Getting started

Welcome to the Stormshield XDR (eXtended Detection and Response) setup guide.

Stormshield XDR detects threats and responds to them with predefined scenarios that combine all or part of the following Stormshield products:

XDR component Stormshield product
Network Detection and Response (NDR)
File Detection and Response (FDR)

One or several Stormshield Network Security (SNS) firewalls. Some alert rules require additional license options:

  • The Premium UTM Security Pack, which contains URL categories and the advanced antivirus,

  • Sandboxing (Breach Fighter license, which is now included in new Premium pack subscriptions).

For more information, refer to the descriptions of alert rules in the scenario package available on MyStormshield,

When there are several firewalls, Stormshield Management Center (SMC) can be used to manage them more easily.

Endpoint Detection and Response (EDR) Stormshield Endpoint Security Evolution (SES Evolution)
Event correlation, alerts, and response management and automation Stormshield Log Supervisor (SLS)

Operation without SMC

Operation with SMC