France-based Stormshield has a strong presence in the European SMB market and offers support for regional compliance requirements, along with a strong European channel program. The company is branching out to other regions, including North America. Users credit the company for its security policy, vulnerability detection, hardware, IP reputation feature, and performance with IPS enabled. Areas for improvement include support, false positives with IPS in default prevention mode, email security, and basic URL filtering and antivirus modules. The company has improved management and reporting.
Stormshield is a fully owned subsidiary of Airbus CyberSecurity. It came into being following the merger of two French companies, Arkoon and Netasq. It offers connected solutions that anticipate attacks and protect digital infrastructure. In addition to network security products, it also offers endpoint and data security. Its solutions are certified at the highest level in Europe (EU RESTRICTED, NATO, ANSSI EAL3+/EAL4+) and used in over 40 countries.
Stormshield Network Security (SNS) includes firewall, intrusion prevention system (IPS), application control, virtual private network (VPN), vulnerability management, antivirus, antispam and Web filtering. It can be centrally managed by Stormshield Management Center. It integrates with Stormshield’s endpoint and data security tools. The company also has a strategic alliance with Panda Security.
In addition, SNS conducts vulnerability assessments in real time. It analyzes traffic and detects applications, and vulnerabilities trigger an alert to the administrator. Its dynamic host reputation service creates dynamic rules based on score, geo-localization, schedule and IP reputation. In this way, the host can make decisions autonomously.
“Traditional antivirus is dead; to detect modern malware, it is necessary to do a cloud analysis,” said Marco Genovese, product manager for Stormshield Network Security. “The perimeter is also dead as servers are running in the cloud, so UTM needs to adapt and sometimes to take decision about the security policies autonomously.”
Markets and Use Cases
Stormshield focuses on the European market, where it has the highest level of qualifications (Common Criteria, NATO, Restraint EU, ANSSI). This has opened the door to many customers in defense and government. In addition, its appliances attract small and medium business customers. For industrial markets, it has many installations in SCADA environments. Its primary target range is from one to 5,000 users.
IPS throughput ranges from 1,800 Mbps to 130 Gbps.
All products send logs to Stormshield Visibility Center for analysis. A vulnerability assessment engine is also embedded in every UTM.
The appliance can be purchased as a hardware or virtual platform. It is possible to buy it for Azure and AWS.
The smallest appliance (SN160) is $545 (maintenance costs 20 percent more). The biggest appliance (SN6000) costs $35,000. The company has also launched a “pay as you go model.”