IVK Kolchuga

Main article: Firewall

Kolchug IVC - a firewall, a communication center, a means of protecting the perimeter from external information attacks and the organization of internal resources of the NPP.

2021

Integration with SIEM MaxPatrol

Positive Technologies and Information Implementation Company announced on October 5, 2021 the completion of the integration of the incident detection system MaxPatrol SIEM with a firewall to protect restricted access data of Kolchuga-K IVC. Product sharing will enhance the ability to detect unwanted inbound traffic on local networks and prevent unauthorized access to information.

Combining the capabilities of the two products will allow companies to better monitor the security of business-critical information systems, quickly respond to emerging IS threats, prevent attacks aimed at stealing sensitive data, and investigate incidents.

Cyber attacks on state authorities are becoming more frequent and sophisticated. So, according to our study, in the first quarter of 2021, the largest share of attacks (12%) was aimed at state institutions. Moreover, since 2017, they have consistently led the ranking of the most often attacked organizations, "said Anton Alexandrov, head of the service and technology partnership development department of Positive Technologies. - The joint solution of Positive Technologies and IVC is primarily relevant for owners of critical information infrastructure, in particular for government agencies, as well as enterprises of the fuel and energy and industrial complex.

As a result of integration, data will be transmitted to the SIEM MaxPatrol from another source - the domestic firewall "Kolchuga-K IVC," and in the future they will be supplemented with information from other connected systems: OS logs, security features (e.g. web traffic, mail), intrusion detection and prevention systems, DoS attack detection and blocking systems, antivirus security, data leak prevention systems, content-controlled proxy servers, etc.

Every year, the frequency and intensity of cyber attacks on the digital infrastructure of the public and commercial sectors increases, "said Grigory Sizonenko, General Director of IVC. - Therefore, my colleagues at Positive Technologies and I are constantly developing our products to provide customers with tools for reliable protection against unwanted traffic and unauthorized access. Now these solutions are integrated into a single software package - a key element of the IT security platform. If earlier users of our firewall could detect traces of intrusion of intruders by logs, now a comprehensive solution provides the opportunity not only to immediately detect and repel the attack, but also to take preventive measures for the future.

Both products are included in the unified register of Russian software, and the correctness of their collaboration was checked by Positive Technologies specialists during the tests.

Receipt of the Kolchuga-K IVC line of the FSTEC of Russia certificate

On March 4, 2021, it became known that the line of firewalls of the fourth-generation KOLCHUGA-K IVK - the development of the IVK company - received the FSTEK of Russia certificate. Software and hardware complex IVK KOLCHUGA-K is designed to protect restricted access information. When designing the fourth generation IE IVC KOLCHUGA-K, the developers paid special attention to the development of its user interface and functionality. In particular, the functions of filtering the traffic of the application level of availability and management of service priorities are optimized, the interface has become intuitive and ergonomic. Using the KOLCHUGA-K IVC will allow organizations to monitor and filter information flows in accordance with specified corporate rules.

Critical information infrastructure owners are primarily interested in applying KOLCHUGA-K IVC, who need to transfer their IT resources to a well-protected technology independent platform in a short time. Experts in the field of information security note that cyber attacks on state authorities, enterprises of the fuel and energy and industrial complex, banks, the defense sector, health and transport organizations are becoming more frequent and sophisticated. Therefore, we continue to develop the Russian firewall - a software and hardware complex to protect local networks from unwanted traffic and unauthorized access. It is one of the main elements of the security platform of any IT infrastructure, regardless of its scale and complexity. The development of all generations of IE IVC KOLCHUGA-K is carried out on the basis of the domestic independent repository of free Sisif software, which is developing in Russian jurisdiction. noted Grigory Sizonenko, CEO of the IVC Group of Companies

As it was explained, certificate of conformity No. 4357 of 29.12.2020 FSTEC of Russia certifies that the KOLCHUGA-K firewall developed and made by JSC IVK corresponds to the documents "The Requirements for Safety of Information Establishing Levels of Credibility to Means of Technical Information Security and Means of Ensuring of Safety of Information Technologies" (FSTEC of Russia, 2018) - by 4 levels of trust, "Requirements for firewalls (FSTEC of Russia, 2016) and "Firewall protection profile type A of the fourth protection class IT.ME.A4.P3" (FSTEC of Russia, 2016). Certification tests in accordance with the new requirements of the FSTEC of Russia were carried out by the Sinclit testing laboratory. The Phobos-NT NTC carried out work on assessing the compliance of the safe software development processes implemented in the IVC with the requirements of GOST R 56939-2016 "Information Protection. Developing secure software. General requirements "with recommendations for their improvement.

IE IVC KOLCHUGA-K can be used:

• in personal data information systems up to and including 1 level of security;
• in public information systems (GIS) up to and including grade 1 security;
• in public information systems of class II;
• ensuring the security of significant critical information infrastructure (CII) objects up to and including the 1st category.

The IVK KOLCHUGA-K firewall is delivered in four options of a complete set:

• Kolchuga-K K01 IVC is a complex for protection against network threats with ensuring proper availability of services in networks of large enterprises and data centers;

• ME IVK Kolchuga-K K02 is a compact solution in the Box-PC form factor for protecting information in small business networks or in a branch network;
• ME IVK Kolchuga-K K03 is a solution for protecting information in networks of small enterprises or in a branch network. Available in 1U form factor for server rack mounting;
• Kolchuga-K K04 IE is a balanced solution for providing protection against network threats in medium-sized enterprises or branch networks.

The key features of the updated list of functional capabilities of the ME IVC KOLCHUGA-K are:

• automatic generation of filtering rules;
• automatic generation of channel width control rules;
• Build a high availability cluster (hot backup)
• netflow support - a network protocol for accounting for network traffic, which is the actual standard;
• Enhancement of filtering rules configuration capabilities (application-level filtering, geographic filtering, filtering based on deep analysis of packet data area content);
• Port security via port knocking
• Identify concealed TCP and UDP port scans
• channel aggregation;
• Ability to configure filtering rules for IP address groups
• Provides a graphical web interface for managing features and monitoring firewall performance.

The operator receives notifications of information security events, which allows you to quickly respond to incidents that occur.

The integrated software of ME IVC KOLCHUGA-K is included in the Unified Register of Russian programs for electronic computers and databases (registration number 413).

2012

According to May 2012, the most important element of the platform is Kolchuga IVC, a software complex for securely connecting the territorial unit of the organization to the Internet. This system includes a powerful firewall and a set of services to protect the perimeter of the organization and create its secure communication center.

"Kolchuga IVC" is built on the basis of Linux OS and various free software. At the same time, the configurators created by IVC allow you to quickly and accurately configure this complex system to persons who have practically no even minimal qualifications in the field of system administration. Currently, several modifications of this product are being produced, including a variant using certified cryptography tools. The company IVC produces software and hardware complexes "IVC Kolchug" of different performance and for different network environments.