Industrial cybersecurity: features offered by Stormshield products

Stormshield’s security solutions address cyberattacks on operational networks (OT) by incorporating essential features to ensure the day-to-day cyber-serenity of your industrial infrastructure. Enhance your overall security with a comprehensive range of hardware that meets your OT and IT/OT convergence requirements.

Protecting networks from cyber threats

The Stormshield Network Security (SNS) range of firewalls has key features designed to protect industrial networks against cyber threats. These SCADA security products include an Intrusion Prevention System (IPS) engine. This active protection system identifies and blocks malicious data flows within the network. It is based on IPS Stateful DPI technology that provides context-driven analysis of packets in operational network traffic and reduces the risk of corruption of business data flows and applications. With IDS (Intrusion Detection System) rules, you can detect cyber threats without blocking your production. Result: an enhanced level of infrastructure security.

You’ll also enjoy network segmentation and real-time content filtering capabilities (anti-spam, anti-phishing, anti-spyware). In short: the promise of real-time security.

Protection

  • DPI / IPS / Filtering
    Securing operations
  • DDoS protection
    Prevention of denial of service attacks against industrial systems
  • Secured remote maintenance
    SSL / IPSec VPN
  • SCADA Security

Integration

  • Custom signatures
    Detection and protection for your business applications and industrial systems
  • Remote control
    of distributed processes
  • Protocol content control
    standard and proprietary (Siemens, Rockwell, Schneider…)

Traceability

  • Transparent authentication
  • LDAP directory
  • Logs
    Local and/or remote management via the same software suite (Stormshield Log Supervisor, Splunk, SIEM, etc.)

Are you looking for trusted firewalls for your industrial infrastructure? The two models in our industrial range, SNi40 & SNi20, are the only industrial firewalls to be Standard-qualified by ANSSI - a guarantee of robustness and confidence. What's more, with deep packet inspection, these solutions can support around twenty industrial protocols, both standard and proprietary.

Supporting business continuity

Stormshield solutions have features that guarantee the business continuity of OT networks via High Availability mode and safety mode (cluster, bypass). And with dual power supplies and bandwidth management, they maintain 100% reliable connectivity and operational reliability.

Securing communications via encryption

Stormshield protects communications, and ensures confidentiality and data integrity across OT networks with effective encryption and authentication capabilities. With IPSec VPN or SSL VPN, you can choose how you securely access internal company resources. You can also activate the “Restricted Distribution” (IPsec DR) mode.

Controlling web usage

Stormshield solutions come with filtering and control features. Coupled with SSL decryption, these features secure your communications by blocking unwanted HTTPS websites. They include URL filtering, application control, and also user identification, transparent authentication, service quality management and content control.

DPI systems and network security: IPS stateful DPI technology in OT environments

Today, a basic level of protection in the fight against cyberattacks is provided by segmenting operational networks. However, in the face of new and increasingly sophisticated threats, the deployment of solutions for in-depth analysis (DPI) of the messages exchanged is also required to anticipate the protection of these sensitive networks.

A Stormshield whitepaper to find out more.