CSNE training course

Take your network protection skills to the next level with this certified training. You’ll become familiar with the advanced features of Stormshield Network Security products within a complex architecture.

During the Certified Stormshield Network Expert (CSNE) training, you’ll explore the advanced features of Stormshield Network Security firewalls. Once you’ve completed this training, you’ll be able to use the advanced features of the GUI, fine-tune the intrusion prevention engine and set up a certificate-based IPSec VPN. Your company’s network security will be an open book to you! This skillset is enhanced by our Stormshield CSNE certification.

At the heart of CSNE training

If you are...

An IT manager, network administrator, or IT and support technician: this course is for you! However, you need to have already passed the CSNA exam.

Face-to-face or distance CSNE training?

The training is delivered either face to face (classroom-based teaching), or remotely (virtual trainer via a video system, with role-playing labs delivered via the Airbus CyberSecurity CyberRange platform). It alternates theoretical courses and practical work.

You’ll receive course support consisting of a theoretical component, practical work (Labs) and marking. To help you put the course theory into practice, you’ll have a full technical environment at your disposal.

And you’ll be able to keep your expertise current for three years by downloading updates to the course material in PDF format on our Institute platform.

What our CSNE training will enable you to do

  • Advanced use of the GUI.
  • Fine-tune the intrusion prevention engine.
  • Implement a PKI and transparent authentication.
  • Implement a certificate-based IPsec VPN.
  • Configure a high-availability cluster.

What does this CSNE training cost, and how do I register?

The public price is €2,250 ex. VAT for 21 hours’ training in the classroom and two online certification sessions.

You can register via the training calendar.

Practical information about the CSNE training course

The CSNE training lasts 21 hours.

Stormshield offers face-to-face inter-company training sessions at its Paris, Lille and Lyon premises, or via distance learning.

Our trainers also conduct intra-company training (on-site or distance learning) for groups of 5 or more people.

There is a maximum of 8 trainees per session.

You must...

  • Have passed the CSNA exam in the 3 years prior to the CSNE training.

Hardware requirements depend on the format of the session.

In the classroom:

  • A PC with 6 GB RAM and an i3-type processor, 500 MB of free hard disk space
  • Administrator rights for the PC, to enable you to install the following software:
    • A Chrome 50 (or higher) or Firefox 50 (or higher) web browser
    • PuTTY (or any other SSH client)
    • WinSCP (or equivalent SCP client)
    • Wireshark, VirtualBox or VMWare equivalent (VMWare Workstation Player or Pro).

Distance learning:

  • A PC with 6 GB RAM and an i3-type processor, with no hard disk constraints.
  • A Chrome 50 (or higher) or Firefox 50 (or higher) web browser with JavaScript installed for access to the CyberRange platform for practical work (no other browsers are supported). You must have plugin installation rights for managing the videoconferencing software.
  • Internet access with a minimum speed of 2 Mb/s.
  • A 2nd screen is strongly recommended (22'' or more).

CSNE: certification at your fingertips

Provided you pass the final exam at the end of the course, obviously! You sit the exam online (2 hours, 90 questions). The passmark is 70%.

The exam is automatically available on the day following the end of training, for a period of three weeks, at the Institute’s website.

In the event of failure, or inability to take the exam within this time slot, a second and final exam opportunity automatically opens immediately afterwards for a duration of one additional week.

Detailed CSNE description

  • Introduction of trainees (round table)
  • Detailed introduction to the Stormshield Network intrusion prevention engine
    • Differences between intrusion prevention and detection
    • The intrusion prevention engine
    • Different types of scanning
    • Protocol-based and application-based profiles
  • Public key infrastructure
    • Basics of symmetric and asymmetric cryptography
    • Encryption types
    • Stormshield Network PKI
    • Creating a certification authority, a server identity and a user identity
  • SSL proxy
    • Operating principle
    • Configuring the SSL proxy
  • Advanced IPsec VPN
    • Detailed operation and NAT traversal mechanism
    • Support for Dead Peer Detection (DPD)
    • Star and chained VPN architecture
    • NAT in IPSec
    • IPSec VPN architecture with backup tunnel
    • Configuring a site-to-site VPN using certificates
    • Configuring a mobile VPN
  • GRE and GRETAP
    • Operating principle
    • Configuring and installing
  • Transparent authentication
    • Operating principle
    • SPNEGO authentication method
    • SSL certificate authentication method
  • High availability
    • Operating principle
    • Wizard for creating and configuring an HA cluster
    • Network interface configuration
    • Advanced configuration

re-certification kits

In common with all good software, you’ll need to update your network/security expertise before the third anniversary of your certification. You can do this using our online re-certification kits, which allow you to renew your certification for an additional three years.


Want to find out about dates for network protection training courses? Discover our SNS training calendar.