NETWORK SECURITY

STORMSHIELD
SNi40
An industrial-grade Firewall

4.8 Gbps 1.2 Gbps 10+ 5 ports

FIREWALL VPN IPSEC INDUSTRIAL 10/100/1000
PERFORMANCE PERFORMANCE PROTOCOLS INTERFACES

A product adapted to your

environments
Support your safety with an appliance specifically
designed to protect PLCs (Programmable Logic
Controller). Enhance your overall security with a full
range of appliances handling both your OT and IT/OT
convergence requirements

Impact-free protection
• Safety first with either High Availability or Fail-safe mode
• Detection and protection of the main vendors (Schneider
Electric, Siemens, Rockwell, ...)

Simplified integration
• Easy installation thanks to a simple setup procedure
• A single software product for a one-stop administration
process regardless of the area of protection (OT or IT)

CSPN
Manage your infrastructure
INDUSTRIAL FIREWALL • View the list of active equipments on your network
• Real time control over the existing connections

NEXT GENERATION UTM OPERATIONAL TECHNOLOGY WITH WWW.STORMSHIELD.COM

& FIREWALL STRICT INDUSTRIAL CONSTRAINTS
TECHNICAL SPECIFICATIONS FEATURES
PERFORMANCE* USAGE CONTROL
Firewall throughput (1518 byte UDP) 4.8 Gbps Firewall/IPS/IDS mode - Identity-based firewall -
Application detection and management - Microsoft
Firewall throughput (IMIX**) 2.9 Gbps Services Firewall - Industrial firewall/IPS/IDS
IPS throughput (1518 byte UDP) 3.3 Gbps - Industrial application control - Detection and
control of the use of mobile terminals - Application
IPS throughput (1 MByte HTTP files) 1.8 Gbps inventory (option) - Vulnerability detection (option)
Latency (Maximum) 10 ms - Geolocation (countries, continents) - Dynamic
Host Reputation - Transparent authentication
(Active Directory, SSO Agent, SSL, SPNEGO) -
VPN*
Agent-based multi-user VDI authentication (Citrix-
IPSec throughput - AES-GCM 1.2 Gbps TSE) - Guest and sponsorship mode authentication,
Max number of IPSec VPN tunnels 500 webservices.

Max number of SSL VPN (Portal mode) 75 PROTECTION FROM THREATS

Intrusion detection and prevention - Protocols
Number of simultaneous SSL VPN clients 100 autodetection and compliancy check - Application
inspection - Protection from denial of service
NETWORK CONNECTIVITY attacks (DoS) - Protection from SQL injections
Concurrent connections 500,000 - Protection from Cross-Site Scripting (XSS) -
Protection from malicious Web2.0 code and
New connections per second 20,000 scripts (Clean & Pass) - Trojan detection -
Number of main gateways (max)/backup (max) 64/64 Detection of interactive connections (botnets,
Command&Control) - Protection against
evasion techniques - Advanced management
CONNECTIVITY
of fragmentation - Automatic reaction to attack
Copper 10/100/1000 Interfaces 5 (notification, quarantine, block, QOS, dump) - SSL
decryption and inspection - VoIP protection (SIP) -
1Gbps SFP slots 0-2
Collaborative security: IP reputation.
Serial port 1
CONFIDENTIALITY
USB ports 1 USB 2.0, 1 USB 3.0 Site-to-site or nomad IPSec VPN - Remote SSL
VPN access in multi-OS tunnel mode (Windows,
PROTOCOLS - DEEP PACKET INSPECTION (DPI) Android, iOS, etc.) - SSL VPN agent with automatic
configuration (Windows) - Support for Android/
Modbus, UMAS, S7 200-300-400, EtherNet/IP, CIP, OPC UA, OPC (DA/HDA/AE), BACnet/IP,
iPhone IPSec VPN.
PROFINET, SOFBUS/LACBUS, IEC 60870-5-104, IEC 61850 (MMS, Goose & SV), S7+ & IT
NETWORK - INTEGRATION
HARDWARE IPv6 - NAT, PAT, transparent (bridge)/routed/hybrid
modes - Dynamic routing (RIP - OSPF - BGP) -
Storage 32 GB SSD
Multicast - Multiple link management (balancing,
Log partition > 20 GB SSD failover) - Multi-level internal or external PKI
management - Multi-domain authentication
MTBF at 25°C (years) 26.6
(including internal LDAP)- Policy-based routing
Installation DIN rail (width 35mm, EN (PBR) - QoS management - DHCP client/relay/
50022 standard) server - NTP client, - LACP, - Spanning Tree
Protocols (RSTP & MSTP), SD-WAN, Multifactor
Height x Width x Depth (mm) 165 x 80 x 145
Authentication (MFA).
Weight 1.40 kg (3.10 lbs)
MANAGEMENT
Packaged Height x Width x Depth (mm) 139 x 283 x 215 Web-based management - Interface with privacy
Packaged weight 2.10 kg (4.63 lbs) mode (GDPR compliancy) - Object-oriented
security policy - Contextual security policy -
Double power supply (DC) 12-36VDC 5-1.67A Real-time configuration helper - Rule counter
Consumption (W) (Idle) DC @+25°C 15.5 - Connected or disconnected security updates
- Global/local security policy - Embedded log
Power consumption (W) (full load, max.) DC @+25°C 19.5 reporting and analysis tools - Interactive and
Fans - customizable reports - Support for multiple syslog
server UDP/TCP/TLS - SNMP v1, v2c, v3 agent
Thermal dissipation (max, BTU/h) 66.54 - IPFIX - Automated configuration backup - Open
API - Script recording.
Operational temperature -40° to +75°C (-40° to +167°F)
Relative humidity, operating (without condensation) 0% to >90%
Non-contractual document. The features mentioned are
Level of protection provided by the appliance (IP Code) IP30
those in version 4.x.
Storage temperature -40° to +85°C (-40° to +185°F) * Performance is measured in a laboratory and under
conditions ideal for version 4.x. Results may vary according
Relative humidity, storage (without condensation) 5% to 95% to test conditions and the software version.

CERTIFICATIONS
CE/FCC, IEC 60950-1, IEC 61000 (3-2, 3-3, 4-18, 6-2, 6-4), IEC 60068 (2-1, 2-2, 2-6,
2-13, 2-14, 2-27, 2-30, 2-78), EN 55024, EN 55032

Version 2.9 - Copyright Stormshield 2023