ViPNet Client

The main articles are:

• Cryptography
• VPN and privacy (anonymity)

ViPNet Client is a software package for protecting the workplaces of corporate users. ViPNet Client protects against external and internal network attacks by filtering traffic. In addition, the PC provides secure work with corporate data through an encrypted channel, including for remote users.

ViPNet Client for various platforms

• ViPNet Client Android
• ViPNet Client iOS
• ViPNet Client 4U for Linux
• ViPNet Client for Tizen
• ViPNet Client for Sailfish

2023: Compatibility with Aurora Center and Aurora Market

Experts from InfoTeCS and Open Mobile Platform conducted research and confirmed the compatibility and correctness of the installation, operation and update of ViPNet Client 4U, ViPNet PKI Client products on the Aurora Center platform and their compatibility with the Aurora Market enterprise trusted application store. InfoTeCS announced this on October 24, 2023. Read more here.

2022

Compatibility with tokens and smart cards "Rutoken"

And InfoTeCS the company Aktiv"" on December 22, 2022 announced the completion of testing and confirmed the correctness of ViPNet Client's collaboration with tokens and. smart cards Rutoken More. here

Addressing Safety Deficiencies

Solar JSOC CERT advises updating the VipNet Client from InfoTeCS - security flaws have been found. The company "Rostelecom-Solar" announced this on May 19, 2022.

Flaws were discovered during the investigation of an advanced cyber attack. With their help, attackers can infect the system with any virus, for example, for subsequent theft, deletion or encryption of sensitive data. The vendor has already released an updated version of the product that closes this issue.

When investigating a targeted cyber attack on one of the organizations, Solar JSOC CERT specialists discovered that the VipNet product used by the customer contains an executable file that has a vendor digital signature and is susceptible to a vulnerability such as Hijacking DLL (it makes it possible to replace a legitimate DLL file with a malicious library). This fact allowed attackers to use the software update mechanism to remotely manage workstations. To do this, in the network control center (VipNet Administrator), hackers formed a fake update file containing malicious code and sent it to target devices connected to a secure network.

Malware downloaded by cybercriminals, in particular, collected mail correspondence data and user text files from workstations, as well as information about hosts, encryption keys, settings, etc.

Another security flaw in the VipNet Client is the ability to bypass filters in the Application Control component. This component allows you to monitor and adjust application network activity by creating blocking rules. However, attackers were able to bypass them by sending commands directly to the driver and allowing, for example, the system to access the Internet. Thanks to this, hackers were able to transfer all collected data to an external system under their control.

It is noteworthy that the logs of all the actions of the attackers were automatically deleted by a special malware, which significantly complicated the investigation.

The attack, during which we discovered these security flaws, was carried out by attackers of the highest qualifications. We blocked malicious activity in a timely manner, but it was possible to identify it only thanks to monitoring and non-trivial correlation of information security events, since hackers carefully cleaned the traces and bypassed control systems. That is why all organizations that use the VipNet Client need to update the version of the software product as quickly as possible, regardless of the presence or absence of suspicion of the incident, "said Vladimir Dryukov, director of the Solar JSOC Cyber ​ ​ Attack Center at RTK-Solar.

Obtaining a ViPNet Client 4 FSB Certificate of Compliance with the Requirements for Class 4 Firewalls

On April 7, 2022, InfoTeCS announced the completion of the procedure for monitoring changes in the software complex (PC) ViPNet Client 4 (assembly number 4.5.3.65117) within the framework of the current certificate No. SF/124-4062 on compliance with the requirements of the FSB of Russia to the means of cryptographic protection of information of classes KS1, KS2 and KS3 and obtaining a certificate No. SF/525-4189 on compliance with the requirements of the FSB of Russia to devices such as class 4 firewalls.

The ViPNet Client 4 software package is designed to protect the workplaces of corporate users from external and internal network attacks by filtering traffic. It provides secure work with corporate resources through encrypted communication channels, including for remote users.

The following changes have been made to the current version of the product:

• Replaced the software version of the supplied PC ViPNet Client 4 cryptographic information protection tool ViPNet CSP from version 4.4.0 to version 4.4.2.
• The organization form and legal address of the company in the About window and in the user documentation have been updated.
• Improved and strengthened protection against attempts to unauthorized access to ViPNet Client 4 PC settings on user workstations.

Based on the results of change control with the participation of Rostelecom-Solar specialists, work was carried out to analyze the security of this version of the software package.

Compatibility with the information security complex "Sakura"

Russian developers of InfoTeCS and IT-Expertise have confirmed the correct joint operation of the ViPNet Coordinator HW hardware and software complex ViPNet Client 4 with the Sakura information security complex. This was announced on January 31, 2022 by InfoTeCS. Read more here.

ViPNet Client for Windows Features

Among ViPNet Client's capabilities for January 2022:

• VPN client (encryption and imitation protection of IP packets);
• Personal network screen;
• Monitoring the network activity of applications and components of the operating system;
• ViPNet Client operates as part of the ViPNet network and is compatible with all ViPNet Network Security products.

ViPNet Client supports virtual machines and enables ViPNet protection in VDI environments.

Versions of ViPNet Clientfor Linux and OSX are also available.

ViPNet Client for Windows meets the requirements of the FSB of Russia for CIPF class KS1, KS2 and KS3.

2021: ViPNet Client version 3.1 availability with Aurora 3.2 "Penza" OS support

On February 2, 2021, the Open Mobile Platform announced that, together with InfoTeCS, it had completed testing of ViPNet Client for Aurora 3.2 Penza OS.

The ViPNet Client version 3.1 software package with support for the latest version of the Aurora 3.2 Penza mobile operating system is available for order. At the beginning of February 2021, work is being completed to certify the product for compliance with the requirements of the FSB of Russia for cryptographic protection of information of classes KS1 and KS2.

The ViPNet Client software package of InfoTeCS is designed to protect users' access to corporate resources (mail, CRM system, databases, etc.), to protect communication channels when accessing audio and video conferencing systems, as well as SIP telephony. It can be used in state information systems, at critical information infrastructure facilities and when working with personal data, including in medicine.

Cooperation between InfoTeCS and the Open Mobile Platform began in 2016. During this time, the domestic mobile OS Aurora has established itself as a popular and promising product, - comments Alexander Vasilenkov, head of the product development department of InfoTeCS. - Thanks to the protective mechanisms implemented in Aurora, we managed to ensure the compliance of the ViPNet Client software complex with the requirements of the FSB of Russia for CIPF class KS2, which significantly expands the possibilities of using the product.

Availability for ordering the ViPNet Client software complex for this Aurora release is another qualitative step towards expanding the ecosystem of our OS, says Sergey Anosov, Product Director of Open Mobile Platform LLC. - Thanks to the experience of our leading partners, we have the opportunity to build complex solutions on the stack of Russian technologies.

2020

Extension of the provision of licenses free of charge for a period of 6 months amid the coronavirus epidemic

Due to the increase in the number of applications with a request to provide licenses for software for organizing remote secure access and the difficult situation with the development of coronavirus infection, InfoTeCS announced on October 6, 2020 its readiness to provide licenses for a number of its products free of charge. Including on:

• ViPNet Client is a software package designed to protect the workplaces of corporate users.
• ViPNet Connect is an application for secure communication of corporate users.
• ViPNet IDS HS is an intrusion detection system that monitors and processes events inside the host.
• ViPNet SafeBoot is a certified high-tech trusted boot software module of the UEFI BIOS level.

All interested organizations can obtain licenses for this software for a period of 6 months.

The obtained licenses can be used to implement remote secure access, as well as for additional segmentation of local networks, for example, to protect IP telephony systems and video conferencing for internal remote meetings.

The massive transition of companies to a remote mode of operation, caused by restrictive measures during the spring-summer isolation period, showed the importance of correctly connecting employees' personal devices using home networks to corporate resources of organizations.

InfoTeCS strongly recommends that you organize access using the tools. VPN The fastest and safest option is to use home/personal devices as VPN client terminals for remote secure connections to corporate workstations or terminal stations. to servers

ViPNet Client version 4.5 compatibility with Rutoken product line

On July 30, 2020, Aktiv-Soft announced that Rutoken product lines: Rutoken Lite (+ micro), Rutoken S (+ micro), Rutoken EDS 2.0 (+ micro), Rutoken EDS SC smart card have been tested on compatibility, including with the ViPNet Client software complex (versions 4.5 for Windows), designed for protection of corporate user workplaces. Read more here.

Granting a license free of charge amid the coronavirus epidemic

On March 19, 2020, InfoTeCS announced that it would provide licenses for its software for organizing secure remote access free of charge.

As of March 2020, InfoTeCS receives and fulfills many requests for licenses for ViPNet Client software in order to organize remote secure access.

In order to promptly resolve all issues and taking into account the difficult situation with the development of coronavirus infection, the company announced its readiness to provide the required number of licenses for ViPNet Client software, ViPNet Connect, ViPNet IDS HS and ViPNet SafeBoot to expand ViPNet secure networks to all Russian interested organizations free of charge for 6 months. These licenses can be used at their discretion not only for the implementation of remote secure access, but also for additional segmentation of your local area networks, for example, to protect your IP telephony and video conferencing systems for internal remote meetings between their departments without the need to personally gather dozens of employees in one room.

For convenience, we offer to use the template for applying for licenses for client software, which must be issued on letterhead and sent to the address: soft@infotecs.ru.

The company also pays attention to the need to accurately implement remote access using home networks, computers and personal mobile devices. It is not recommended to connect them to corporate network resources directly, even using VPN tools. This is fraught with unintentional creation of holes in the network security loop due to the uncontrolled content of these home resources: viruses, malware, etc. The fastest and safest option in this case is to use home/personal devices as VPN client terminals for remote secure desktop connections to your corporate workstations or terminal servers.

2019

ViPNet Client 4.5.1 compatibility with USB tokens and JaCarta smart cards

On December 24, 2019, the company Aladdin R.D.."" reported that together with InfoTeCS"" completed test tests for the compatibility of their products. The test results showed that electronic keys JaCarta can be used in conjunction with the ViPNet Client desktop protection software versions 4.5.1 and 4.5.2, CIPF version 4.4 and the trusted download module for UEFI BIOS ViPNet SafeBoot version 1.4. More. here

Compatible with Getac F110G3 tablets and Getac laptops S410

The companies Getac InfoTeCS also announced on August 26, 2019 that they confirmed the compatibility of their products at a joint test bench in the InfoTeCS laboratory in. As a To Moscow result of the tests, the correctness of the work/and with laptopstablets Getac F110G3 Getac S410 ViPNet software Client 4.5, 2.4 ViPNet Connect and 1.4 was confirmed. ViPNet SafeBoot More. here

2018

Certificate of conformity of the FSB of Russia

On August 6, 2018, it became known that OJSC InfoTeCS"" received a certificate of conformity FSB Russia No. SF/124-3430 for the product "Software package" ViPNet Client 4 "(versions 1, 2, 3) in the package according to the form FRKYe-00116-03 30 01 FO. The certificate was obtained based on the results of the tests and certifies the compliance of the ViPNet Client 4 software complex with the requirements of GOST 28147-89, GOST R 34.10-2012, GOST R 34.11-2012, imposed on those electronic signature approved by Order No. 796 of the FSB of Russia dated December 27, 2011, established for classes KS1, KS2, KS3, imposed on encryption () cryptographic means of classes KS1, KS2, KS3 for versions 1, 2, 3, respectively.

The certificate certifies the possibility of using the ViPNet Client 4 software complex for the purpose of cryptographic protection of information that does not contain information constituting a state secret. These capabilities include the creation and management of key information, encryption of files, data contained in areas of RAM, IP traffic, calculation of the hash function value for files and data contained in areas of RAM, protection of TLS connections, implementation of electronic signature functions in accordance with the Federal Law of April 6, 2011 No. 63-FZ "On electronic signature."

As part of the safe base AWS

A group of Russian software and computer developers consisting of T-Platforms, New Cloud Technologies, Rusbitekh, InfoTeCS, CryptoPRO and Phoenix have formed an automated workplace that has a high level of information security. First of all, the solution is focused on use in government agencies, as well as in commercial companies that have high requirements for the level of information protection, T-Platforms reported on July 30, 2018. Read more here.

Inclusion in the Register of Russian Software

On April 9, 2018, InfoTeCS announced the entry of ViPNet Client 4 for Linux into the Unified Register of Russian Programs for Electronic Computers and Databases.

As noted in the company, the software product meets the requirements of the rules for the formation and maintenance of the Unified Register of Russian Programs, approved by Decree of the Government of the Russian Federation No. 1236 "On Establishing a Ban on the Admission of Software Originating from Foreign Countries for the Purposes of Procurement to Meet State and Municipal Needs" of November 16, 2015.

Opportunities. Features. Delivery options

As of April 2019, ViPNet Client supports work on computer devices running OCMicrosoft Windows, Linux and OS X.

Opportunities

• VPN client (IP packet encryption and simulation protection).
• Personal firewall (in ViPNet Client for Windows, ViPNet Client for Linux).
• Monitoring the network activity of applications and components of the operating system (in ViPNet Client for Windows).
• ViPNet Client operates as part of the ViPNet network and is compatible with all products in the ViPNet Network Security line.

Use Cases

• Work in a corporate network protected from an internal intruder
  • Connection to resources, services, as well as other users is carried out through point-to-point channels. This allows you to protect information from other users, including within the corporate network.

• Secure operation of a remote user with corporate resources and services through secure channels
  • Encryption of traffic will protect the work with internal resources and services of your organization when transferring data over the Internet.

• Secure User Communication
• * Business users will also be protected by sharing ViPNet Client PCs with ViPNet Connect and ViPNet Business Mail (this feature is supported by certain ViPNet Client modifications).
  • ViPNet Client supports secure channels for corporate communications based on third-party solutions, including IP telephony, video conferencing, and so on.

• Virtual Machine Protection
  • ViPNet Client supports virtual machines and enables ViPNet protection in VDI environments.

Features

• The high performance of encryption and traffic filtering allows real-time protection of voice and video services traffic in TCP/IP networks, as well as simultaneous work with resources of different segments of the corporate network.
• Equal access to the resources of corporate information systems, regardless of the location and method of connecting the user to the telecommunications network (using the ViPNet Network Security solution).
• Channel protection does not affect the operation of third-party applications on the user's computer.
• Encryption keys, security policies, and ViPNet software updates are delivered to your computer through a secure channel.

Delivery options

The ViPNet Client 4 software package is available in three versions corresponding to KS1 to KS3 security classes.

• Delivery of ViPNet Client 4 PC in version 1 in accordance with logbook FRKYe.00116-03 30 01 FO provides KS1 security class.
• The delivery of the ViPNet Client 4 PC in version 2 in accordance with the form FRKYe.00116-03 30 01 FO provides a class of KS2 security when used in conjunction with a certified hardware and software trusted download module (AMDD).
• The delivery of the ViPNet Client 4 PC in version 3 in accordance with the FRKYe.00116-03 30 01 FO form provides a class of KS3 security when combined with a certified AMDD and specialized ViPNet SysLocker software (included in the package) for creating and monitoring a closed software environment.

Certification

ViPNet Client for Windows has a certificate of compliance with the requirements of the FSB of the Russian Federation for CIPF of class KS1, KS2 and KS3.