Getting started

Welcome to the Stormshield Management Center installation guide version 3.7.1.

In the documentation, Stormshield Management Center is referred to in its short form: SMC and Stormshield Network Security in its short form: SNS.

SMC server allows you to perform a centralized administration of SNS firewalls.

From the SMC server 3.7.1 web interface, you can:

  • Administer firewalls,
  • Get a clear overview of all your firewalls,
  • Ensure consistent configurations,
  • Access the web administration interface of firewalls,
  • Create API keys to use the SMC public API.

The SMC server is a virtual machine provided in the form of an .OVA archive file (Open Virtualization Archive) for VMware, .VHD (Virtual Hard Disk) for Microsoft Hyper-V or .qcow2 for KVM.

The SMC server 3.7.1 is compatible with Stormshield Network Security from version 4.3.

In order to install the SMC server, download the file smc-x.x.x.ova, the archive smc-x.x.x-hyperv.zip or the archive smc-x.x.x-kvm.tar.gz from your MyStormshield personal area.

Adapting the size of the virtual environment according to the number of SNS firewalls

The table below gives an estimate of the minimum resources that your SMC virtual machine needs in relation to the number of SNS firewalls managed.

The number of vCPUs and the size of the RAM may vary depending on the number of objects, rules, topologies, etc. in your configuration.

Moreover, the data disk for storage is 120 GB by default. Additional space may be required depending on the frequency of SNS firewall configuration deployments and backups.

Number of SNS firewalls managed Minimum recommended number of vCPUs Minimum recommended RAM
1- 50 2 4 GB
51- 400 4 8 GB
401- 600 8 16 GB

Setup recommendations

  • We recommend to install the SMC server after a firewall which authorizes only necessary traffic:

    • access to user interfaces (SSH for the console and HTTPS for the Web interface) of the SMC server only for the IP addresses of authorized administration hosts,

    • traffic allowing the connection of SNS firewalls to the SMC server on the port TCP/1754 (default port).

  • The passwords of the “root" account (allowing access to the server in command line), of the “admin” user (Web interface main administrator) and of any other administrator must be compliant with the recommendation written in the SMCAdministration guide.