Cybersecurity of buildings and warehouses
Interconnected and intelligent networks to be controlled
With the advent of the Smart Building, technical building management is increasingly based on interconnected, complex and sensitive IT and operational networks. So how can cyber attacks, with potentially major material and human consequences, be countered?
Supply chain and automated warehouses, smart building management systems (BMS/CTM)... logistics is becoming “intelligent”, and involves critical cybersecurity risks. This makes buildings and warehouses susceptible to cyber-attacks against various installations: lifts, emergency exits, fire doors, gantries, fire alarms, air conditioning, heating, video surveillance, etc. These cyber-threats can lead to significant material damage – or, even more seriously, physical harm to people.
To protect against attacks on IoT network components and control stations, and to ensure network performance and availability, Stormshield offers a wide range of solutions with products certified to the highest European level.
With Stormshield Network Security (SNS) firewalls, you can perform network segmentation and in-depth contextual analysis of OT protocols (including Profinet) to prevent known and unknown attacks. You’ll also have granular control over authorised messages and be able to add personalised signatures (custom patterns) to your security policy.
You’ll also benefit from high availability with optimised failover times and the management of multiple WAN accesses, with link switching depending on their availability.
With our Stormshield Endpoint Security (SES) solution, you can raise the level of security using an enhanced software architecture. This enables you to block advanced cyberattacks targeting control stations – and enjoy context-driven protection for mobile technicians.
For industrial environments, our dedicated industrial firewalls give you a bypass mode that ensures your infrastructure’s reliability. In addition, our products are highly ruggedised for use in hostile and constrained environments.
The need for intervention (maintenance, rapid reaction to an incident in these buildings), sometimes without immediate physical access and the high number of subcontractors required for CTM and BMS systems, can cause security breaches.
Moreover, in older buildings, which are often physical environments with major constraints (temperature, dust, humidity, etc.) that do not resemble traditional IT environments, it is sometimes necessary, in order to protect the data, to install the security elements as close as possible to the infrastructure items, without an IT rack.
When providing remote access to technicians or third-party service providers without creating security breaches, several solutions exist. One is the SNS range and its mobile SSL or IPSec VPN functionality, and its network flow-based user authentication functionality. The SES solution also enables you to provide context-driven protection for mobile workstations.
BMS/CTM is based on a large volume of information exchanged between several remote sites or within the same site. It ensures the control of the proper running of the services, taking into account the geographical dispersion of the warehouses. To protect the information being exchanged, trusted communication channels (authentication, confidentiality, integrity) must be established, i.e. based on data encryption. Similarly, it must be easy to deploy and manage security equipment within a major infrastructure, with a large team of administrators but no local experts.
Our SNS-range management tools provide you with this ability. The SMC solution will meet your centralised security management needs for multi-site infrastructures, while the SLS solution delivers a log management solution – giving you an overview of your SNS firewall event logs and incident management.
Stormshield gives you a communications network that is effective in any situation in your buildings and warehouses, and offers you cyber-serenity. Our teams remain at your disposal to identify the needs of your communication network and provide you with the most effective solutions.