Stormshield’s security solutions address cyberattacks on operational networks (OT) by incorporating essential features to ensure the day-to-day cyber-serenity of your industrial infrastructure. Enhance your overall security with a comprehensive range of hardware that meets your OT and IT/OT convergence requirements.
Protecting networks from cyber threats
The Stormshield Network Security (SNS) range of firewalls has key features designed to protect industrial networks against cyber threats. These SCADA security products include an Intrusion Prevention System (IPS) engine. This active protection system identifies and blocks malicious data flows within the network. It is based on IPS Stateful DPI technology that provides context-driven analysis of packets in operational network traffic and reduces the risk of corruption of business data flows and applications. With IDS (Intrusion Detection System) rules, you can detect cyber threats without blocking your production. Result: an enhanced level of infrastructure security.
You’ll also enjoy network segmentation and real-time content filtering capabilities (anti-spam, anti-phishing, anti-spyware). In short: the promise of real-time security.
Protection
- DPI / IPS / Filtering
Securing operations - DDoS protection
Prevention of denial of service attacks against industrial systems - Secured remote maintenance
SSL / IPSec VPN - SCADA Security
Integration
- Custom signatures
Detection and protection for your business applications and industrial systems - Remote control
of distributed processes - Protocol content control
standard and proprietary (Siemens, Rockwell, Schneider…)
Traceability
- Transparent authentication
- LDAP directory
- Logs
Local and/or remote management via the same software suite (Stormshield Log Supervisor, Splunk, SIEM, etc.)
Control your traffic. The Stormshield Network Security range offers a high-performance inspection engine. Thanks to Deep Packet Inspection (DPI), you can keep control over standard industrial protocols (Modbus, UMAS, EtherNet/IP, BACnet/IP, PROFINET, IEC 61850, etc.) as well as your own proprietary protocols.
Supporting business continuity
Stormshield solutions have features that guarantee the business continuity of OT networks via High Availability mode and safety mode (cluster, bypass). And with dual power supplies and bandwidth management, they maintain 100% reliable connectivity and operational reliability.
Securing communications via encryption
Stormshield protects communications, and ensures confidentiality and data integrity across OT networks with effective encryption and authentication capabilities. With IPSec VPN or SSL VPN, you can choose how you securely access internal company resources. You can also activate the “Restricted Distribution” (IPsec DR) mode.
Controlling web usage
Stormshield solutions come with filtering and control features. Coupled with SSL decryption, these features secure your communications by blocking unwanted HTTPS websites. They include URL filtering, application control, and also user identification, transparent authentication, service quality management and content control.
DPI systems and network security: IPS stateful DPI technology in OT environments
Today, a basic level of protection in the fight against cyberattacks is provided by segmenting operational networks. However, in the face of new and increasingly sophisticated threats, the deployment of solutions for in-depth analysis (DPI) of the messages exchanged is also required to anticipate the protection of these sensitive networks.
A Stormshield whitepaper to find out more.
