OVERVIEW

What is Smart Firewall Router ?

The Smart Firewall Router is based on Stitel’s NEXT Router solution, a fully featured security platform designed to protect business aviation networks with high-end cybersecurity features. NEXT Router provides ultimate flexibility in connectivity for defense and government aircraft, ensuring robust and secure communications for principals, agencies, VVIPs, and crew.

It is a satellite-ready solution supporting L-Band, Ku-Band, Ka-Band, X-Band, and ATG communications, delivering uninterrupted connectivity across various operational environments.

_

DO-160G

Qualified

_

DO-178C

Compliant

_

KONTRON

Hardware Partner

Elevating Security and Connectivity for Business Aviation

Stitel’s Smart Firewall Router delivers robust, comprehensive cybersecurity tailored to the demands of business aviation. With advanced encryption, secure satellite connectivity, real-time threat detection, and role-based access control, it ensures that VIP passengers, flight crews, and operational systems remain safe throughout every journey. The platform meets high aviation security standards while providing uninterrupted satellite communications across all major bands—empowering defense, government, and business aircraft to stay connected and protected, no matter where they fly.

Key Cybersecurity Features

1. Unified Threat Management (UTM) for Secure Flight Operations

  • Next-Generation Firewall (NGFW):
    • Controls network traffic across multiple zones, including flight decks, passenger cabins, crew areas, and maintenance networks.
    • Blocks unauthorized access, malware, and cyber threats using deep packet inspection (DPI).
  • Intrusion Detection & Prevention System (IDPS):
    • Detects and mitigates intrusions or vulnerabilities to ensure secure in-flight and ground communications.
    • Protects flight-critical systems from potential threats, maintaining network integrity.

2. Encrypted Communication for Secure Data Transmission

  • AES-256 Encryption:
    • Safeguards data exchanged between aircraft, ground stations, and business networks to ensure confidentiality.
    • Protects sensitive communications for VVIPs and business-critical data during flights.
  • VPN for Secure Remote Access:
    • Provides encrypted Site-to-Site and Remote Access VPNs for seamless and secure communications between aircraft and operations teams.
    • Prevents data interception, ensuring privacy for passengers and crew.

3. Passenger Network Management and Privacy Controls

  • Content Filtering & Access Control:
    • Enforces security policies, blocking access to high-risk sites and preventing network misuse by passengers.
    • Shields onboard networks from phishing attacks and malicious domains.
  • Ad and Tracker Blocking:
    • Enhances passenger privacy by blocking intrusive ads and trackers, ensuring a secure browsing experience.

4. Advanced Traffic Monitoring and Threat Detection

  • Real-Time Traffic Flow Analysis:
    • Monitors bandwidth usage and identifies suspicious traffic patterns to prevent disruptions or data exfiltration.
    • Maintains seamless in-flight entertainment (IFE) while protecting mission-critical systems.
  • DDoS Attack Mitigation:
    • Detects and mitigates Distributed Denial-of-Service (DDoS) attacks to ensure reliable network performance.
  • IoT Device Monitoring:
    • Secures onboard IoT devices, such as sensors and cameras, from tampering or disruptions.

5. Network Segmentation & Isolation for Enhanced Security

  • Multi-Zone VLAN Segmentation:
    • Separates networks for passengers, crew, flight operations, and maintenance, limiting exposure to cyber threats.
    • Prevents lateral movement of attacks, ensuring flight-critical systems remain protected.
  • Secure Ground-to-Air Communication Links:
    • Establishes encrypted channels between aircraft and ground operations, supporting uninterrupted communications.

6. Access Control and Secure Authentication for Onboard Systems

  • Role-Based Access Control (RBAC):
    • Ensures that only authorized personnel can access flight deck or configuration settings, protecting sensitive areas.
  • Multi-Factor Authentication (MFA):
    • Adds an extra layer of security by requiring MFA for administrative access to the network.

7. Compliance with Aviation Security Standards

  • DO-326A / ED-202A Compliance:
    • Aligns with aviation cybersecurity regulations, ensuring secure and compliant operation of aircraft networks.
  • Over-the-Air (OTA) Updates:
    • Delivers secure, encrypted firmware updates to keep systems up-to-date without disrupting flight operations.

8. Satellite-Ready Communications for Any Mission

  • Connectivity Across Multiple Bands:
    • Supports L-Band, Ku-Band, Ka-Band, X-Band, and ATG communications for seamless operations in any environment.
    • Enables reliable communications for defense, government aircraft, and business aviation, ensuring VVIP passengers and crew stay connected wherever they fly.

9. Threat Intelligence and Incident Response for Business Aviation

  • Global Threat Intelligence Feeds:
    • Continuously updates security policies with the latest threat data to block emerging cyber threats.
  • Incident Detection & Reporting:
    • Alerts ground operations teams of suspicious activities for rapid response and mitigation.