CSNA training course

With this certified training course, you’ll become familiar with the features and installation procedure of Stormshield Network Security products within a traditional architecture.

During the Certified Stormshield Network Administrator (CSNA) training course, you’ll be immersed in the key principles of how to use and configure Stormshield Network Security firewalls. Once you’ve completed this training, you’ll be able to define and implement filtering and routing policies, configure authentication policies and set up different VPN network types. Your company’s network security will be an open book to you! This skillset is enhanced by our Stormshield CSNA certification.

At the heart of CSNA training

If you are...

An IT manager, network administrator, or IT and support technician: this course is for you!

Face-to-face or distance CSNA training?

The training is delivered either face to face (classroom-based teaching), or remotely (virtual trainer via a video system, with role-playing labs delivered via the Airbus CyberSecurity CyberRange platform). It alternates theoretical courses and practical work.

You’ll receive course support consisting of a theoretical component, practical work (Labs) and marking. To help you put the course theory into practice, you’ll have a full technical environment at your disposal.

And you’ll be able to keep your expertise current for three years by downloading updates to the course material in PDF format on our Institute platform.

What our CSNA training will enable you to do

  • Handle an SNS firewall and understand how it works.
  • Configure a firewall in a network.
  • Define and implement filtering and routing policies.
  • Configure access control for websites in http and https (proxy) modes.
  • Configure authentication policies.
  • Implement different types of virtual private network (IPSec VPN and SSL VPN).

What does this CSNA training cost, and how do I register?

The public price is €2,250 ex. VAT for 21 hours’ training in the classroom and two online certification sessions.

You can register via the training calendar.

Practical information about the CSNA training course

The CSNA training lasts 21 hours.

Stormshield offers face-to-face inter-company training sessions at its Paris, Lille and Lyon premises, or via distance learning.

Our trainers also conduct intra-company training (on-site or distance learning) for groups of 5 or more people.

There is a maximum of 8 trainees per session.

You must...

  • Be conversant with TCP/IP.
  • Previous network training would be a plus.

Hardware requirements depend on the format of the session.

In the classroom:

  • A PC with 6 GB RAM and an i3-type processor, 500 MB of free hard disk space
  • Administrator rights for the PC, to enable you to install the following software:
    • A Chrome 50 (or higher) or Firefox 50 (or higher) web browser
    • PuTTY (or any other SSH client)
    • WinSCP (or equivalent SCP client)
    • Wireshark, VirtualBox or VMWare equivalent (VMWare Workstation Player or Pro).

Distance learning:

  • A PC with 6 GB RAM and an i3-type processor, with no hard disk constraints.
  • A Chrome 50 (or higher) or Firefox 50 (or higher) web browser with JavaScript installed for access to the CyberRange platform for practical work (no other browsers are supported). You must have plugin installation rights for managing the videoconferencing software.
  • Internet access with a minimum speed of 2 Mb/s.
  • A 2nd screen is strongly recommended (22'' or more).

CSNA: certification at your fingertips

Provided you pass the final exam at the end of the course, obviously! You sit the exam online (1 hr 30 mins, 70 questions). The passmark is 70%.

The exam is automatically available on the day following the end of training, for a period of three weeks, at the Institute’s website.

In the event of failure, or inability to take the exam within this time slot, a second and final exam opportunity automatically opens immediately afterwards for a duration of one additional week.

Detailed CSNA description

  • Introduction of trainees (round table)
  • Training curriculum and certifications
  • Introduction to Stormshield and its products
  • Getting started with the firewall
    • Registering with the customer area and access to technical resources
    • Initialising the box and introduction to the administration interface
    • System configuration and administration rights
    • Installing the licence and updating the system version
    • Backing up and restoring a configuration
  • Logging and monitoring
    • Introduction to logging categories
    • History graphs and monitoring
  • Objects
    • Concept of an object and types of usable objects
    • Network objects and router
  • Network configuration
    • Methods of configuring a box on a network
    • Interface types (Ethernet, modem, bridge, VLAN, GRETAP)
    • Routing types and priorities
  • Network address translation (NAT)
    • Translation of outbound data streams (masquerading)
    • Translation of inbound data streams (redirection)
    • Bidirectional translation (one-to-one translation)
  • Filtering
    • General information on filtering and concept of connection tracking (stateful)
    • Detailed introduction to the parameters of a filter rule
    • Ordering of filtering and translation rules
  • Application protection
    • Implementing http and https URL filtering
    • Configuring antivirus scanning and Breach Fighter detonation scanning
    • Intrusion prevention module and security inspection profiles
  • Users and authentication
    • Directory configuration
    • Introduction to the various authentication methods (LDAP, Kerberos, Radius, SSL Certificate, SPNEGO, SSO)
    • User enrolment
    • Implementing explicit authentication via captive portal
  • Virtual private networks
    • IPSec VPN concepts and general information (IKEv1 and IKEv2)
    • Site-to-site with pre-shared key
    • Virtual Tunnelling Interface
    • Operating principle
    • Configuration

re-certification kits

In common with all good software, you’ll need to update your network/security expertise before the third anniversary of your certification. You can do this using our online re-certification kits, which allow you to renew your certification for an additional three years.


Want to find out about dates for network protection training courses? Discover our SNS training calendar.