FSNOT, CSNOT: Stormshield’s OT training courses are getting a makeover
Published on: 05 10 2020
Security is an ever-growing priority for operational environments faced with cyber threats. Yet today, the process of integrating cybersecurity solutions remains a subject in its own right, given the complex nature of such environments. Through a working partnership with teams from Airbus CyberSecurity and ETN, Stormshield now offers updated OT training courses to streamline our products’ integration and configuration in operational architectures.
The first sessions were held in late September in Stormshield's Paris offices; find out about the new OT training courses.
FSNOT: a network and security training course for automation engineers
This new FSNOT (Fundamentals of Stormshield Network Operational Technology) course is delivered over two days. Its goal: to introduce the range and basic functions of Stormshield Network Security products for deployment in operational environments.
It opens the door to the next part of the training (CSNOT – see below) without going through CSNA training. With a focus on industrial protocols, it is aimed at automation engineers and network administrators seeking to secure their networks.
CSNOT: working with industrial protocols
The third and final day of general training then covers the CSNOT (Certified Stormshield Network Operational Technologies) – which replaces the old CSNIP training. This is conducted entirely on Airbus CyberSecurity's CyberRange platform, taking the form of practical work in a sandbox-type environment.
With CyberRange, trainees can choose to work with an industrial protocol (from S7, OPC UA and Modbus) on a practical exercise: an analysis of data flows across a pre-production industrial firewall, between a man-machine interface (MMI) and two tanks – whose fill level must not exceed a critical threshold.
Having configured the firewall to protect the factory, they test it by launching cyberattacks with the aim of disrupting the factory's normal operations. The arsenal of attacks available to them includes a Man-in-the-Middle type attack on Modbus, deleting nodes on the OPC UA server, and alterations to orders sent by S7.
They finish with a session on custom context-sensitive protection signatures.
The list of available protocols will be expanded in future (e.g. Profinet IRT).
These training courses are offered exclusively by Stormshield and its partner ETN – an industrial specialist. See the training course timetable below and sign up!