Introduction

Thank you for choosing Stormshield Network Security. Designed to protect networks of all sizes, Stormshield Network Security - SNS range appliances are pre-configured: no hardware or software installation is needed and no UNIX knowledge is necessary, just a user-friendly configuration via a graphical interface.

The Stormshield Network Security (SNS) range consists of 26 products:

SN160, SN160W, SN210, SN210W, SN310, SN-XS-Series-170, SN-S-Series-220, SN-S-Series-320, SN510, SN-M-Series-520, SN710, SN910, SN-M-Series-720, SN-M-Series-920, SN1100, SN2100, SN3100, SN-L-Series-2200, SN-L-Series-3200, SN6100, SN-XL-Series-5200, SN-XL-Series-6200, SNi10, SNi20, SNi40 and SNxr1200.

The architecture of the new-generation SNS range was specifically designed to maximize the performance of the Stormshield Network Security protection engine. Complex application traffic is therefore inspected at high speed at the heart of the network and without discernible latency (less than 1 millisecond).

Hardware acceleration for data encryption also anticipates multiple high-speed VPN sessions.

The SNS firewall makes it possible to define incoming or outgoing access control rules. Its concept is simple: any incoming or outgoing transmission passing through the firewall is monitored, allowed or blocked according to the rules, packet by packet.

The SNS firewall is based on a sophisticated packet filtering mechanism that provides a high level of security. All firewalls integrate the ASQ (Active Security Qualification) technology developed by Stormshield Network Security. This technology makes it possible detect and block hacking attempts in real time: illegal packets, denial of service attempts, anomalies in a connection, port scans, buffer overflows, etc.

In an intrusion attempt, depending on the instructions set in the security policy, the SN firewall blocks the transmission, generates an alarm and stores the information linked to the packet which set off the alarm. You will therefore be able to analyze the attack and trace its source.

The SNS firewall not only allows you to prevent, or restrict to just certain services, incoming connections on your network, but also makes it possible to monitor your internal users' Internet usage (HTTP, FTP, SMTP, etc.). You can also monitor your users by authenticating them via an internal or external authentication database.

The SNS firewall also manages port and address translation mechanisms. These mechanisms provide security (by masking your internal address range) and flexibility (by enabling the use of any private internal addressing range) and reduce costs (by enabling the provision of several servers on the Internet with a single public IP address).

Stormshield Network Vulnerability Manager, the risk management solution, is based on the detection of applications and the associated vulnerabilities. It allows you to quickly zero in on the most vulnerable hosts, identify affected applications and know which bug fixes to apply.

Lastly, the SNS firewall includes VPN gateway functions allowing you to establish encrypted tunnels with other VPN equipment. In this way, your communications between sites or with your mobile users may be secured even while using an insecure communication infrastructure like the Internet.

Administration tools

Thanks to the web administration interface, you can administer your Stormshield Network Security firewall from the operating system of your choice. The new firewall configuration interface, accessible from a web browser, benefits from the latest breakthroughs in user friendliness and simplicity of use.

Monitoring tab

The dashboard gives an overview of information relating to the firewall’s activity and its configuration.

The Logs - Audit logs module, available on firewalls equipped with storage media, allows you to read logs generated by appliances and stored locally. These logs are grouped by views, i.e., by alarm, connection, web log, etc. Advanced filters make it possible to analyze logs even deeper.

In the Reports module, you will be able to view how Internet access is used, which attacks your firewall has blocked, and which hosts are vulnerable on your corporate network. Many interactive features allow you to modify the configuration of your firewall. These reports appear as Top 10 lists in Web, Security, Viruses, Vulnerabilities and Spam.

The Monitoring module shows graphs and data in real time, and history graphs can be added to these if this option is enabled in the Report configuration module.

Stormshield Management Center

With the SMC administration tool, you can manage and supervise a pool of SNS firewalls. Common or specific filter rules and VPN access can be set up to optimize configuration tasks. Always keep your firewall pool up to date, make regular backups and configure the privileges of your SMC administrators.