Stormshield Network Security: UTM Overview and Analysis

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

See our complete list of top UTM vendors

Key Takeaways

France-based Stormshield has a strong presence in the European SMB market and offers support for regional compliance requirements, along with a strong European channel program. The company is branching out to other regions, including North America. Users credit the company for its security policy, vulnerability detection, hardware, IP reputation feature, and performance with IPS enabled. Areas for improvement include support, false positives with IPS in default prevention mode, email security, and basic URL filtering and antivirus modules. The company has improved management and reporting.

Company Description

Stormshield is a fully owned subsidiary of Airbus CyberSecurity. It came into being following the merger of two French companies, Arkoon and Netasq. It offers connected solutions that anticipate attacks and protect digital infrastructure. In addition to network security products, it also offers endpoint and data security. Its solutions are certified at the highest level in Europe (EU RESTRICTED, NATO, ANSSI EAL3+/EAL4+) and used in over 40 countries.

Product Description

Stormshield Network Security (SNS) includes firewall, intrusion prevention system (IPS), application control, virtual private network (VPN), vulnerability management, antivirus, antispam and Web filtering. It can be centrally managed by Stormshield Management Center. It integrates with Stormshield’s endpoint and data security tools. The company also has a strategic alliance with Panda Security.

In addition, SNS conducts vulnerability assessments in real time. It analyzes traffic and detects applications, and vulnerabilities trigger an alert to the administrator. Its dynamic host reputation service creates dynamic rules based on score, geo-localization, schedule and IP reputation. In this way, the host can make decisions autonomously.

“Traditional antivirus is dead; to detect modern malware, it is necessary to do a cloud analysis,” said Marco Genovese, product manager for Stormshield Network Security. “The perimeter is also dead as servers are running in the cloud, so UTM needs to adapt and sometimes to take decision about the security policies autonomously.”

Markets and Use Cases

Stormshield focuses on the European market, where it has the highest level of qualifications (Common Criteria, NATO, Restraint EU, ANSSI). This has opened the door to many customers in defense and government. In addition, its appliances attract small and medium business customers. For industrial markets, it has many installations in SCADA environments. Its primary target range is from one to 5,000 users.


IPS throughput ranges from 1,800 Mbps to 130 Gbps.


All products send logs to Stormshield Visibility Center for analysis. A vulnerability assessment engine is also embedded in every UTM.


The appliance can be purchased as a hardware or virtual platform. It is possible to buy it for Azure and AWS.




The smallest appliance (SN160) is $545 (maintenance costs 20 percent more). The biggest appliance (SN6000) costs $35,000. The company has also launched a “pay as you go model.”

Get the Free Cybersecurity Newsletter

Strengthen your organization’s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

Drew Robb Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis