Stormshield Network Security
Reliable firewall from the Airbus Group
Stormshield – a subsidiary of the Airbus Group specializing in cybersecurity – develops reliable and trusted network security solutions for both corporate and government clients. Stormshield firewalls, with 100% European background and ownership, are uniquely certified in the UTM market and are independent of government partnerships and backdoor threats that affect the reputation of many manufacturers. Stormshield Network Security is the only UTM firewall solution that complies with the European Union’s requirements for handling confidential data.
More about Stormshield Certificates
Stormshield Network Security firewalls have been serving in nuclear submarines, tanks, and fighter jets for decades, as well as in several EU member states, security services, and armed forces. Airbus’s uncompromising security is available to everyone, from government institutions (including within the framework of public procurement), through various research institutes, to companies of all sizes (from SMEs to the largest enterprises), and even to individuals who prioritize privacy protection.
European, backdoor-free network security
The foundation of reliable protection is trust in the manufacturer. The loss of trust is usually not fully recoverable. Simply fixing (removing) publicly disclosed backdoors does not restore trust, as many manufacturers (Cisco, Juniper #1, Juniper #2, Fortinet, Sonicwall, Huawei and others) have experienced in the (near) past. Airbus solutions are uniquely trustworthy and reliable, regarded as backdoor-free by the highest authorities of the European Union.
A firewall designed for a decade
Stormshield UTM firewalls boast a high lifespan of 9-13 years (MTBF), making the investment worthwhile and ensuring network security for more than a decade. Our largest firewall features a modular, fault-tolerant architecture, dual power supplies, and even redundant, self-healing SSD drives. Stormshield also offers firewalls for industrial environments with specialized enclosures that can withstand various temperature conditions and vibrations.
Stormshield devices are made from high-quality, industrial-grade components that guarantee reliable operation for customers. Additionally, every Stormshield firewall comes with a lifetime hardware replacement service, ensuring not only that we design reliability, but we also guarantee it for our customers.
Try out a demo firewall! Choose your preferred language under the Options button. For Username and Password use: demo
Outstanding performance
Stormshield firewalls are based on patented Application IPS (Application Intrusion Prevention System) packet filtering technology. This line-speed security filtering (i.e., enabling IPS causes almost no noticeable slowdown) is provided by a real-time kernel module, which is the core of the firewall. This means that Stormshield firewalls provide reliable performance regardless of the complexity of the inspection, and unlike other manufacturers, maximum security is enabled by default. Unlike competitors, the Intrusion Prevention System (IPS), Deep Protocol Inspection (DPI), application control, Vulnerability Manager, and other kernel-level security features do not slow down system performance or affect the device’s performance.
Virtual and cloud firewalls
All Stormshield Network Security technology and security features are available on all hardware, virtual, and Cloud devices.
Virtual firewalls
Amazon AWS
Microsoft Azure
Firewall technology in details
Note: Click on the related headline text to expand or collapse the accordion panels.
The kernel-based Intrusion Prevention System (IPS) is the foundation of the Stormshield Network Security firewall. The Application-level IPS (Application IPS) is a patented, high-performance, real-time parallel packet filtering technology. This unique approach provides Stormshield customers with impressive network performance that does not degrade as filtering becomes more complex, ensuring consistent performance over time.
Protocol analyzer plugins are an integral part of the Application IPS technology. The appropriate plugin is selected, and protocol inspection is performed during real-time analysis of all traffic connections. Stormshield firewalls also perform intelligent TCP synchronization, allowing the firewall to store all connections for the required time and quantity needed for content-based filtering, ensuring that all traffic through the firewall is filterable and security is guaranteed. Over 60 protocol inspectors are continuously updated and expanded. Their use ensures that only approved packets (e.g., no FTP commands in an HTTP packet) are processed further, proactively stopping more than 80% of network attacks solely through signature matching.
Stormshield’s unique Vulnerability Manager technology creates a “fingerprint” of all traffic passing through the firewall, identifying critical data from network endpoints such as operating systems, applications, browsers (manufacturer and version), server services, and all known vulnerabilities. The vulnerability report helps minimize attack surfaces and makes exploitation much more difficult.
Stormshield’s email security technology captures SPAM and phishing emails. It can separately identify newsletters, low-priority commercial emails, and advertisements. No longer necessary to unsubscribe or block all newsletters, they can simply be tagged to go into a separate folder and reviewed daily or weekly, while important emails go into the inbox.
Stormshield’s extended URL filtering system has a cloud-based, up-to-date database that categorizes over 100 million websites with real-time updates. Using 65 different categories, web access can be finely tuned. Unwanted content such as websites related to weapon manufacturing, pornography, illegal downloads, or anonymizer proxy services can easily be blocked.
By decrypting encrypted connections, the Stormshield firewall can inspect all traffic. It allows filtering of websites and applications visited via HTTPS, removing security threats in SMTPS connections and detecting malware in POP3S downloads. The firewall’s universal SSL decryption feature ensures that any SSL/TLS-based protocol can be decoded, enabling all security layers to analyze the decoded protocol and enforce security policies.
By filtering unwanted countries and IP ranges with bad/poor reputations, the number of attacks on the network can be further reduced. This feature allows blocking of incoming and/or outgoing traffic from or to selected countries and/or continents and can also be used to block access to IP ranges with poor reputations, such as those spreading malware, sending SPAM, or functioning as parts of botnets or TOR endpoints.
With Stormshield’s patented sandboxing technology, suspicious attachments and files (e.g., PDFs, office formats, and executable files) can be uploaded to the Stormshield cloud for further analysis using the powerful sandbox analysis system. Using robust emulation and analysis techniques, the cloud’s massive computational power is available to all Stormshield firewalls.
Stormshield Network Security is uniquely capable of analyzing, isolating, and even fine-tuning control of SCADA protocols (e.g., Modbus, S7, OPC UA, Ethernet/IP). The firewall can protect industrial networks and critical infrastructure, preventing the execution of unwanted programs, industrial attacks, sabotage, and terrorism.
Stormshield can establish secure VPNs from anywhere in the world, ensuring that even the most critical customers and infrastructure operators can use it. In addition to hardware-accelerated, high-performance IPSec VPNs, unlimited SSL VPN and outdated PPTP VPN are also available. Stormshield provides maximum security and reliability as the only VPN solution certified by EAL 4+, NATO, and the European Union. It was designed so that IPS, DPI, and all other defense modules inspect VPN traffic, blocking even internal attacks within the VPN, unlike many other UTM firewall solutions where VPN traffic cannot be filtered.
After integrating the user database, firewall rules and policies based on users and groups can be created for more precise settings. In addition to Active Directory, Stormshield can work with any LDAP-capable directory. For small businesses without a corporate directory, Stormshield offers a built-in LDAP server. User authentication capabilities include transparent SSO, a web access portal, Radius server, and certificate support. When using an external Radius server, Stormshield can also work with strong authentication solutions such as OTP, SMS, biometric identifiers, or smart cards.
The system running on Stormshield hardware firewalls does not contain artificial restrictions. The same system runs on all models, from the smallest to the most powerful. Only differences in hardware, such as different Ethernet and/or optical ports, CPU performance, or storage (SD card, HDD, or SSD), limit them. Choose a Stormshield firewall that best suits the application, performance, or network size without needing a more expensive model for specific functions.
Stormshield firewalls can be deployed in high-availability (Master-Slave HA) clusters, allowing two firewalls to operate in parallel while the Master (Primary) machine’s memory continuously synchronizes with the Slave (Backup) machine. In the event of network or device failure, the second firewall takes over in less than a second. With this stateful clustering, all connections, phone calls, VPNs, and encrypted communications remain intact, allowing for seamless failover without users noticing.
Firewall model comparison
All Stormshield Network Security technologies and security features are available on all hardware (SNx220), virtual (VSxx), and Cloud (Vx0) Appliances. Their datasheets and a comparison table of their key characteristics can be found here.