AMT Group: InfoDiode

Main article: Firewall

InfoDiode is a unidirectional data transfer hardware and software complex designed to ensure data protection in local area networks by isolating critical network segments while maintaining the possibility of interworking.

The target industries of InfoDiode application are state-owned enterprises and organizations, industry, fuel and energy complex, corporate sector and financial industry.

In general, when creating InfoDiode, the following principles were observed: import substitution - a completely Russian software implementation (AMT Group), a Russian certified operating system, a Russian hardware platform; FSTEC certification; performance - from 1 to 10 Gb/s; functionality - support for basic data transfer protocols (UDP/TCP: FTP, SMTP, CIFS; IPSec), prioritization of data transmission, a number of other functionality; ease of use and ease of use - convenient, modern control interface; possibility of clustering, data transmission using noise-immunity coding.

The principle of InfoDiode is to use three components: a hardware network device that guarantees unidirectional data transmission (due to the lack of a reverse transmission channel and galvanic isolation), and two proxy servers that terminate services for unidirectional transmission.

Guaranteed unidirectional transmission provides a high level of data protection, preventing the implementation of most information security threats, according to AMT Group. So, in a number of scenarios for using InfoDiode, confidentiality is guaranteed, in a number of scenarios - the integrity of the transmitted data.

Unidirectional data transfer: how it is done

What is unidirectional data transfer? The principle of operation of InfoDiode can be described as unidirectional traffic transport. Unidirectional transmission provides a high level of data protection, preventing the implementation of most information security threats. In a number of scenarios of its application, one can focus on ensuring the confidentiality of information transmitted and processed, in a number of other scenarios - on the integrity of data.

The principle of InfoDiode is to use three components: a hardware network device that guarantees unidirectional data transmission (due to the lack of a reverse transmission channel and galvanic isolation), and two proxy servers that terminate services for unidirectional transmission.

Very simple? And yes, and no. The fact is that not all types of traffic by nature interact unidirectionally. When it comes to UDP traffic, it initially functions unidirectionally and is "simple" enough to transmit UDP traffic (a little below we will talk about what is not quite so obvious here) to route traffic. Some manufacturers, including domestic ones, followed this path and, in principle, stopped at it. As a result, the range of application of the device turns out to be quite narrow: the output is simple unidirectional routers with a very narrow range of capabilities and a limited number of application scenarios.

But if we are talking about TCP traffic, which involves guaranteed delivery with a connection connection? In this case, it is necessary to emulate a connection in a section with a hardware network device (diode), which allows replacing bidirectional interaction with unidirectional communication on a part of the information flow route.

Another fundamental task is to ensure reliability. In some cases, UDP assumes confirmation of successful receipt of blocks of information, and for TCP, guaranteed delivery is the norm. Obviously, in the case of using a unidirectional data transmission system, we get a section that reduces the reliability of the entire information flow, and this must be compensated. Some manufacturers, although, of course, not all, use encapsulation with noise-resistant redundancy (coding) at the hardware diode site.

InfoDiode Use Cases: Speed, Security, and Functionality

It is believed that one-way data transmission systems are mainly applicable for APCS protection. However, foreign experience shows that the range of tasks solved with their help is much wider, and the potential for using such systems has not yet been disclosed. Russian companies implementing such systems still have to deal with prejudices. Indeed, one-way data transmission imposes some limitations in real application. First of all, as mentioned above, the unidirectional nature of information interaction at the application level is necessary. On the other hand, there are many flexible scenarios where you can get all the advantages of using unidirectional data transmission systems, leaving the functionality of interaction between network segments at a high level. There are more scenarios for using one-way transmission technology than meets the eye. Below are some of them.

Scenario 1-2. Importing and Exporting Data

Scope: state-owned enterprises, enterprises of the military-industrial complex, critical facilities, commercial organizations using closed networks.

Scenarios 1 and 2 ensure the confidentiality and integrity of the data being protected.

Scenario 3. Upload and load data simultaneously

Scope: Any organization that uses closed network segments.

This scenario allows you to provide the functionality of two-way information exchange, providing a high level of perimeter protection. Given the impossibility of establishing connections (excluding feedback for an attacker for most protocols), this scenario is significantly (according to the company's estimates by about 10 times) superior in terms of security to traditional schemes with a firewall on the perimeter.

Scenario 4. Secure remote interaction of critical network segments (Site-to-Site IPSec VPN)

Scope: Any organization that uses geographically dispersed closed network segments.

This scenario provides full two-way secure communication of remote nodes located in geographically separated closed LAN segments via IPsec VPN through public networks. At the same time, " design is implemented, using unidirectional data transfer technology in the IPsec VPN network scheme.

The scenario provides a high level of protection against external threats (by analogy with Scenario 3, the level of protection against external threats increases by about 10 times) and significant isolation of critical network segments.

Scenario 5. Secure Remote Access VPN and the creation of an isolated DMZ

Scope: Any organization that needs secure remote access.

In some cases, it is necessary to provide secure remote access to the company's internal resources, both internal users and partners and contractors. This scenario involves the creation of an isolated demilitarized zone, where only data that is allowed for remote users and contractors/partners is uploaded. This ensures the preservation of confidentiality and integrity of critical data within the information system: the possibility of remote users accessing internal resources through VPN connections is excluded.

2024

HoneyCorn Compatibility

AMT GROUP HoneyCorn On March 20, 2024, the companies announced the completion of the compatibility testing process for their products as part of the construction of an architecture for the transmission of data security incidents from closed network segments from traps to server HoneyCorn via InfoDiode.

The proven architecture will allow industrial and financial enterprises to build systems of protection against targeted attacks in closed segments that do not affect the fault tolerance and operability of critical systems, while maintaining the level of isolation of a critical object.

The InfoDiode complex is a unidirectional data transfer system that provides a high level of isolation of critical information systems. At the same time, the required level of their functionality for interaction with adjacent information systems is preserved.

HoneyCorn is a specialized system of the HoneyPot and Deception class, which allows you to identify an attacker both in the early and late stages of penetration into the network, as much as possible preventing the development of an attack. When an attack is detected, it allows you to study the actions of an attacker to collect data necessary for making an administrative decision, or use ready-made decision templates to protect against cyber attacks. This product class allows you to monitor and respond to an attacker's actions in closed networks without affecting industrial processes.

We and our customers have long wanted to get this technology to solve narrow-profile but important information security problems in closed network segments. Therefore, despite the need to introduce new network transports and exchange protocols, we went to work out this task. As a result, we also got a secure, encrypted data transmission channel and the ability to transmit traffic from traps unidirectionally, including using intermediate hubs, "commented Alexey Kaa, a specialist in HoneyCorn product development.

Deception solutions are only gaining popularity in the Russian market for information protection tools. It is all the more interesting to get and offer our customers joint solutions of this class in the context of segment isolation with InfoDiode products. Such complex systems make it possible not only to improve the quality of monitoring closed (trusted) network segments, but also to significantly complicate the life of an internal intruder and malware that may end up in such networks, "said Vyacheslav Polovinko, head of AMT GROUP 's own products.

Obtaining an FSTEC certificate

On February 12, 2024, AMT GROUP announced that it had received the FSTEC certificate for trust level 4 for the InfoDiode SMART APC unidirectional data transfer device. Certification work was successfully completed at the end of 2023.

The obtained certificate allows the use of the InfoDiode SMART agro-industrial complex to protect confidential information, critical information infrastructure (CII) and hazardous production facilities (HMO) at enterprises of various industries - in government agencies, authorities, industry, the fuel and energy complex, the military-industrial complex, the financial industry and other organizations of the corporate sector. In particular, the InfoDiode SMART APC can be used to protect automated systems up to class 1 G, personal data protection systems up to level 1 of security, state information systems up to class 1, as well as APCS systems up to class 1 inclusive. Such devices can be effectively used for comprehensive protection of CII, hazardous facilities, meeting the requirements of the Federal Law of 26.07.2017 No. 187-FZ "On the Security of the Critical Information Infrastructure of the Russian Federation."

The InfoDiode SMART uni-directional data transfer complex is the own development of the AMT GROUP as part of the InfoDiode product line. The solution is designed to provide data protection in local area networks by isolating critical network segments while maintaining the possibility of interworking. The complex is a 1U rack mount device with InfoDiode software installed. The key function of the InfoDiode SMART APC is the ability to transmit industrial protocols - OPC UA/DA, Modbus, IEC-104, MQTT, FTP, etc. Data transmission is also provided within the framework of integration with domestic SCADA systems common on the Russian market. Among the functions of the complex, the fundamental ability to broadcast the file stream and UDP traffic is also preserved.

Given the growing number of threats to the critical infrastructure of our country, the emergence of certified solutions of this class allows organizations and enterprises to replenish their portfolio of effective means of protection and achieve comprehensive physical isolation of information systems and CII facilities, while maintaining the receipt of the necessary information from them. The use of the InfoDiode SMART agro-industrial complex will allow KII and hazardous facilities to build on its basis a comprehensive information exchange infrastructure in conditions of guaranteed physical isolation of hazardous production facilities, APCS systems, critical IT infrastructure, - said Alexander Goltsov, General Director of AMT GROUP.

Compatibility with TL.Solutions

Terralink Technologies and AMT GROUP conducted testing and signed an official statement on the compatibility of their developments - software products of the TL.Solutions ecosystem and the AMT InfoDiode complex. AMT Group announced this on February 6, 2024. Read more here. Read more here.

2023

As part of a comprehensive solution for improving the security of IP telephony systems

AMT GROUP on November 22, 2023 announced the creation of a comprehensive solution to improve the security of IP telephony systems using InfoDiode products. Thus, the company continues to implement a strategy aimed at creating ecosystems using solutions in the field of information protection. Read more here.

Compatibility with SCADA "KRUG-2000"

and Research and Production Company "KRUG" the company AMT GROUP successfully carried out testing data the InfoDiode unidirectional transmission complex and modular integrated SCADA system - KRUG-2000 tools for building, automated control systems telemechanics systems, solving energy metering and dispatching problems for various, industries including,,, construction to the power engineering specialist gas oil chemical food industry, industry,, heating networks, HOUSING AND PUBLIC UTILITIES water utilities, etc. This was announced on October 31, 2023 by the KRUG company.

The joint use of InfoDiode and SCADA KRUG-2000 allows you to solve the following problems:

• Protection and monitoring of critical information infrastructure (CII). Physical isolation of the observation object from the observer's network is ensured while maintaining the ability to receive data
• Highly reliable fail-safe data exchange between SCADA and controllers in the APCS segment, as well as unidirectional data transfer outside the perimeter for monitoring, processing and analysis
• Unidirectional data transfer to centralized control and situation centers. The centers are provided with real online data, in conditions of guaranteed isolation of observation objects.

The safety issues of industrial facilities and CII are becoming more and more relevant every day. One of the key security aspects is import substitution, said Boris Molchanov, technical director of the AMT GROUP. - The combined use of domestic InfoDiode products and SCADA- KRUG-2000 systems make it possible to ensure the safe functioning of the APCS segment, as well as to solve the problem of transferring process data to less trusted segments of the enterprise information network for monitoring technological processes, network state, emergency prevention, data aggregation from distributed facilities and integration of industrial automation systems with external systems.

To ensure the scalability of the system and aggregation of data from geographically distributed APCS, it is necessary to provide a reliable and secure connection to the corporate network. The joint use of SCADA KRUG-2000 and InfoDiode guarantees the safe transfer of technological protocols abroad of the APCS segment, - said Alexander Ugrevatov, technical director of NPF KRUG . - Among the protocols that can be transmitted via InfoDiode via SCADA KRUG-2000: OPC UA, Modbus TCP/RTU, MEK-104 and others.

Compatibility with SDKU "Focus"

SVD VS and AMT GROUP signed an official statement on the compatibility of the InfoDiode unidirectional data transmission complex and the Focus SDKU software, which is an information system for collecting, processing, analyzing, visualizing and storing process data in real time, as well as preventing emergencies at automation facilities. AMT Group announced this on August 1, 2023. Read more here.

Compatibility with ASOKU system

The research and implementation company Sensors, Modules, Systems and the AMT G ROUP company conducted comprehensive testing and signed an official statement on the compatibility of the InfoDiode agro-industrial complex and the ASOKU information system. This was announced on July 25, 2023 by "AMT Group." Read more here.

Compatible with Naumen Contact Center platform

  Specialists AMT GROUP and companies Naumen have tested the testing compatibility of the unidirectional InfoDiode gateway and the platform for the organization. contact center Naumen Contact Center This was announced on March 21, 2023 by AMT GROUP. The use of InfoDiode in conjunction with Naumen Contact Center will allow the to protect internal segment of the organization's network and preserve the ability to receive requests from customers online, process them and provide them in response. information

InfoDiode is a product built on the principles of unidirectional data transfer. InfoDiode provides effective protection for the trusted segment and significantly reduces the risk of an attacker exploiting a bidirectional channel to organize an attack. In a joint solution, InfoDiode acts as a unidirectional data transfer system that provides data exchange with instant messengers, web chat for organizing customer service in text channels.

Naumen Contact Center is a comprehensive solution for organizing a corporate or outsourcing contact center. It includes, among other things, a communication platform with an Omni-Channel component that provides telephony, as well as receiving and processing calls through other channels: e-mail, SMS, instant messengers, social networks, calls from the site, etc.

The use of a unidirectional InfoDiode gateway within the Naumen Contact Center solution allows you to:

• protect the perimeter containing information the systems and databases storages personal sensitive data by providing separate hardware unidirectional communication channels; messages
• guaranteed to exclude external connections, making it impossible to leak, damage, compromise data through information exchange channels.

The sharing architecture of Naumen Contact Center and InfoDiode involves the use of InfoDiode complexes between the Naumen Contact Center-chat component operating in the open segment of the CC and the Naumen Contact Center component located in the closed segment of the CC. Communication between the Naumen Contact Cente-chat components and the Naumen Contact Center is carried out using the nccmbp protocol through the UDP protocol supported by the InfoDiode solution. Thus, it is possible to provide directional transmission of calls inside the organization's network, eliminating data leakage, as well as directional transmission of responses from contact center specialists to an external segment, excluding the impact on the organization's business processes and the spread of malware in the protected network.

The proposed architecture provides:

• "transparency" of data transfer between Naumen Contact Center components operating in an open and closed segment as part of the script execution;
• possibility of full interaction automation;
• No impact of protocol features on the success of data transmission
• Flexible connection management
• the maximum possible data rate compared to other protocols.

Contact center specialists interact with customers by phone and have access to sensitive, including personal data. The sharing of Naumen Contact Center and InfoDiode allows contact center operators to provide services to customers with access to such data and minimize the possibility of access to a trusted segment by an attacker. said Vyacheslav Polovinko, head of AMT-GROUP's own products.

Operators and specialists of the contact center who regularly identify contacted the client's company, view the history of his requests and additional data, taking into account this, provide the necessary services through any convenient channel. At the same time, the exchange of information with clients is forced to interface trusted networks of the company, where it is stored significant information and personal data, and untrusted segments - for example,. Internet That is why it was important to offer customers a solution that will preserve the necessary level of quality of the services provided, while saving in all safety data, commented Sergey Popov, Director of the Department of Contact Centers and Robotic Systems of Naumen.

2022

Completion of certification in FSTEC of the entire line of hardware solutions

AMT GROUP announced on August 15, 2022 the completion of the procedure certifications in FSTEC the entire line of hardware solutions (AC) InfoDiode as a means of technical protection information and means of ensuring safety information technology 4 levels of trust and technical conditions. This allows you to use this means of protection on objects critical information infrastructure up to the first category of significance.

The main purpose of the InfoDiode AC is to protect critical segments (for example,, GIS), APCS upload/load data while preserving galvanic isolation and organize secure interaction of remote objects. The entire line of products that are available in various form factors has passed certification: AK InfoDiode RACK single, AK InfoDiode RACK double for mounting in a 19 'rack and AK InfoDiode MINI in a compact configuration: in desktop or for mounting on a DIN rail. The solutions are fully compatible with market IPS IDS/company-based solutions, and Positive Technologies Kaspersky CyberLympha are in fact typical for building physical network isolation systems when implementing this class of systems.

As of August 2022, regulators are tightening requirements for information security tools, especially with regard to I&C CII, successful attacks on which can lead not only to losses, but also to man-made disasters. In particular, these requirements imply the use of domestic certified solutions. It is for such requirements that the AMT Group developed and certified the InfoDiode AK line, built on the principles of unidirectional data transfer. InfoDiode brand products are implemented and successfully operate in large domestic enterprises of various industries. At the end of 2021, the demand for these solutions increased by about 60%.

Protection information of the perimeter of state information systems CII facilities financial , industry organizations, critical facilities, CII and APCS facilities in,,, and power oil and gas transport HOUSING AND PUBLIC UTILITIES other industries is the most important factor in countering external ones. to cyber threats Physical unidirectional data transfer technologies used at the perimeter boundary provide efficient and secure data transfer from a closed loop to external networks. At the same time, it is guaranteed, at the physical level, the possibility of affecting the protected segment on the same channel through which data from this segment is transmitted is excluded.

The company's solutions are based on many years of experience and experience of AMT GROUP in the use of various unidirectional data transfer systems. The company is confident that the launch of an updated class of certified solutions on the market will significantly increase the security of the perimeter of enterprises and organizations, as well as allow building more effective security systems for the network perimeter, commented Alexander Goltsov, CEO of AMT Group.

MasterSCADA Compatibility

On May 30, 2022, MPS Soft and AMT GROUP"" announced the signing of an official statement on the compatibility of the InfoDiode unidirectional transmission complex data and, software MasterSCADA which is a fully functional universal platform for the development of automation and dispatching systems and allows you to receive and process a large number of industrial protocols, as well as a software communication gateway. MasterOPC

The results of the comprehensive testing confirmed the joint application of InfoDiode and MasterSCADA/MasterOPC products to ensure a high level of protection of critical network segments when transferring industrial protocols beyond the perimeter APCS at enterprises,, and power oil and gas transport others. industries Among the protocols that can be transmitted via InfoDiode via SCADA Master/MasterOPC: OPC DA, OPC UA, IEC60870-5-104, IEC61850 MMS, etc.

The joint use of InfoDiode and MasterSCADA/MasterOPC allows you to solve the following problems:

• Protection and monitoring. CUES Physical isolation of observation object from observer network is provided with simultaneous preservation of possibility to observe state of object in online mode.
• Create a foundation for organizing digital twins. Replicas of critical information resources (OPC servers, SCADA systems of main vendors) are transferred outside the perimeter of APCS and CII for further processing and analysis.
• Data aggregation from SCADA systems to ERP, MES and cloud solutions. Data is transferred from several SCADA systems to ERP, MES systems, to cloud solutions. Any inverse influence on the part of these systems is excluded.
• Data transfer to centralized control and situation centers. The centers are provided with real online data, including videofiksatsiyey̆ in conditions of guaranteed isolation of observation objects.

As of May 2022, most enterprises require comprehensive integration of information systems and industrial automation systems, data transfer from the industrial segment to other segments and networks, "said Alexander Goltsov, CEO of AMT GROUP. - Technology data is increasingly used in the organization of digital twins, aggregation of data from SCADA systems into ERP, MES and cloud solutions, to create centralized dispatch and situation centers. That is why they should be available throughout the control hierarchy without distortion, in a mode close to real time. As a rule, such data are concentrated within the boundaries of the critical perimeter of the APCS, access to them is limited both due to the complexity of obtaining and due to strict information security requirements. To isolate the industrial segment as much as possible and preserve the ability to transfer information from it, you can use InfoDiode solutions based on the principles of physical isolation of one network segment from another, and the solutions of MPS Software LLC, which provide data transfer to InfoDiode using various industrial protocols.

{{quote "Sharing InfoDiode and MasterSCADA/MasterOPC solutions allows you to safely implement centralized collection of industrial traffic from technological network segments. MasterSCADA and MasterOPC, as information aggregators in an integrated solution, provide support for the reception and transmission of a large range of industrial protocols, including: OPC DA/HDA, OPC UA, Modbus TCP, IEC 61850 MMS, IEC 60870-5-104, Profinet, Omron FINS, Mitsubishi SLMP, DLMS, etc., and InfoDiode guarantees the safe transit of these protocols abroad of protected segments, "said Andrei Podlesny, Deputy General Director for Commercial Affairs of MPS Software. }}

2021

Compatibility with InfoWatch ARMA

On November 10, 2021 InfoWatch ARMA (part of the GC) InfoWatch and the company "" AMT GROUP signed an official statement on the compatibility of the unidirectional transmission hardware and software complex " data AMT InfoDiode" and products - InfoWatch ARMA software InfoWatch ARMA Industrial (Firewall certified industrial firewall with the intrusion detection system) and InfoWatch ARMA Management Console (unified incident management center INFORMATION SECURITY and protection system InfoWatch ARMA). More. here

InfoDiode Smart View

On September 22, 2021, the company AMT GROUP announced the launch of a diode-class device for comprehensive protection - CUES "InfoDiode SMART." The name of the device reflects a fundamentally different approach to organizing the protection of the network perimeter using unidirectional gateways. The key function of InfoDiode SMART is the ability to transmit industrial protocols - OPC UA, Modbus, MQTT, etc. At the same time, the fundamental ability to broadcast file a stream and UDP traffic through InfoDiode SMART has been preserved. All functions are implemented with the preservation of the physical principle of unidirectionality, that is, the complete guaranteed isolation of the protected object. The present device is a step in both the development of InfoDiode AMT products and the diode class MSI presented in. Russian market

InfoDiode SMART is a 1U rack mount device that is a full-fledged hardware and software package. Such devices can be effectively used for integrated protection of CII, meeting the requirements of 187 FZ.

The main tasks for which InfoDiode SMART has been developed:

• comprehensive protection and monitoring of CII in case of exclusion of any impact on it;
• secure remote interaction of critical segments of individual enterprises and organizations through untrusted networks with the transfer of data outside the trusted perimeter of the network via OPC UA, Modbus, MQTT, FTP (S), CIFS, SFTP, UDP, etc.;
• providing network connectivity for the organization of digital twins;
• transfer of replicas of critical information resources (OPC servers, SCADA systems of main vendors) outside the perimeter of APCS and CII for further processing and analysis;
• providing centralized dispatch and situation centers with real online data, including video recording data, in conditions of guaranteed isolation of observation objects;
• aggregation of data from SCADA systems to ERP, MES systems and clouds.

The distinctive features of the AMT GROUP solution are simplified integration into a heterogeneous infrastructure due to the provision of a universal API (a variety of systems and solutions can now interact with the device, including those independently developed by consumers), the presence of additional connectors from the manufacturer that allow you to integrate the device with the different source and receiver systems themselves.

As of September 2021, the device is preparing for certification by FSTEC UD (4). In the future, it is planned to expand the list of industrial protocols supported by the device.

{{quote 'Every year the number of cyber attacks on critical information infrastructure is only increasing, and security issues are becoming more relevant, "said Vladimir Leonov, Technical Director of AMT GROUP. - We see a clear request from the market, the need for new highly effective hardware protection of the network perimeter. And we continue to work on the creation of devices that will allow our customers to create comprehensive and effective protection systems for CII facilities in accordance with the requirements of the law. }}

AMT InfoDiode Compatibility

On May 13, 2021, CyberLymph, together with AMT GROUP, announces the completion of tests confirming the compatibility of the AMT InfoDiode unidirectional data transfer hardware complex and the CyberLympha DATAPK (CL DATAPK) online monitoring and security monitoring software. Compatibility tests were conducted in April 2021 at the CyberLymph Research Center.

Tests were carried out to practically check the compatibility of products in the scenarios of joint use as part of the subsystems for ensuring constant monitoring of the security status of APCS complexes. The test criterion is the full performance of CL DATAPK functions in unidirectional data transfer conditions.

The test program included bench tests of CL DATAPK, connected to the test infrastructure using InfoDiode, in two modes:

• analyzing a copy of network traffic
• unidirectional reception of events

As a result of the tests, CL DATAPK coped with both network traffic processing and event processing, thanks to which the companies confirm the full technical compatibility of the solutions.

The use of the InfoDiode AMT complex as part of the monitoring system makes it possible to implement physical isolation of the APCS components and ensure that the information security monitoring subsystem does not influence the APCS functions, ensuring full compliance with the requirements for providing information security of industrial automation systems.

The use of CL DATAPK together with the AMT InfoDiode hardware system will allow our customers to increase the level of protection of automated control systems and provide additional measures to protect the APCS from external influences. We are pleased with our partnership with AMT GROUP and hope for fruitful cooperation, - comments Alexey Komarov, Development Director of SaiberLimfa.

Network traffic is the most accessible information to determine the current state of the automated system. The joint use of InfoDiode solutions and proprietary traffic analysis methods from CL DATAPK will allow our customers to build a comprehensive and reliably functioning system for monitoring traffic in the industrial segment, while ensuring complete physical isolation of the network APCS from untrusted networks and their inherent threats, says Vladimir Leonov, Technical Director of AMT GROUP.

Compatibility with CIPF "Kvazar"

On March 22, 2021, the AMT GROUP, together with the Practical Security Systems company, announced the completion of testing of the joint use of hardware models (InfoDiode rack module AK) and InfoDiode hardware and software systems (InfoDiode APK) with Kvazar encryption modules (Kvazar MS). The sharing of complexes provides users with additional opportunities to increase the level of technological security and confidentiality of the network perimeter or individual network segments and allows transferring confidential information outside the organization's network through uncontrolled communication channels without fear of its loss, change or compromise.

Testing shows the possibility of creating a comprehensive solution based on InfoDiode and CIPF "Kvazar" products, which can be used at industrial facilities, in financial structures, corporations, telecommunications companies, where it is necessary to ensure stable performance of services and data transfer environments in conditions of high infrastructure utilization in 24x7 mode, including services such as data/file transfer, video surveillance and others.

The time when the only solution could close all information security issues is long gone, "says Vladimir Leonov, technical director of the AMT GROUP. - Therefore, our company is actively working to establish partnerships and release joint solutions with developers of information security systems. Testing the InfoDiode and MSS Kvazar complexes is another step in this direction. The resulting solution allows you to protect the network perimeter from attacks and ensure a high level of confidentiality of the information transmitted.

{{quote 'The use of means of cryptographic protection of information "Kvazar" together with InfoDiode provides reliable protection of high-speed communication channels of CII objects from most threats, as well as increases the efficiency of investments in infrastructure and services due to the optimal use of equipment and the minimum time for the commissioning of communication channel protection means, - commented Kirill Markevich, Head of High-Performance CIPF Company "Practical Security Systems." }}

Compatible with System 1 Evolution v20.2

On March 1, 2021, AMT GROUP and Bently Nevada (part of Baker Hughes) announced the completion of testing of the joint use of the InfoDiode AMT unidirectional data transmission system (InfoDiode rack module AK InfoDiode Mini) with the System 1 Evolution v20.2 product in industrial data transmission networks. The test results demonstrated a significant increase in the level of technological safety and efficiency of using enterprise systems when integrating these products.

Bently Nevada's System 1 software platform is an important asset management, equipment monitoring tool for oil and gas, power and industrial enterprises, with over 10,000 active users worldwide. System 1 is used for interactive real-time monitoring and diagnostics of gas, hydraulic and steam turbines, compressors, generators, motors, transformers, boilers, industrial heaters, pumps and various auxiliary equipment.

As cybersecurity standards tighten, industrial enterprises are increasingly using the principle of network segmentation when building a network architecture. However, the deployment of monitoring systems in completely isolated technology segments of networks can significantly limit their functionality, availability and, as a result, reduce the efficiency of the enterprise as a whole. The use of the InfoDiode AMT unidirectional data transfer system makes it possible to solve the problem of ensuring the level of isolation of critical information systems, while maintaining the possibility of their interaction with adjacent information systems. Thus, processes of continuous monitoring of equipment operation in the technological network from other segments can be built, including processes of incident response from internal and external services, and, if necessary, equipment manufacturers.

In these conditions, the task of ensuring the safety of industrial facilities is becoming more and more urgent, "says Vladimir Leonov, Technical Director of AMT GROUP. - Therefore, when developing solutions in the field of information security, we pay great attention to their integration with key information systems of industrial enterprises. Through close cooperation with Bently Nevada partners, we can offer industrial companies a joint System 1 plus InfoDiode solution that allows for interactive health control and diagnostics of industrial equipment, while significantly reducing risks arising from unauthorized impact on technological processes flowing in the OT network.

{{quote 'Our customers are paying more and more attention to cybersecurity issues. By confirming the compatibility of System 1 Benlty Nevada and InfoDiode, we can offer our customers not only a good solution in the field of monitoring and diagnostics of industrial equipment, but also a reliable tool to improve the security level of the technological segment of the network. This will allow enterprises to accelerate digital transformation and fully use all the functionality of System 1 in full compliance with IT security requirements, "said Mikhail Dagaev, Regional Director of Bently Nevada Russia, Turkey, Caspian. }}

2020

Compatibility of InfoDiode rack module/Mini with Kaspersky Industrial CyberSecurity for Networks

On December 28, 2020, the companies AMT GROUP and "" Kaspersky Lab announced the completion of comprehensive testing of the joint use of InfoDiode hardware models (AK InfoDiode rack module, AK InfoDiode Mini) with a product (Kaspersky Industrial CyberSecurity for Networks KICS for Networks) data industrial in enterprise transmission networks. Working in conjunction, the products complement each other's functionality. More. here

Release of АК AMT InfoDiode Mini

On July 8, 2020, AMT GROUP announced the expansion of the product line of InfoDiode AMT unidirectional data transfer devices. A hardware complex in a form factor is now available for order - AK AMT InfoDiode Mini in a compact configuration. The device in this form factor retains all the main characteristics of the standard AA AMT InfoDiode.

The use of the InfoDiode Mini AMT AC guarantees protection from external influences in order to violate the integrity and availability of information and ensures a high level of isolation of information systems. At the same time, the possibilities of information exchange and the functioning of business processes are preserved. Security is provided at the hardware level, excluding any possibility of implementing attacking information actions at the software level .

Due to the ever-increasing number of cyber threats, more and more organizations and enterprises are using unidirectional data transfer technologies to prevent attacks through critical infrastructure management systems. At the same time, a significant part of such tasks requires the use of small-sized devices to solve them instead of the classic ones for mounting in a rack. Enterprises of various industries - energy, oil and gas, transport, housing and communal services, etc. - use devices for mounting on a DIN-rack, as well as desktop options.

The main areas of application of the InfoDiode Mini AMT AC are:

· Unidirectional information exchange for networks of various levels of criticality through public networks; · Secure transfer of data from critical systems for further analysis on specialized information security systems and monitoring systems; · Secure recording from sensors and surveillance cameras to servers located in a secure segment of the network; · Secure broadcast of audio-video content, transmission of messages and notification signals from mobile devices, including wireless communication channels; · Unloading of event logs for subsequent correlation in SOC and State system of detection, prevention and elimination of consequences of computer attacks systems.

AMT GROUP developed the InfoDiode AMT device in 2015. At the beginning of July 2020, InfoDiode AMT hardware and hardware and software complexes are used in the implementation of projects to protect APCS systems, CII facilities, KVO, closed segments of networks of state and commercial enterprises.

In addition, AMT GROUP is developing a partner network to promote the product to the market.

2018

Integration with InfoWatch ASAP to protect APCS process networks

The system integrator and developer of IT solutions AMT Group"" and the group of companies InfoWatch in March 2018 announced the completion of testing of the joint use of PAC (InfoWatch Automation System Advanced Protector InfoWatch ASAP) and AK InfoDiode products to protect technology networks. APCS

The sharing of these products allows the analysis of information flows in the industrial network to identify unauthorized connections and activities, as well as [[[cyberattacks|cyber attacks]]|[cyber attacks], while ensuring protection against malicious impact on the protected segment of the APCS.

Taking into account the close attention of the legislative bodies and regulators of the Russian Federation to the topic of protecting critical information infrastructure (CII), which, among other things, includes the majority of APCS, a joint integration solution of the system of guaranteed protection against external network threats (InfoDiode) and a specialized system for analyzing information flows in order to identify threats within the protected segment (InfoWatch ASAP) will achieve a high level of CII security, according to AMT Group and InfoWatch.

InfoWatch ASAP is performed based on the traffic received from the SPAN port of the switch to analyze information flows and inform about activities (both allowed and unauthorized) in the protected network. In turn, InfoDiode, installed in the gap between the switch and InfoWatch ASAP, provides guaranteed unidirectional data upload. In this way, the critical segment is isolated while maintaining the ability to unload the information necessary for analysis.

InfoDiode is designed to organize unidirectional data transfer at the physical level between information segments of various levels of criticality, ensuring the impossibility of any information impact from outside. Due to the lack of programmable components in InfoDiode, it is impossible to make changes to the device configuration or affect to change security functions, unlike traditional network segmentation tools (firewalls).

In turn, InfoWatch ASAP is a specialized software and hardware complex designed to register and analyze current traffic in the APCS technological network, register information security events and respond to abnormal activity. Allows you to provide firewall and intrusion prevention at the link, network, transport and application levels, detect attacks on industrial automation tools.

Release of joint solution with Group-IB

The company specializing Group-IB in prevention, cyber attacks together with a AMT Group system integrator and developer, in January 2018 announced the launch of a joint solution to ensure information security and protect against cyber threats within isolated segments of networks of large corporations, industrial enterprises, fuel and energy complex facilities and financial organizations.

The use of a multi-layered network architecture built on the principle of Defense-in-Depth is, in a way, a security standard for industrial giants, public and private corporations around the world, "said Nikita Kislitsyn, head of solutions for protecting against targeted attacks Group-IB. - Obviously, the most sensitive information cannot be processed, transmitted and "placed" on the same network as other, less critical data. The first step is to isolate her. The second is to provide protection. Indeed, within a "closed" network, a mail service is often used, it may have unaccounted for or legitimate vulnerabilities. The human factor cannot be ruled out.

To protect critical infrastructure, Group-IB and AMT Group experts have created a technology solution that allows you to separate network segments, analyze internal information flows, check any suspicious activity on the fly, identify and stop attempts to penetrate isolated network segments or compromise data at an early stage. The verdict on the hazard level of the object is made on the basis of the classifier generated by the machine analysis system. This ensures constant monitoring of the real situation, which is a prerequisite for the construction of a controlled security system for critical infrastructure facilities.

As part of the technology collaboration, the partners integrated the Group-IB Threat Detection System (TDS) and InfoDiode products from AMT Group. Based on the results of multi-stage load testing - both in the Group-IB laboratory and in the "combat" mode - on the allocated sections of the company network - the quality of the joint solution and ensuring all the declared performance and integration indicators were confirmed.

Group-IB and AMT Group joint solution to protect "closed" network segments in the organization's information infrastructure

The merger of the flagship technologies of Group-IB and AMT Group is expected to ensure a high level of information security of separate network segments without any interference with the existing infrastructure and its processes. InfoDiode is "responsible" for unidirectional data transfer between information segments of various levels of criticality, excluding any information impact from outside. "Receiving" traffic from InfoDiode, Group-IB TDS detects infected nodes, detects suspicious network activity and any anomalies based on signatures, heuristics and its own knowledge base consolidated in the Threat Intelligence system.

According to partners, the release of such solutions meets not only the needs of the market, but also the requirements of the regulator: on January 1, 2018, Federal Law N 187-FZ "On the Security of the Critical Information Infrastructure of the Russian Federation" entered into force.

The isolation of critical network segments in industry, banking, government agencies, the fuel and energy sector segment and large corporations is increasingly a necessity not only due to tightening regulatory requirements, but also as the only possible way to guarantee protection against external threats, "said Alexey Malnev, Deputy Director of the Information Security. " - At the same time, complete isolation imposes significant restrictions on countering internal threats. The joint solution of AMT Group and Group-IB allows you to solve monitoring problems while maintaining the proper level of isolation of critical infrastructures.

2016

At Solar Dozor and AMT InfoDiode announced a PAC to control employee communications

In November, the companies Solar Security AMT GROUP announced the creation of a software and hardware complex to monitor employee communications and identify early signs of corporate fraud in companies with isolated secure environments. The solution is implemented on the basis of Solar Dozor products and. InfoDiode AMT

The development is focused primarily on the public sector, including power structures, industry, the fuel and energy complex, as well as commercial enterprises of any industry using isolated network infrastructure circuits. The use of DLP systems in such organizations imposes certain restrictions on the storage and processing of analyzed data. Even if the collection is carried out in an unprotected circuit, the analysis and storage of information must be carried out in a closed perimeter inaccessible from the outside. This makes it possible to ensure reliable control of employee communications and guaranteed confidentiality of corporate information.

Read more: Solar Dozor (formerly Watch-Jet)

PT ISIM and AMT Group: InfoDiode Integrated

In April 2016, Positive Technologies and AMT GROUP announced the successful testing of a joint solution to protect critical infrastructures and industrial enterprises, created on the basis of Positive Technologies Industrial Security Incident Manager and AMT Groups: InfoDiode.

The solution provides the ability to protect the APCS segment without affecting its functional safety. In particular, PT ISIM allows you to detect cyber attacks or illegal actions of personnel, vulnerabilities of APCS components and conduct incident investigations. And integration with InfoDiode AMT is guaranteed to exclude the possibility of negative impact on the APCS segment due to the isolation of PT ISIM and unidirectional data transmission.

The principle of operation of PT ISIM is to collect and analyze a copy of the traffic of the technological network. The intelligent event processing mechanism used by PT ISIM allows you to link individual security events in an attacker's action chain and identify time-distributed attacks (even over long periods) by notifying employees on the ground or in the situation center of an incident. And thanks to the visualization function, the system presents the incident in a visual, user-friendly form: with reference to the network topology and the scheme of industrial equipment. A saved copy of the traffic makes it possible to conduct a retrospective analysis and investigation of the incident at any time.

In the joint scheme, the protection of the perimeter of the APCS segment, the information of which is transmitted for analysis, is implemented on the basis of the AMT InfoDiode solution. This ensures the isolation of the process network segment and eliminates the impact of the protection means on functional safety.

2015

Certification of InfoDiode hardware and software complex in FSTEC of Russia

AMT GROUP announced in September 2015 the completion of the certification of the InfoDiode hardware and software complex at the FSTEC of Russia. A certificate has been obtained for compliance with the requirements of the technical specifications and the guiding document "Protection against unauthorized access to information. Part 1. Information security software. Classification according to the level of control of undeclared capabilities "(State Technical Commission of Russia, 1999) according to the 4th level of control.

The obtained certificate allows you to use InfoDiode to protect confidential information (automated systems up to class 1 G, personal data protection systems up to level 1 of security, state information systems up to class 1, as well as APCS systems up to and including class 1).

The company's future plans include obtaining certificates from the FSB, the Ministry of Defense and industry certification systems.

Release

The company "AMT Group" announced in February 2015 the launch on the market of a solution of its own design - the hardware and software complex of unidirectional data transfer InfoDiode. The solution is designed to provide data protection in local area networks by isolating critical network segments while maintaining the possibility of interworking. The target industries of InfoDiode application are state-owned enterprises and organizations, industry, fuel and energy complex, corporate sector and financial industry.

According to the developers, InfoDiode has a number of features that new reveal the potential for using unidirectional data transfer systems, which increases the number of tasks and possible application scenarios solved with their help.

In the process of developing a new solution, AMT Group specialists used their own long-term experience in introducing unidirectional data transfer systems, and also took into account the requirements and specifics of domestic customers, Russian legislation and the market as a whole.

The technology, known as Data diode, has been used for several years to protect data in various industries. The use of unidirectional data transmission systems in the Russian Federation is regulated by orders 17, 21 and 31 of the FSTEC, indicated in AMT Group.

"Given the current political situation, the use of Western solutions for unidirectional data transfer today is not always possible due to the specifics of the equipment itself (usually devices of this class belong to dual-use systems) and sanctions restrictions. That is why it is extremely important to have a completely domestic product, - said Vasily Nosakov, director of the information security department of AMT Group. - In our country, it was believed that unidirectional data transmission systems are mainly applicable for APCS protection . However, foreign experience and 'AMT Group' experience show that the range of tasks solved with their help is much wider, and the potential for using these systems has not yet been significantly disclosed. "