The Ministry of Agriculture selected the contractor for creation of an information security system for 200 million rubles

On March 4, 2019 "Management of office buildings" at the Ministry of Agriculture of the Russian Federation summed up the tender results on creation of the system of information security support (SISS).^[1]

The Ministry of Agriculture will construct an information security system

On tender proposals from 4 companies were submitted: Informzashita, Scientific Research Institute SOKB, AF Laboratory and LANIT-Integration. Based on assessment, the greatest number of points was received by the request of Lanit Integration. This company was also announced by the winner. The total price of the contract will be 199.885 million rubles that for 3.1 million rubles there is less initial cost of the agreement.

SOIB is intended for security of the information which is not the state secret, processed, transferred and stored in information systems of the Ministry of Agriculture.

Information systems of the ministry include the solutions automating key business processes of department: automated system Personnel, official site of the Ministry of Agriculture, electronic document management system, software package of formation and expense control of the budget, etc.

Technical characteristics of information systems are as follows:

• total quantity of users of the IC – 1500.
• the number of users of a FSIS of the 2nd class – no more than 150.
• the used virtualization environment – VMware vSphere 6, the number of virtual processors – 384, the number of virtual servers – more than 100;
• the used antivirus – Kaspersky Antivirus;
• the used means of firewalling – Check Point of 5200 - 2 pieces;
• the used sensors of the attacks – ViPNet IDS – 2 pieces;
• quantity of an automated workplace and servers with Windows OS – no more than 1000;
• quantity of an automated workplace and servers running Linux OS – no more than 150.

The system of information security support should be implemented in the form of a hardware and software system. In the course of creation of SOIB results of the carried-out classification of information systems, assessment of the existing threats of cybersecurity, determination of violators of security, their opportunities, the purposes and methods of implementation of the attacks on resources of the systems of the ministry should be considered.

Technical solutions should be implemented by the imposed information security tools.

The following functional subsystems should be a part of SOIB:

• access controls;
• registration and accounting;
• control of integrity;
• control of security;
• antivirus protection;
• detection of invasions;
• protection of the environment of virtualization;
• ensuring availability.

Notes