Every SYLink product — 100% Made-in-France cybersecurity

Compact 1 Gbps appliance pre-configured for self-employed professionals and small businesses. Deploys in 5 minutes on a flat network, no VLAN needed, with firewall, IDS/NIDS, probe and portal-driven management.

• Medical / paramedical practice — Patient / visitor Wi-Fi / medical IoT segmentation, GDPR compliance, 24/7 supervision.
• Accountant / law firm — Client-data protection, alerts on intrusion attempts. For individual remote work, add SYLink VPN.
• Restaurant / retail — Register, card terminal, customer Wi-Fi, staff — everything segmented and supervised.

Mid-range appliance for SMBs and mid-market companies: 2.5 Gbps throughput, up to 2,500 IPs, with IDS, IPS, NIDS, firewall and a certificate-based decryption proxy to inspect internal encrypted flows.

• Multi-site industrial SMB — One Mini per site, central console, site-to-site VPN, OT/IT flow inspection.
• Mid-market NIS2 compliance — Full visibility on outbound flows, court-admissible event logging.
• Private clinics (HDS) — Patient / medical IoT / staff segmentation, inspection of non-sensitive medical flows, HDS compliance.

High-performance all-in-one appliance for large organizations: NGFW firewall, DPI probe, IDS / NIDS, IPS and TLS decryption proxy combined into a single 1U unit. 10 Gbps SFP+ or RJ45, up to 10,000 IPs, native multi-VLAN, air-gap mode for sensitive zones. Deployable in series, active/passive cluster, or active/active.

• Enterprise: replacing a foreign vendor — Replacing a foreign cyber layer on the critical perimeter, integrating with the existing SOC.
• Ministry / critical operator: air-gap LPM — On-premise air-gap deployment, cleared MCO/MCS, II 901 / IGI 1300 compliance.
• Regional hospital / CHU — SI core, patient / medical IoT segmentation, real-time blocking, quarterly audit.

Passive DPI probe (TAP/SPAN mode) for clinics, EPCIs and mid-size public bodies: 2.5 Gbps RJ45, up to 15,000 IPs, 2 years of compressed network traffic stored locally.

• Private clinic — Time machine to reconstruct an incident on a medical IoT device, HDS compliance.
• EPCI / mid-size town — Visibility on pooled traffic, detection of citizen-data exfiltration attempts.
• Sovereign secondary sites — Probe deployed at secondary critical-operator sites, supervision relayed to the core.

High-capacity passive DPI probe for hospitals, regions, critical operators and large groups: 10 Gbps SFP+ or RJ45, up to 70,000 IPs, 5 years of compressed storage. Multi-year forensic time machine.

• Critical operators (LPM) — Main probe at the SI core, 5-year time machine, recurring NATO / Armed Forces audits.
• Enterprise: foreign substitution — Replacing a foreign DPI probe with a sovereign solution, integrating with the internal SOC.
• Regional hospital — Visibility on 70,000 IPs (PCs, medical IoT, servers), HDS compliance, long-term forensics.

Virtualized software DPI probe for VMware ESXi, Proxmox VE, KVM and Hyper-V. Ideal for pooled IT departments and hyper-converged datacenters where adding physical hardware is not an option.

• Pooled regional IT department — Deployed on the IT department's hypervisor, captures east-west traffic between member-entity VMs.
• Internal sovereign cloud — Visibility on internal flows of your private cloud, with no extra hardware.
• PoC before DPI Pro — Validate scope and volume before investing in a physical probe.

Multi-protocol enterprise VPN platform (WireGuard, OpenVPN, IKEv2) self-hosted on your infrastructure. DNS filtering, distributed exit nodes, admin dashboard, deploys on Ubuntu in 5 minutes.

• Multi-customer ESN — White-label VPN for your customers, exit nodes distributed at their sites, central supervision.
• Ministry / critical operator — Classified VPN deployed in an air-gap zone, full control of nodes, no external dependency.
• Multi-site enterprise — Site-to-site tunnels and roaming access, DNS filtering to block malicious domains.

Lightweight agent that streams Windows Event IDs, user identifiers and system activity from endpoints to the MSP portal. Light, silent, GDPR-compliant.

• MSP supervising 50 SMBs — Unified view of authentications and critical events across all customers from one console.
• Early anti-ransomware detection — Alerting on typical ransomware patterns before encryption (suspicious process creation, etc.).
• NIS2 / ISO 27001 compliance — Court-admissible event log, exportable for audit.

Automated cybersecurity audit platform. Internal, external, Wi-Fi, media, configuration and vulnerability audits. Reports auto-generated, fully customizable, white-label available — ideal for ESNs, integrators and public bodies.

• Gigalis Lot 2 ESN integrator — Recurring audits for public bodies, white-label reports, attested PSSIE compliance.
• SMB NIS2 onboarding — Mandatory annual audit, prioritized action plan, remediation tracking.
• Enterprise CISO: recurring internal audit — Quarterly audits mapped to ISO 27001, integrated with the CISO dashboard.

On-premise CAASM (Cyber Asset Attack Surface Management) solution that aggregates, in read-only mode, data from your existing tools (EDR, scanners, CMDB, DHCP, hypervisors, SIEM, MDM) to deliver a unified view of your IT, IoT and OT assets.

• Hospital: HDS compliance and medical-IoT inventory — Discovery of connected medical devices, CVE tracking, remediation plan.
• Enterprise: foreign-CAASM substitution — Replacing a US CAASM with a sovereign alternative integrable with the existing SI.
• Industry: IT / OT convergence — Inventory of PLCs, HMIs, SCADA alongside servers and IT endpoints.

Data-leak and exposure monitoring across the darkweb, surface web and criminal marketplaces. Three tiers based on your maturity: Basic (12 modules), Enterprise (28), VIP (58).

• SMB: credential leaks after a vendor breach — Detect customer credentials exposed by a vendor compromise.
• Enterprise: VIP protection — Monitoring of executives, deepfake detection, brand impersonation.
• Critical operator: targeted threat intel — Watch on attacker groups targeting your sector, IOCs for the SOC.

SYLink sovereign Cyber Threat Intelligence — 12 years of expertise operated from Clermont-Ferrand. 30 PB of network traffic analyzed every month across 1,200+ customer perimeters, 3 million attacks stopped each month. Live base of 12M+ IOCs, 334k+ CVEs monitored, 80+ MITRE ATT&CK techniques and 100k+ YARA / Sigma rules exposed via secure API (REST, Webhook, STIX/TAXII, MISP).

• Augmented SIEM triage — Your SIEM raises 50,000 alerts/day. SYLink CTI enriches them with attacker context — your analysts focus on the 50 real threats.
• Early detection of targeted campaigns — A ransomware family appears on a leak site. Its IOCs are pushed in under 30 minutes to all your probes — defenses block it before impact.
• Threat-driven patching — A 9.8 CVE drops. The CTI cross-references your Vizu inventory and surfaces the assets that are actually exploitable — targeted patching, no panic.

The silent tripwire that fires when the attacker thinks they're invisible. SYLink Hornetbot is a self-hosted enterprise decoy deployed within minutes inside your LAN or server VLAN: it impersonates a legitimate Windows server (SMB shares, RDP, SSH, fake business apps) and alerts on the first scan, the first authentication attempt, the first write to a trapped share. No user has any legitimate reason to touch it — every interaction is a qualified attack signal.

• Multi-site town — detection of an annex compromise — A town of around 80,000 inhabitants deploys 3 Hornetbots (city hall, library, technical services). A library endpoint is compromised by an office-suite malware: 18 minutes after infection the local Hornetbot captures an SMB enumeration attempt from that endpoint — the attack is contained before reaching the central SI.
• Law firm — RDP brute-force detected during business hours — A 120-person firm deploys a Hornetbot with a "backup server" persona (RDP only exposed internally). Mid-day, RDP attempts arrive from a user endpoint — the user has no reason to touch it. Compromised AD account isolated within the hour.
• Clinic / hospital network — detection on the biomedical VLAN — Hornetbot with a "secondary PACS" persona deployed on the medical-imaging VLAN. Any interaction is abnormal by construction — qualified alert immediately on lateral propagation from the office VLAN.

Mobile digital safe: hardware-encrypted USB drive with biometric reader, IP-based geolocation via the connected host, and remote lock / wipe via the SYLink portal.

• Diplomacy: foreign travel — Carrying sensitive data, immediate lock if lost or seized at customs.
• Audit firm: client report delivery — Physical delivery of confidential reports, full delivery traceability.
• Defense industry: classified transfer — Exchanges between classified sites, compliance with secure-transport requirements.

Hardened mobile workstation for business travel and roaming remote work: isolated OS, traffic anonymization, carrier compliance. Connected to the SYLink SaaS portal for supervision (not compatible with strict-sovereign government use cases requiring pure on-premise).

• Diplomatic delegations (non-classified) — Traffic anonymization, remote supervision, fast reset.
• Journalists / NGOs — Source protection, operational anonymity, minimal data retention.
• Top management on the road — Travel workstation isolated from the main SI, full compartmentalization of sensitive data.

Turnkey VPN service for small organizations that want to give staff encrypted remote access without running a server. 10-minute setup, user profiles managed from the portal.

• SMB remote work — Staff access the company's SaaS via an encrypted tunnel.
• Liberal practice on the move — Secure connection from hotels, train stations, cafés.
• Small multi-customer ESN — One VPN per customer, to compartmentalize access to customer environments.

Replaces WeTransfer, SwissTransfer and Dropbox Transfer with an end-to-end encrypted channel hosted in France. No extra-European actor can access the content — not even SYLink. Built for lawyers, accountants, consulting firms and MSPs that exchange sensitive documents.

• Law firm — Exchange of sensitive documents with clients and peers, mandatory NDA, court-admissible audit if disputed.
• Accountant — Tax statements and returns shared with executives, 7-day expiration, password sent via separate channel.
• Consulting firm — Strategic deliverables with single-view for the ExecCom, self-destruct after read.

Our Network Operations Center continuously supervises your customers' network quality of service: availability, latency, jitter, packet loss, WAN saturation, flow anomalies. 24/7/365 on-call by analysts based in Clermont-Ferrand. Dedicated dashboard, contractual SLAs, average MTTR < 30 minutes. Multi-site, multi-tenant deployment for MSPs.

• MSP supervising 80 retail stores — Pooled NOC for the entire fleet, real-time visibility on every store, fast intervention on outage.
• Multi-site hospital — Critical care continuity, alerting on link saturation between sites, SLAs aligned with the medical-business plan.
• Industry 4.0 multi-plant — OT/IT supervision, anomaly detection on production-machine flows, MTTR aligned with operational windows.