Land transport and cyber security
The importance of a responsive, available network
With digital technology increasingly connecting public transport networks and road and rail infrastructure, cyber risk is on the rise. Stormshield provides support for the land transport sector, ensuring that new road and rail services (tolls, signalling, e-ticketing, wifi, etc.) remain operational and safe for all users.
“Land-based” transport is a critical activity because it presents major human and economic risks: in the event of a failure, traffic regulation, signalling and switches can be disrupted. In the event of a cyberattack, the remote control of metro trains is no mere science fiction scenario.
To ensure the performance and resilience of these critical IT networks, they need to be segmented using our Stormshield Network Security (SNS) firewall range. These firewalls prevent both known and unknown attacks based on an in-depth contextual analysis of operational protocols. This analysis also includes fine-grained control of authorised messages and the use of custom patterns. Our network protection solution also offers very high availability thanks to its bypass functionality and its Intrusion Prevention System (IPS), which is optimised for low induced latencies. At the same time, our Stormshield Endpoint Security (SES) product provides an effective solution for blocking advanced attacks against endpoints and network components.
Land transport has many critical points, with facilities spread over several countries or cities, large vehicle fleets, railway stations, metro stations and toll booths. When dealing with such large infrastructures, teams of administrators need to be able to easily deploy and manage security equipment without necessarily relying on local experts.
This is the mission of our centralised management solution Stormshield Management Center (SMC), which allows SNS firewall(s) to be pre-configured using the USB staging process. In addition to the centralised management of multiple distributed SNS solutions, the SMC solution also enables VPN management and filtering to be combined into a single interface. For an even clearer overview, take advantage of the unified presentation of event logs from your SNS firewalls with Stormshield Log Supervisor (SLS).
With Stormshield, bring cyber-serenity to your transport business. Our teams are ready and waiting to identify the needs of your network or infrastructure and provide you with the most effective solutions.
Land transport includes a wide variety of vehicles (high-speed trains, trams, etc.) that need to be contactable wherever they are, and whatever their connection means. Our SNS solution manages disconnections and network link changes by managing multiple WAN accesses and changing links based on their availability. In the event that a vehicle or item of equipment is temporarily unreachable or unavailable, the SMC solution handles deferred and automatic configuration deployment.
Our SNS firewalls’ IPSec site-to-site VPN creates an encrypted tunnel that manages the authentication, confidentiality and integrity of information exchanged between vehicles and remote and distributed computing centres. With the VPN secrets physical storage module (TPM) and SNS's Restricted mode, trade secrets, defence secrets and other traffic control data are well protected.
For vehicles or equipment that are difficult to access physically, we provide your teams and third-party service providers with secure remote access via the mobile SSL and IPSec VPNs of our SNS solution and its user authentication for network data flows.
We have also created hardened firewalls that are easy to mount in electrical cabinets for these constrained environments (size, temperature, moisture, dust, etc.). They can be installed as close as possible to the equipment requiring protection, without a computer rack.
Many players in the land transport industry fall into the category of Operators of Vital Importance (OIVs), which are subject to the French Military Planning Law (LPM) and/or operators of essential services (OESs), which are required to comply with the Network and Information Security (NIS) european directive. These regulations call for the use of products that have been certified and trusted at the highest European level, such as those offered by Stormshield. To find out all about the regulatory constraints applicable to this sector, read our dedicated ebook.