Stormshield Network Security Reviews

The primary use case of this solution is for network security, to deploy controlled users, and to prevent the network from attacks.

The deployment model we are using is on-premises.

The solution permits me to control everything in the network including, users, Wi-Fi, access, Kuta for users, and load balancing.

It has also taught me how to deal with users with vulnerabilities, the good side and the bad side of the solution, and how to control users from anywhere.

The most valuable features of this solution are the URL filtering database. It is great and contains all internet categories.

The interface has great scalability. I can turn them into what I want including hybrid, bridge, or into a router mode.

The security has no back doors. It's more secure than other solutions and the hardware performance is also better than others.

The pricing of this solution needs to be decreased.

Authentication needs to be improved. If any user out of my domain wants to authenticate, he can't because the captive portal is not compatible with many browsers, like Google Chrome. This is a big problem that we are having with the captive portal. It needs to be improved.

Also, security policy needs to be more straightforward and easier.

In the next release, I would like to see the Security Policy simplified. It has a few features, like, Filter-NAT, URL filtering, and SSL filtering, but it would be nice if there were a way to combine the features in one tab or to create a setup wizard for this option.

I would like to create a Filer-NAT rule to decrypt or to block some sites with HTTPS and HTTP. I think that there is a way to combine them using a wizard to create the rule.

This solution is stable.

This solution is scalable.

We have five hundred users, and six of them are technicians.

I am from the Middle East and they are in America. I contacted them twice and they were very helpful. They helped me to test the situation.

Previously we did not use another solution. This was the first one.

The initial setup was not complex for me, but it was for other technicians who were using the firewall. They need time to understand how the firewall is used.

The deployment took about two days to complete and deploy correctly.

The implementation was done by myself. I am the technical support in Egypt. I have been told by other agents that they prefer to work with me and no other agents.

You can choose between a standard license and a premium license.

Before choosing, we evaluated FortiGate. It was lower than Stormshield by almost double.

We chose to go with Stormshield because it is well known on the market, just like Apple and Samsung. Most are aware of this solution and go with it.

Also, it has task managing, and I haven't seen it in any other solution.

I did a comparison between FortiGate, Sophos, and Stormshield. The result was that Stormshield was better. It is stable and it has great hardware performance and security features.

I would advise others to buy an extended license for this solution. They will benefit from Kasperky Antivirus, the extended control option, and the vulnerability manager. It's a great tool for IT.  

I would rate this solution a ten out of ten.

Our company can't survive without having a proper firewall, so our primary use case of this solution is to gather a network spy meter of our organization.

The features I find most valuable is the backup inspection, the filtering, and the load balancing. I am also impressed by the antivirus feature that gives us two controls over the viruses - one is from the parameter and one on the endpoint.

Since I have only been using this solution for a month, I haven't noticed anything yet that needs to improve. So far I can only say that the pricing could be better. But it is a trusted company belonging to Airbus, so it has a good reputation.

One thing, though, is that not all the fields are activated yet and we were informed that it will take at least one month. That's the only issue we have faced until now. So this issue should be fixed in the nearest future, because one cannot just buy a hundred appliances if you have to wait to activate all the features while you paid the full amount. So I don't know why that is the case, but the technical team said that it's the norm.

The solution has been very stable so far. I am not sure how stable it would be if we got online training material for it or if there is an official curriculum for it. But my first impression of the Stormshield firewall is very good.

The scalability of the solution is good.

We've gone through a few formalities to get our license. Until now we have been on a training license for three months. Not all the fields are activated yet and they said it will take about a month. 

We used Gateprotect and FortiGate Fortinet but we switched to Stormshield when we decided to upgrade.

The initial setup was straightforward. There is a team in Sudan an a local team from Stormshield, so they have a very good set of engineers and they took care of all the requirements. Within an hour we had everything configured and up and running.

We looked at other options too, but we found that Stormshield was booming so we got it instead. We decided to get Stormshield instead of upgrading the solution we were using at the time. 

I will definitely recommend this solution to others. It is a good firewall and it has a good reputation. We do not have many choices but for the time-being this is one of the most successful deployed firewalls in Sudan. My rating for this solution is eight out of ten.

Our primary use case for Stormshield Network Security is to protect the company IT infrastructure. We don't use an antivirus solution from them. We just use the firewall.

This product has improved the way our organization functions. I can see what traffic is going on. I can easily block any programs from attacks.

Everything with Stormshield Network Security is valuable.

The main area of this product that has room for improvement is pricing. Stormshield Network Security is quite expensive.

For me, what they currently have with features is enough. Maybe because I use a quite old interface of this, the price and a more user-friendly interface could be improved.

Stormshield Network Security is very stable.

Stormshield Network Security is scalable. We have twenty-five users. All end users are some kind of employees. For administration, it's only me for deployment and maintenance.

This product is currently being used every day.

Stormshield Network Security was the first firewall that we implemented.

The initial setup was not too complex. It was normal.

We are a reseller of the product.

Our license for Stormshield Network Security is on an annual basis. It should be less expensive.

We were choosing between pfSense and Check Point.

On a scale from one to ten, I would rate this product a seven because from time to time there are some little issues. You don't know what is going on.

We are using the SN200 series in our branches, and the SN700 in our HQ.

This solution is used for our daily network monitoring and makes our data highly available.

Our deployment is an on-premises solution.

Our organization's main concern is stability, and this is a stable solution. It's more stable than the other firewall that was deployed.

The most valuable feature of this solution is the Stormshield Analyzer, which allows us to collect and analyze data, then generate reports. 

This solution has a big problem with web filtering and it needs to be improved.

There is a shortage of instructional videos and information on how to configure Stormshield. More YouTube How-To videos should be created.

This is a very stable solution. It is more stable than the other firewall that we deployed.

This solution handles network monitoring every day. The configuration and auditing functionality, on the other hand, is not used on a daily basis.

This solution is scalable from small offices to Enterprise solutions.

We have between eight hundred and one thousand end-users, with three administrators.

We contact a local company in Sudan for technical support, and they are very good. We do not have a contract directly with Stormshield.

Before using this solution, we used one by McAfee. We switched because we have an issue with sanctions for American products.

I began with this solution when it was Arkoon Netasq, which later became Stormshield.

In addition to this solution, I have experience with Sophos. In our HQ, we have two levels of security. Our Content Filtering is handled by another company.

The initial setup of this solution is straightforward for setting up routing and the VPN. However, the WiFi setup is much more complex to configure. The deployment took approximately one day. To add a new branch it takes me approximately two hours.

Three people are enough to deploy and maintain this solution.

My team, which is myself and two others, handled the deployment of this solution.

The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually. Support for this solution is an additional charge.

We evaluated two other solutions, one of which is Barracuda, before choosing this solution.

If more videos on YouTube, as well as other media, were created then this product would be used more widely.

For anybody who is implementing this solution, my advice is that if you have a complex network of more than five hundred, then you should have the Management Control Center and the Livebox software for reporting.

The stability of this product is why we are making it our main solution. My only headache is web filtering functionality.

I would rate this solution an eight out of ten.

The primary use is to protect the company's IT infrastructure.

The solution has improved my organization because I can see what traffic is happening and I can use it to block and prevent attacks.

All of the features are valuable.

The pricing could be improved. For me, in terms of the solution, what they currently have is enough. A more user-friendly interface would be helpful.

The solution is very stable. We have about 25 people. We don't use the antivirus solution, we just use the firewall. 

The solution is very scalable.

Technical support is okay.

We did not previously use another solution.

The initial setup was okay. It was not too complex. It was normal. There's only one admin, which is me. It only takes one person, me, to maintain.

We license on a yearly basis. It's expensive. At the moment, there aren't any costs in addition to the standard licensing fees.

I'm still evaluating, but I have looked at pfSense and Check Point software.

The product is continuously being used every day. I use quite an old interface for this, and I don't know what the current version is like. I would rate this solution a 7 out of 10 because from time to time there are some little issues that I don't understand.

We have a couple of data centers, mainly in the Netherlands, plus some offices, which are different sizes across the world, along with warehouses. We are an eCommerce firm globally. For our data centers, we use clustered Stormshields, the SN910 Series. For our small locations and warehouses, we use the clustered SN510 Series. All the branch offices mainly use this as their firewall. On the data centers, it is more like an application or firewall with more functionality.

We have currently bumped into several issues with the Stormshield firewall. It has some unexpected behavior in the terms of activating interfaces that were previously turned off manually by our team. They automatically switched on the interfaces again. This is something we do not want.

It's an easy, straightforward management platform to use.

• Better management of high availability features
• Application awareness to a higher degree
• VPN throughputs: Stromshield needs a higher throughput on some models. When you build VPN tunnels between firewalls, the throughputs on the VPN tunnels are pretty limited.
• They could improve their support.

The stability is not that good based on my experience. We have a lot of disruptions when it comes to Stormshield.

I have seen the results of this product acting in an enterprise environment, and it's not good enough for heavy loads.

On paper, scalability is okay. They have a nice range of appliances and there is variety in the appliances that they offer. They do have products for mid-sized companies to enterprise and up.

If you look at scalability in terms starting with one firewall creating a cluster of high availability. The high available feature is there, but I don't trust it. We have had too much disruptions in the high availability system.

We are not happy with the support. It is a basic support offering. Sometimes, we have to chase support on progress, which is not good, especially on firewalls. We are an enterprise and we have firewalls on the edge. If we have an issue, I want support to be on top of issues, because for us, it's a lot of money if the firewall fails. 

They only give support up to a specific level, and when we like to exceed that level of support, then we need to fall back on our reseller. This is one issue. If your reseller landscape is not really up to speed, then in the most critical cases, we're depending on the reseller and not on the support of Stormshield because we cannot escalate. It's impossible for us to escalate a situation at Stormshield by ourselves. We have to fall back on our reseller. When our reseller was on vacation, it was impossible for us to act on an issue.

We had just created a brand new firewall cluster to offload our website. Then, all of a sudden, we bumped into root errors on the connection which pointed to the firewall, and Stormshield support couldn't even help us fix it. Therefore, we had serious issues for a couple of weeks and it was all related to firewalls.

It was a combination of unexpected or unwanted behavior and bugs. Sometimes things happen that can be due to configuration errors or something we did ourselves, which is not according to the plan, eventually we ruled everything out, and it was mainly due to the firmware on the Stormshield firewalls. The biggest issue was their support department was not able to help us, then everything stops. This is a no-go area for me.

I would rate their support as a five out of 10.

The reason why they chose Stormshield to begin with is unknown to me.

The initial setup was straightforward and simple. It is not too much work to implement the product.

They have a very interesting pricing for their devices. For mid-sized companies, they sell their appliances for good prices.

The shortlist that I have now is Palo Alto, Check Point, WatchGuard, Fortinet, and Sophos. I have narrowed this list down based on technical specifications, pricing, and support features to WatchGuard and Fortinet.

I don't have many positive things to say about this firewall because we keep bumping into issues. Now, we are looking to leave Stormshield.

Search for a vendor based on a checklist. The checklist should consist of all functional features and benefits you're looking for. Talk to colleagues in the field who have knowledge in that specific specialty. Ask for references regarding their experiences. Go to websites to gain more knowledge on specific vendors and the performance and functionalities that they offer. See about the how the support and licensing are setup.

Start rating the guidelines and features you're looking for with a number. Take the 12 features or guidelines, like SSL inspection and VPN throughput. Rate those features on a scale from one to five, and the system with the highest score overall is the winning vendor.

Most important criteria when selecting a vendor: It has to be a full-blown next-generation firewall when it comes features, throughputs, and the correct security level. It has to offer good, solid support. The pricing should be corresponding with the features and quality. The performance versus price and features should be aligned.

• Very good Web user interface
• Reports about internal machines needing security fixes
• Simple clustering

Tells me which internal machines could have security issues by passively monitoring traffic and spotting un-patched systems.

Being more cost effective. I went with a pair of Watchguard M300 recently when buying a new firewall cluster for our own use because it was way cheaper than NetASQ/Stormshield N700 while being faster, and it offers true multi-master firewall clustering if needed.

3+ years

Not really.

None.

No multi-master clustering.

Very good. Because of their presales support helping me with initial setup, I decided to go with NetASQ in the first place. Support after the sale has been equally good as well.

Excellent.

Cisco ASA. Their GUI was OK for most things, but when I had to start messing with CLI, GUI was no longer safe option to use.

A bit more complex, because I turned on man security features. For simple packet filter it would be way easier than with Cisco.

Both. Vendor helped us a lot during preparation and initial setup. Very pleased with their technical expertise.

Lower prices for the entry level boxes. Competition is not bad at lower prices.

Netasq Seismo is valuable.

• Management interface (GUI)
• IPS engine
• Log management

I've used the UTM for 15 months.

Always, especially in the in-line mode (bridge mode). It sounds like it should be easy to integrate on an existing network, but this is not true as the product was not functioning as expected/designed.

Always as it unexpectedly reboots. The product is not stable at all, difficult to configure and manage.

I have never had the chance to deploy more than two units or in a large environment.

They need to have people that are able to communicate efficiently using the English language. Before working with Netasq, I used to deal with Fortinet a lot, and there is no way that you can make any sort of comparison.

Above average.

Fortinet, Dell SonicWall and Check Point because these products offer a wide range of features that are not available with Netasq.

The router mode works fine but this was not the case with bridge mode.

We implemented it in-house.

It's average.

No, which was a big mistake but the management decided at that time to go with Netasq since there was no existing distributor in Middle East region.

I don’t recommend this product at all. Go with Fortinet, Juniper or Check Point unless you don’t have the required budget then Netasq or any other low grade UTM might be enough for you.