wonderfully unique software solutions

How Stormshield IPsec protects customers via Diffusion Restreinte

Civilian companies can benefit from adoption of cybersecurity with the French government’s ‘Diffusion Restreinte’ label, not just military and government organisations or contractors to the public sector or organisations handling classified information.

That’s according to Stormshield product manager Simon Dansette, writing on the company website. The ‘Diffusion Restreinte’ label — in English, restricted circulation — can be applied beyond military use to protect sensitive information and data exchange.

“With increasing digitalisation, companies’ sensitive information requires special attention, which means strengthening methods of protection. This rule applies to both private and public players in France, from very small businesses to industrial players in the defence sector,” Dansette explained.

“It has ceased to apply solely to the military sector, and is now opening up to other sectors of activity.”

Diffusion Restreinte may refer to the extent to which a system can store and manipulate information, or the extent of a security product’s ability to protect systems and data, or to the certification applied to an information system, Dansette said.

Typically, it may imply following various IT security measures set up based on specifications issued by the French cybersecurity agency, Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI), guide Recommendations for the Architecture of Sensitive or Restricted Information Systems, he said.

“In the hundred or so pages of this document, the ANSSI makes recommendations such as the use of IPsec VPN tunnels when interconnecting Diffusion Restreinte information systems, or remote connections to such information systems,” Dansette wrote.

“And to take things even further, the French agency has been working on a hardened version of the IPsec protocol for implementation in Diffusion Restreinte-level network protection solutions. With IPsec Diffusion Restreinte (DR), the term has been extended once again.”

The ANSSI recommends setting up a virtual private network (VPN) tunnel, as well as a “precise perimeter” of cryptographic algorithms, enhanced authentication methods, and a limitation of authorised modes and options to protect the network, according to Stormshield.

“It’s a trend that illustrates the porous boundary between these two worlds, military and civilian, both of which are preoccupied by the same issues: protecting their sensitive data, whatever the cost,” Dansette said.

“And all civilian enterprises have data to protect, because all of them handle sensitive, vital or critical data.”

The IPsec DR repository, covering internet encryption and authentication, has been “baked directly” into Stormshield Network Security (SNS) solutions, said Dansette.

( Photo by Ilnur Kalimullin on Unsplash )

Recent Articles

Hornetsecurity expands M365 cloud security offer with Vade deal

Cloud email security provider Hornetsecurity has added a partnership with Vade, increasing focus on answering data sovereignty requirements with best-in-class cloud, compliance...

Cross-browser testing provider BrowserStack named Microsoft ‘partner of choice’

Software testing platform provider BrowserStack has announced a strategic partnership with Microsoft to support Visual Studio App Center users transitioning to BrowserStack...

JetBrains rolls out full-line code completion for its IDEs

Developer tools company JetBrains has added to its AI-enablement tools with full-line code completion for its integrated development environments (IDEs), separate to...

OpenText renews X12 supply-chain data standards partnership

Enterprise information management (EIM) software vendor OpenText is renewing its partner licensing agreement with the X12 electronic data interchange (EDI) standards organisation.

LiveAction NPM performance extended for Cisco unified server users

Network intelligence from vendor LiveAction has been certified to work with high performance Cisco servers, increasing availability of its packet data and...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox