PAC "Outpost"

The main articles are:

• Firewall
• Cryptography

2021: Rostec acquired exclusive rights to the Outpost computer attack detection system

On October 15, 2021, the Avtomatika concern, which is part of Rostec, announced that the state corporation, through their company, had become the copyright holder of the Outpost computer attack detection, monitoring and prevention system. The system is designed to protect personal data, information that is not a state secret contained in state data information systems, in automated systems for controlling production and technological processes at critical facilities. It can also be used by objects that have a potential danger to the environment and human health.

The Avtomatika concern clarified to TAdviser that the rights to the entire Outpost product line were acquired from RNT. The latter could not comment at the time of publication on the news why they decided to sell the rights to the Outpost.

"Outpost" is present in the register of domestic software

The system meets all regulatory requirements of regulators in terms of information security and can be adapted to the needs of customers, noted in "Automation."

The functionality of the system allows you to detect and prevent the development of computer attacks aimed at information resources located in controlled segments of AIS (servers of various services, workstations, active network equipment). In addition, the system monitors the integrity of its own resources and the resources of the protected AIS, maintains a log of system messages, inventories software, generates reports, notifies about detected attacks, about the instability of the AIS hardware complex, and has the ability to remotely control network equipment.

"Outpost" has a proprietary security subsystem that allows you to encrypt information transmitted between components using domestic CIPFs up to and including KS3 class. The solution has a fault and fault recovery subsystem that allows you to restore the product state to factory or custom settings.

In the product line of the Outpost system, a software and hardware complex with two types of execution: basic (in which all the necessary software components are installed in one device ready for use out of the box) and modular for building SOA with distributed detection and prevention of computer attacks with centralized control (consisting of network and host sensors for analyzing traffic and status of attack objects, control center and optional AWS administrator).

As part of the digitalization of various spheres of the economy of our country, ensuring information security and protection against computer attacks is of particular importance. Avtomatika Concern is one of the key players in the Russian information protection market. We are constantly improving our solutions in accordance with the challenges of time. The Outpost system is already in demand by a number of government agencies and large commercial enterprises. We are aimed at the widespread implementation of this product in various configurations to protect the information of our customers, "says Avtomatika CEO Andrei Motorko.

According to the concern, the Outpost system is already used in the interests of government agencies, large commercial enterprises, and educational institutions. The system was also used in the center of the operational department for ensuring security and law enforcement in Sochi during the 2014 Winter Olympics and Paralympic Games.

2014

PAC "Outpost version 2"

According to 2014 information, the Outpost computer attack detection system (SOA) version 2.0 is designed to automatically identify impacts that can be classified as computer attacks, an automated information system controlled by this means, and block the development of detected computer attacks. SOA "OUTPOST" can be supplied as a software product or a software and hardware solution "in one box." The OUTPOST product line also includes the OUTPOST-MONITORING software package, designed to track the state of monitored resources of the automated information system and analyze situations in case of problems with access to IT services.

PAC Outpost 2400 and Outpost 2405

The model range of hardware solutions of the certified computer attack detection system (SOA) "Outpost" from the Russian developer RNT was replenished in the fall of 2014 by the fast-acting PAC "Outpost 2400" and "Outpost 2405," designed to protect information in distributed corporate networks. The current models of the novelty differ in the configuration and performance of network traffic analysis.

PAC Outpost 2400 and Outpost 2405 are equipped with network interfaces for data transmission (1 copper at a speed of 1 Gbps) and for traffic removal (2 x SFP + at a speed of 10 Gbps (Outpost 2400), 2 copper at a speed of 10 Gbps (Outpost 2405)). The speed of processing network traffic in new models is up to 2 thousand. Mbps in Half Duplex mode and up to 4 thousand Mbps in Full Duplex mode. New items are offered in industrial version with the ability to mount in a 19-inch rack. Both models provide redundancy of key hardware components (fail-safe RAID using server hard drives, power supply redundancy).

In addition, now all produced models - PAC Outpost 200, Outpost 2000, Outpost 2400, Outpost 2405 - can be assembled in accordance with the tasks of protecting information of a specific network or enterprise, choosing a simple or modular version. Thus, the PAC "Outpost" of a simple version is equipped with a control center with one network sensor and is designed to detect attacks/intrusions of the protected network segment. In turn, one control center PAC and the required number of PAC network sensors are supplied PAC the "Outpost" kit of the modular version, depending on the number of traffic pickup points and the required performance.

Note also that the "Outpost" version 2.0 computer attack or intrusion detection system (SOA) is designed to automatically detect impacts that can be classified as computer attacks, an automated information system controlled by this means, and block the development of detected computer attacks. SOA "Outpost" can be supplied as a software product or as a software and hardware complex (PAC).

2013

PAC "Outpost 2000"

As of 2013, the hardware and software complex is designed for information systems or their segments, including up to 50 workstations and servers.

• Implemented on the basis of an industrial 1U form factor server for mounting in a 19 "rack.
• It has increased fault tolerance due to redundancy of key server components (fault-tolerant RAID array using SAS drives, two power supplies).
• performance - up to 2 Gb/s in Full Duplex mode (up to 1 Gb/s in Half Duplex mode);
• With optional 10 Gb/s NICs up to 6 Gb/s Full Duplex (up to 3 Gb/s Half Duplex)
• optional optical network cards can be installed.

PAC "Outpost 200"

As of 2013, the system is focused on information systems or their segments, combining up to 20 workstations and host servers. The performance has the same software as the PAC Outpost 2000, but is inferior to it in performance.

• It is based on a compact 1U industrial server with the ability to be installed on any horizontal surface or in a 19 "rack.
• low noise level;
• performance - up to 200 Mbps;
• lower price compared to the older model.

The low noise level and undemanding placement allow using PAC "Outpost 200" not in the server room, but in the same rooms where users of the IS work.

Start of sales

RNT announced in August 2013 the start of sales of a certified system for detecting and subsequently preventing computer attacks PAC OUTPOST.

The OUTPOST software and hardware complex is a solution that allows you to detect computer attacks in the protected network that have not been blocked by firewalls and antiviruses. The system detects computer attacks (remote exploitation of vulnerabilities, attempts to inject malware, etc.) using network traffic analysis of the controlled information system at the network and higher levels of the TCP/IP protocol stack.

SOA "OUTPOST" is used in bodies state power of the Russian Federation in automated information systems that process information that does not contain information constituting a state secret (in accordance with the requirements), FSB of Russia as well as in information systems in which information containing secret information is processed (in accordance with the requirements - FSTEC of Russia in automated systems up to and including 1V security class, personal data information systems up to and including class 1).

The complex uses modern software of its own production - SOA "OUTPOST," which allows you to process both incoming and outgoing network flows in real time, detect attacks in them and block them in a timely manner using the network equipment management subsystem (switches, firewalls, etc.).

The "OUTPOST" hardware and software complex provides redundancy of key hardware components inside the device itself, such as a fault-tolerant RAID array using SAS disks and a hot-swappable backup power supply. PAC "OUTPOST" also has a subsystem of its own security, which allows encrypting the information transmitted between the components of the complex using domestic CIPF and monitoring the integrity of its own resources. The complex includes a means of archiving and restoring the settings of the SOA software.

PAC "Outpost" is supplied in two versions. PAC "Outpost" 200 with a performance of 900 Mbps and PAC "Outpost" 2000 with a confirmed, during tests, speed of processing network traffic containing computer attacks up to 6000 Mbps.

Other distinctive features of the design are: the dimensions of the case, scalability and cost of the product.

The software of the OUTPOST SOA, which is part of the complex, has a certificate of compliance with the requirements of the FSTEC of Russia for Class 3 SS, and a certificate of compliance with the requirements of the FSB of Russia for Class B SOA.

The certified solution of the OUTPOST PAC can be used to protect information:

• in organizations processing information that does not contain information constituting a state secret (in accordance with the requirements of the FSB of Russia);
• in organizations processing information containing information constituting a state secret (in accordance with the requirements of the FSTEC of Russia).