INTRODUCTION
Thank you for choosing Stormshield Network. Designed to protect networks of all sizes,
Stormshield Network - SN range appliances are pre-configured: no hardware or software
installation is needed and no UNIX knowledge is necessary, just a user-friendly configuration
via a graphical interface.
The Stormshield Network (SN) range consists of fourteen products:
SN160, SN160W, SN210, SN210W, SN310, SN510, SN710, SN910, SN1100, SN2100, SN3100,
SN6100, SNi20 and SNi40.
The architecture of the new-generation SN range was specifically designed to maximize the
performance of the Stormshield Network protection engine. Complex application traffic is
therefore inspected at high speed at the heart of the network and without discernible latency
(less than 1 millisecond).
Hardware acceleration for data encryption also anticipates multiple high-speed VPN sessions.
The SN firewall makes it possible to define incoming or outgoing access control rules. Its
concept is simple: any incoming or outgoing transmission passing through the firewall is
monitored, allowed or blocked according to the rules, packet by packet.
The SN firewall is based on a sophisticated packet filtering mechanism that provides a high
level of security. All firewalls integrate the ASQ (Active Security Qualification) technology
developed by Stormshield Network Security. This technology makes it possible detect and
block hacking attempts in real time: illegal packets, denial of service attempts, anomalies in a
connection, port scans, buffer overflows, etc.
In an intrusion attempt, depending on the instructions set in the security policy, the SN firewall
blocks the transmission, generates an alarm and stores the information linked to the packet
which set off the alarm. You will therefore be able to analyze the attack and trace its source.
The SN firewall not only allows you to prevent, or restrict to just certain services, incoming
connections on your network, but also makes it possible to monitor the use of the Internet by
your internal users (HTTP, FTP, SMTP, etc.). You can also monitor your users by authenticating
them via an internal or external authentication database.
The SN firewall also manages port and address translation mechanisms. These mechanisms
provide security (by masking your internal address range) and flexibility (by enabling the use
of any private internal addressing range) and reduce costs (by enabling the provision of several
servers on the Internet with a single public IP address).
Stormshield Network Vulnerability Manager, the risk management solution, is based on the
detection of applications and the associated vulnerabilities. It allows you to quickly zero in on
the most vulnerable hosts, identify affected applications and know which bug fixes to apply.
Lastly, the SN firewall includes VPN gateway functions allowing you to establish encrypted
tunnels with other VPN equipment. In this way, your communications between sites or with
your mobile users may be secured even while using an insecure communication infrastructure
like the Internet.
SNS - PRODUCT PRESENTATION AND INSTALLATION 2021
INTRODUCTION
Page 6/79 sns-en-SNrange_installation_guide-2021 - 10/2021
