and understanding their product, we found three significant problems.

The Solution


Our interviews with new users of the CaptureClient application revealed that the top labels in the navigation were not intuitive enough and users had to open all the tabs to know what they would find there. Therefore we eliminated the individual sub pages in the left navigation to directly showed the pages upfront for efficiency and clarity.

Information Architecture

Instead of an architecture based on the type of function users wanted to perform we redesigned it to an architecture based on the items itself. The existing information architecture also had too many segregated parts with items that had the same function. For example, configuration of exclusions, blacklists and device control is the same as setting a security policy in place. Therefore the items in the security policies group and the configuration group should fall under the same category of policy configuration. Threat detection and monitoring being one of the main tasks for security analysts, I moved threats to a main navigation item for users to get to more quickly.

Existing Information Architecture
Redesigned Information Architecture
Policy Management User-flow

Most security policies applied to the tenant do not change for device groups and user groups. It is only in the edge case scenario where security analysts change the security settings for a particular group of devices or users based on special requests. We, therefore, introduced an inheritance on and off feature. To edit a policy for a user group, the security analyst would only have to select the user group from the scope, select the policy to be changed, turn inheritance off and update the policy. This user-first approach reduced seven unnecessary steps to update a policy compared to the previous user flow.

Existing User-flow
Redesigned User-flow
Redesigned User-flow Prototype
Existing Dashboard
Redesigned Dashboard
Design process

The Approach

This project utilized User Centered design (UCD) process which consisted of the following phases

Empathize & Understand
Define & Analyze
Ideate & conceptualize
Test & Iterate

Understanding the Business / Product

We started our journey by first understanding SonicWall's business goals with regards to CaptureClient.

We also did an expert review and competitor analysis purely based on basic UX and UI principles before we started with user research interviews.

User Research

We conducted 1:1 interviews with our target users in the following steps

1) Participant recruitment

To recruit the right kind of users for research and usability testing

2) Interview Outline

Crafting questionnaire based on user research goals

3) User Research Report

The responses collected were summarized into a detailed user persona and insights document

Our research goals were -

User Research Documentation

User Persona

We documented our research findings into two personas - Security Analyst and Security Administrator.


Propagation form tenant to devices

Top down propagation of exclusions and all other security policies would greatly reduce the deployment time as changing policies specific to a device is not done frequently.

Updates common across tenants

There are scenarios where a same policy needs to be applied to all customers. Adding a change to all tenants together could be useful (eg. adding an exclusion to all tenants).

Labour effort > False positives

Users preferred the labour effort of maintaining a static list of users over dealing with false positives of a dynamic list.

Tone of voice affects response

Users don't typically react urgently when they sees Infected devices or active threats due to the tone of voice. "It makes you think like this is the end of the world but really it is not."

User Goals

Based on our personas and insights we defined the user's goals of using CaptureClient.

Design Goals

We also defined our design goals based on our stakeholder interviews and our expert review

Concept Designs

Categorizing the task modules by priority we defined the user flows and task flows and then started sketching out the low-fidelity wireframes. We tested these low-fi wireframes internally with the IT department within our organization. We then converted those into mid-fidelity for presenting the wireframes to our stakeholders.

Usability Testing

We also wen't through a round of usability testing to evaluate the redesigned workflows - Dashboard, scope interaction, policy management, group creation, tenant onboarding. We then analyzed what was working well / not working well and made iterations of the design.

Design enhancements made based on feedback

Major enhancements
  • Highlight the Scope feature and its functionality
  • Incorporate the overall summary of tenant health (Summarized > Top 5)
  • Additional widgets + Managing widgets functionality under “Customization” of dashboard
  • In “Policy Management” provide double-check / alert messages while updating settings
  • Manage widget settings on Unified Dashboard (P.S provide licenses information)
Minor enhancements
  • Find out an alternative to display “Admin review” as a part of tenant onboarding (Loading-time)
  • Clear visibility/clarity of type of license enabled (Basic OR Advanced) while onboarding a tenant
  • Refinement of content in Policy review
  • Provide success messages in a standardised format


- 21% decrease in number of customer tickets related to policy configuration.
- Customer testimonial on SonicWall's website after CaptureClient 3.5 with our designs was released.



Next Project

Thanks for stopping by!

Find something interesting? Contact me at

Facebook LogoTwitter Logo