A decade of a national defence ministry’s collaboration with Europe-based cybersecurity provider Stormshield has delivered cybersecurity improvements, without adding risk of information losses beyond its borders.
According to the case study by IT/OT convergence security specialist Stormshield, the partnership covers some 125,000 endpoints and 1000 staff.
“The cybersecurity of public players such as a country’s Ministry of Defence easily ranks among the most critical,” the vendor explained. “In addition to the need for IT security, there is also the need to maintain its independence.”
The ministry selected Stormshield Endpoint Security software to help it achieve these goals, including protecting desktop or mobile workstations and also servers in sensitive or restricted environments, such as ships operated by the military wherever they may be deployed.
“Securing these types of IT and operational infrastructures also means implementing enhanced protection solutions to monitor peripheral devices, the network and applications, using a lot of behavioural analysis,” the company said.
“All these points were the arguments that made the difference when this public player chose Stormshield, through its local partner, iPSS.”
Stormshield Endpoint Security enables this Ministry of Defence, supported by iPSS, to manage its cybersecurity and data autonomously while keeping up with developments in the sector.
Additionally, Stormshield provides customers with new rule sets regularly so they can maintain compliance with new regulations and fend off emerging threats.
“In the case of PrintNightmare, Stormshield was contacted by iPSS as soon as the Microsoft vulnerability was published and immediately investigated the problem. In less than three hours, the teams sent a proposal concerning the rules for securing the customer’s workstations,” the company said.
PrintNightmare is described by the US’s Cybersecurity and Infrastructure Security Agency (CISA) as a Windows print spooler vulnerability potentially affecting domain controllers and Active Directory admin.
Working with iPSS, Stormshield teams also determined how many servers were needed to process multiple logs and optimise log timeframes.
Securing electricity installations
Stormshield has also been working with Eiffage Énergie Systèmes industrial brand Clemessy as part of a project renovating instrumentation and control systems of several electricity plants with 40 workstations and 25 servers per plant.
“This customer wanted to modernise its installations in order to deal with the obsolescence of its instrumentation and control system, used to manage electricity production in several plants, and at the same time to improve its cybersecurity,” according to the Stormshield case study.
In the Clemessy project, Stormshield Endpoint Security was supplemented with Stormshield SN510 and SN310 firewalls as well as the Stormshield SSL VPN solution.
The operational tech (OT) system and the office network did not have the same security level, so they were interconnected via a SN510 firewall.
“Several security modules were quickly deployed. A DMZ area hosting web and file transfer services was created. Stormshield’s Client SSL VPN solution now ensures the security of remote maintenance access,” the company said.
“The industrial system is protected by strict flow filtering and the activation of the intrusion prevention system native to Stormshield SNS solutions operating in DPI (Deep Packet Inspection) mode.”