Electronic Sobol Castle

Electronic lock "Sable" (PAC "Sable") - a certified hardware and software means of protecting a computer from unauthorized access. It can be used as a device that protects an autonomous computer, as well as a workstation or server that is part of a local area network. Certificates of the FSB and FSTEC provide the possibility of using PAC Sobol to protect information containing information constituting a state secret in automated security systems up to and including 1B. "

Appointment

• Protection of confidential information and information constituting a state secret or personal data.

Opportunities

• Identification of users using personal identifiers and cryptographic authentication of users before loading the OS;
• Blocking unauthorized boot of the computer OS by the user from external media;
• System logging of unauthorized access attempts;
• Control the integrity of files on hard drives before booting the OS.

2024: Compatibility with the line of computers "Beaver" and "Raven" of two generations, as well as AWS "Elk"

Delta Computers and Security Code confirmed the compatibility of the Sable software and hardware complex (PAC) with the entire line of personal computers Beaver and Raven, as well as the Moose automated workstation (AWS). Delta Computers announced this on January 15, 2024.

These products of domestic production can be operated the Russian by companies that need to ensure maximum safety, data including the owners of facilities. CUES

Testing the operability of the Sobol trusted loading module confirmed its compatibility with the Beaver and Raven personal computers of two generations, as well as the Moose AWS. This means that sharing this hardware and software will enable customers to create a secure, efficient, and fully import-substituted "workplace for their employees.

Together with our technology partner for both server and client equipment, we are ready to present to customers from a variety of fields of activity an up-to-date comprehensive solution for equipping corporate workplaces with enhanced data protection. The use of Russian developments makes it possible to ensure the greatest data security by reducing dependence on foreign equipment and software in a situation of constant growth of cyber threats against Russian companies, - commented Maxim Tereshchenko, head of the project management department at Delta Computers.

The use of secure workplaces based on domestic products is the basis for protecting confidential information in large organizations. Technological partnership with companies such as Delta Computers, and the combination of our protective equipment with domestic equipment and software allows us to ensure comprehensive security IT infrastructures of various organizations, Russia- said the Pavel Korostelev head of the Security Code product promotion department.

2023: TeamRAY Server Compatibility 2122-2U-M

ICL Techno and Security Code LLC specialists confirmed the successful completion of the compatibility testing process of the registered servereamRAY 2122-2U-M with the Sobol software and hardware complex. This was announced on December 25, 2023 by ICL Techno. Read more here.

2022: Compatibility PAC Sable 4.4 with JaCarta electronic keys

Aladdin RD., a Russian developer and supplier of information security solutions, and Security Code, a Russian developer of software and hardware information protection tools, on May 5, 2022 announced the completion of compatibility tests for their products. Read more here.

2021: Compatibility PAC Sable 4.3 with JaCarta keys

On April 12, 2021, the company Aladdin R.D.."" announced that, together with Security Code"," they completed testing for compatibility of the latest versions of their products. Based on the test results, the correctness of USB the -token operation was also confirmed smart cards JaCarta from Aladin R.D. with a means of protection information Secret Net Studio and a means of trusted loading of PAC Sobol (release 4.3) from the Security Code. More. here

2020: Compatibility of PAC "Sable" version 4 with JaCarta-2 GOST, JaCarta-2 PKI/GOST and JaCarta SF/GOST

On August 28, 2020, Aladdin R.D., a Russian developer and supplier of information security solutions, and Security Code, a domestic developer of software and hardware information protection tools, announced the completion of compatibility tests for their products.

Test tests confirmed the correctness of the work of the trusted download tools (TDT) PAC "Sobol" version 4 (release 4.2), developed by the company "Security Code," and the electronic keys JaCarta manufactured by "Aladdin R.D.," namely USB tokens and smart cards JaCarta-2 GOST, JaCarta-2 PKI/GOST and USB tokens JaCarta SF/GOST.

The Sable PAC trusted download tool is designed to protect CUES and protect information state in organizations, as well as to protect state secrecy. Typical scenarios for the use of SDZ PAC Sobol also include protection of information from unauthorized access, personal data protection in accordance with Order No. 21 FSTEC of Russia and protection from loading from OS third-party media.

The products of the JaCarta line are designed to organize an enhanced or strict authentications in information systems and services, to ensure the legal significance of documents and user actions electronic signature using and secure storage of containers of software, CIPF user data, certificates, passwords etc.

According to the signed compatibility certificate, the JCR 721 reader, a professional trusted smart card reader manufactured by Aladdin R.D., and the ASEDrive IIIe USB reader smart cards were used as additional equipment necessary for correct functioning.

2019: Red OS compatibility

Russian developers RED SOFT and "Security Code" reported on August 26, 2019 that they continue to develop technological cooperation. The company's specialists tested for compatibility of the RED OS operating system ( manufactured by RED SOFT) and the Sable 4.2 software and hardware complex (manufactured by the Security Code). Tests confirmed the correctness of the complex on the operating system. Earlier, the compatibility of RED OS and CIPF "Continent-AP" was confirmed. Read more here.

2018: Obtaining the Russian FSTEC Certificate of Conformity

On December 10, 2018, the company Security Code"" announced the receipt of a certificate of conformity FSTEC Russia for PAC "Sobol" version 4. Certificate No. 4043 of 05.12.2018 confirms the compliance of the electronic lock "Sable" 4 with the requirements of the FSTEC of Russia to the means of trusted loading of the level of the expansion board of the second class of protection.

The obtained certificate, valid until 05.12.2023, makes it possible to use PAK Sobol version 4 to protect confidential information and state secrets labeled "top secret," to use the product in automated systems up to and including 1B security class, in ISDS up to and including UZ1, and in GIS up to and including security class 1.

The release of PAC "Sobol" version 4 "Security Code" was announced in January 2018. The fourth generation of PAC "Sobol" was the next step in the development of the product: the functionality of the electronic lock has significantly changed, and at the same time the continuity of the interface has been preserved, to which users of the previous version are accustomed. The key differences in this generation of trusted boot modules are support for UEFI technology, compatibility with USB 3.0, as well as enhanced functionality.

The operation of PAC Sobol in the UEFI environment makes it possible to use modern computers for storing and processing confidential data and state secrets. GPT markup support allows you to work with hard drives larger than 2 terabytes.

The updated version of the product provides support for compatibility with USB 3.0 and transitions from a 16-bit to a 64-bit architecture. Integration with the latest types of identifiers compared to the previous version of PAC Sobol requires significantly lower costs.

In PAC "Sable" 4, the list of supported identifiers has been expanded:

• USB keys: JaCarta-2 GOST, JaCarta-2 PKI/GOST, JaCarta SF/GOST, Rutoken EDS and Rutoken Lite;
• Smart cards: JaCarta-2 GOST, JaCarta-2 PKI/GOST.

To simplify the use of PAC Sobol in large infrastructures, the number of supported users was increased from 32 to 100, in addition, the capabilities of the security log were expanded: the number of entries increased from 80 to 2000. To increase convenience, the usual electronic lock console changed the graphical interface, but the control logic was saved. It also became possible to work with a computer mouse.

The electronic lock "Sable" version 4 has already gone on sale in three execution formats: on PCI Express, Mini PCI Express Half and M.2 boards.

author '= Andrei Burym, Senior Product Manager, Security Code ' Sable "4 is a completely different approach to ensuring trusted loading of modern computers. Now there is no need to put the BIOS in 16-bit mode, but you can take full advantage of the 64-bit UEFI environment. We tried to make the updated interface as friendly and intuitive as possible - so that administrators do not have difficulties mastering the product.

2016

PAC "Sable" 3.0 with a new PCI Express card

The Security Code company announced in September 2016 the start of sales of the PAC (release 3.0.9) with a new PCI Express card. The product passed inspection control according to the requirements of the FSTEC of Russia in confirmation of the previously issued certificate No. 1967.

Among the features of the updated version of the Sobol electronic lock is the watchdog mechanism, a complete upgrade of the element base and a number of other improvements. The innovations expand the functionality of the product and its scope, the company noted. Among the differences from previous versions is higher performance with less power consumption. At the same time, a wide range of board formats makes it possible to use the Sable electronic lock to protect monoblocks, laptops and ultrabooks.

PAC "Sable" 3.0 (release 3.0.9) is available on PCI, Mini PCI Express, Mini PCI Express Half Size boards and on the new PCI Express board, which implements duplication of electrical circuits. The new board is powered from both the PCI Express slot and the SATA slot.

The updated version of the product can work on almost all operating systems of the Windows and Linux family, even in outdated versions (upon request for technical support of the "Security Code"). Compatible new Linux distributions include MSVS 5.0, Alt Linux 7.0, Centaur x32/64, Astra Linux Special Edition Smolensk 1.4 x64, Mandriva Rosa Nickel x86/x64.

According to the developers, the product passed inspection control: the certificate of the FSTEC of Russia confirms the compliance of the updated version of the Sobol PAC with the requirements of the regulator for trusted download tools. The electronic lock can be used to ensure the safety of the ISDS up to and including the 1st level of security and logging up to and including the 1st class of security.

"Sable" 3.0 with PCI Express card

On February 11, 2016, the Security Code company announced the release of the technical release of the PAC of version 3.0 with a PCI Express card. PAC is equipped with an improved watchdog mechanism, an element base has been modernized, a number of improvements have been made^[1].

The Sable PAC of version 3.0 (release 3.0.9) is available in several execution formats: on PCI, Mini PCI Express, Mini PCI Express Half and PCI Express boards. The product has improved the watchdog mechanism.

The used PCI Express card implements duplication of electrical circuits: power is supplied from both the PCI Express slot and the SATA connector. This modification improves the reliability of the watchdog timer.

author = Andrei Burym, Sable Product Manager, Security Code Since PCI Express is half the size of the previous modification, the complex can be installed in mini-cases. The element base of the board has been completely updated, the memory capacity has been increased by 4 times, the FPGA (programmable logic integrated circuit) is made using a 45-nm process technology, which means that the product has higher performance with less power consumption. A wide range of board formats allows you to use the Sable electronic lock to protect monoblocks, laptops and ultrabooks.

The released version of the Sobol electronic lock supports NTFS, FAT32, FAT16, FAT12, UFS2, UFS, EXT4, EXT3, EXT2 file systems. The product can work in almost all operating systems of the Windows and Linux family, including in outdated versions (the necessary software is provided on request to technical support of the "Security Code"). Release 3.0.9 added support for operating systems versions:

• MSVS 5.0;
• Alt Linux 7.0 Centaur x32/64;
• Astra Linux Special Edition "Smolensk" 1.4 x64;
• Mandriva ROSA "Nickel" x86/x64.

According to the company, the modernized version of PAC Sobol was transferred for inspection control to the FSTEC of Russia to confirm compliance with the previously issued certificate No. 1967.

Sobol electronic lock tested on Inspur hardware platform

In the spring of 2016, Inspur, a provider of comprehensive cloud computing solutions and services, and Security Code, a Russian developer of certified software and hardware in the field of information security, completed functional and load testing of the certified hardware and software trusted download module (APMDZ) "Sobol" on the Inspur NF5170M4 rack server.

Sergey Mushchenko, Head of Sales Development at Security Code, commented on the result of the work: "The testing performed showed that the Inspur NF series servers fully meet the requirements for the deployment of our AMDZ. As a result, customers are expanding their choice of proven and usable hardware platforms with our solutions. "

2015

PAC "Sobol" 3.0 passed inspection control at the FSTEC of Russia

The Security Code company, a Russian developer of funds, information protection announced in September 2015 that it had passed inspection control FSTEC Russia in and went on sale of the updated version of PAC Sobol 3.0 (release 3.0.8).

The updated version of PAC Sobol passed inspection control on the new requirements of the FSTEC of Russia in confirmation of the previously issued certificate No. 1967. The validity period of the certificate of conformity has been extended until December 7, 2018.

To comply with the new requirements of the FSTEC of Russia imposed on the APMDZ and approved by Order of the FSTEC of Russia dated February 6, 2014 No. 240/24/405, the updated version of PAC Sobol 3.0 significantly expanded the audit functions (event log and work with it) and added the ability to determine the validity period of passwords for all types of identifiers.

In addition, the Sable 3.0 electronic lock (release 3.0.8) supports new versions of operating systems: Ubuntu 14.04 LTS Desktop/Server, CentOS 6.5, Debian 7.6, Red Hat Enterprise Linux 7.0x64, Astra Linux Common Edition 1.9 "Eagle" x64. PAC "Sable" 3.0 (release 3.0.8) can be shipped with a board in the form factor PCI, PCI Express, Mini PCI Express or Mini PCI Express Half, which allows you to use the electronic lock "Sable" to protect the most modern models of monoblocks, laptops and ultrabooks.

According to the certificate of the FSTEC of Russia No. 1967, the updated version of PAC "Sobol" meets the new requirements of the guiding documents for trusted download tools of the level of the expansion board of the second class and can be used to protect the ISDS up to the 1st level of security inclusive and GIS up to the 1st class of security inclusive, as well as when creating the NPP up to the class of 1B security inclusive.

Sable is compatible with HP ProLiant servers Gen9

On October 8, 2015, Security Code and HP announced the completion of work to ensure compatibility of Sable AMDZ with HP Gen9 ProLiant servers.

A modified BIOS is included in the HP Service Pack for ProLiant update release (HP SPP 2015.10.0) for all major HP Gen9 ProLiant server models. The integration provides guaranteed support for the operation of the Sobol PAC as means of protection against NSD on ProLiant HP servers and allows the use of a certified Sobol PAC to protect servers from NSD and trusted loading in accordance with information security requirements.

"The developers of our company, together with HP specialists, carried out work to ensure the compatibility of 9th generation HP ProLiant servers with Sobol complexes. As a result of the improvements, a special BIOS version was created for HP servers, which, after comprehensive tests, became official for the entire line of HP ProLiant 9th generation servers. Thus, HP servers and workstations can now be reliably protected from unauthorized access by a certified trusted download module - the Sobol complex, "said Andrei Burym, Security Code product manager.

"The modified BIOS version was included in the release of the next Service Pack for ProLiant (HP SPP 2015.10.0). All major models of the ninth generation HP ProLiant servers in the DL, ML, BL, XL lines received the update. Integration at the BIOS level guarantees full product compatibility and allows our users to freely use the Sobol AMDZ to protect the server from unauthorized access in accordance with the requirements of FSTEC and the FSB of Russia, "said Alexey Kazmin, Product Manager of the Server Department, HP in Russia

.

2014: Sable 3.0.7 on sale

On June 10, 2014, the Security Code Company announced the launch of PAC Sobol 3.0 with support for the new Mini PCI Express Half board.

The product passed inspection control FSTEC Russia in confirmation of the previously issued certificate No. 1967.

The updated version of the Sable 3.0 PAC (release 3.0.7) has been supplemented with a new hardware controller in the Mini PCI Express Half form factor, which can be used to protect the most modern models of all-in-one, laptops and ultrabooks.

The Sable 3.0 PACS (release 3.0.7) also supports several operating systems:

• OS Windows 8.1 and; Windows Server 2012 R2
• Astra Linux SE Smolensk 1.3;
• CentOS 6.2 OS;
• virtualization platformsVMware vSphere ESXi 5.1/5.5, which allows you to use PAC Sobol 3.0 in conjunction with the new version of CSR vGate R2 to protect VMware virtual infrastructures.

PAC complies with the requirements of guiding documents on the 2nd level of control for the absence of PVA, can be used in NPP up to 1B class inclusive and used in ISDS up to 1 level of security inclusive and GIS of up to 1 class of security inclusive.

2013

Sable 3.0.7

The Security Code company announced on August 1, 2013 that the new version of PAC Sobol 3.0.7 will support the new miniPCI Half size board and support for the AstraLinux 1.3 platform.

The company also announced the transition to the development of information protection tools by the iterative method, which will allow to completely update the product line and release a number of new products by the end of 2013. All new versions of the company's products, planned for release before the end of 2013, will be adapted to work with modern operating systems Windows 8 (x86/x64) and Windows Server 2012.

Compliance certification

The updated version of PAC Sobol was transferred to the FSTEC of Russia for inspection control and to the FSB of Russia for control thematic tests in order to confirm the existing certificates of conformity.

USB 3.0 support

Most of these devices are equipped with a high-speed USB 3.0 interface, which is used by personal USB identifiers (eToken, Rutoken, etc.) for identification and enhanced user authentication. As a result, support for high-speed USB 2.0/3.0 mode, implemented in the updated version of PAC Sobol, will allow using USB identifiers on the most modern computers.

In addition to support for high-speed USB 2.0/3.0 mode, the updated version of PAC Sobol implements support for operating systems, Windows 8, and the Windows Server 2012 EXT 4 file system in the OS family. Linux

The product passed inspection control in the FSTEC of Russia for compliance with the guidelines for the 2nd level of control for the absence of NVA and can be used in the NP up to and including class 1B and the ISDS of the highest level of protection. The updated version of the Sobol PAC was also transferred to the FSB of Russia, where control thematic tests are carried out in order to confirm the existing certificates of conformity.

Sable 3.0.6

The release of the new version of the electronic castle "Sobol" 3.0.6 was reported by the press service of the developer on July 11, 2013.

The Sobol electronic lock is used to protect personal computers, including desktops, laptops, ultrabooks, servers and a number of specialized devices (cryptographic gateways, routers, etc.)

2012

Companies are moving their IT infrastructure to smaller solutions. Desktops are being replaced with portable computers (laptops, ultrabooks, all-in-ones, nettops, etc.), bulky servers and specialized devices (cryptographic gateways, routers, blade servers, etc.) - with small modern analogues. According to IDC forecasts, laptop shipments for 2012 will increase by 13.9%, and desktop shipments by only 2.6%. Of course, updating the equipment should not lead to a decrease in the level of corporate security. Therefore, you need to update your security features in time or install new ones. Currently, the Russian information security market has a large number of various information protection tools, among which an important place is occupied by hardware and software modules of trusted loading, which neutralize a number of threats, such as unauthorized access, password selection, loading an abnormal operating system, modifying system files and the Windows registry, changing the hardware of the protected computer, etc.

For more than ten years, the Sable trusted download hardware and software module developed at the Informzaschita NIP has been supplied to the Russian information security market. The number of installations in workstations, servers, specialized platforms amounted to more than four million. The design of the module developed after the market, engineers quickly responded to the emergence of new types of computers and components, improving the Sable hardware, and increasing the number of types of supported identifiers. New threats appeared, the regulatory authorities put forward appropriate requirements, in response the developers developed functionality and introduced new protection mechanisms.

In 2011, the Security Code company decided to release Sable for compact computing devices. In April 2012, a trusted boot module under the official name "Sable Software and Hardware Complex" was developed and submitted for certification for computers with a Mini PCI Express system bus. Version 3.0. "

The previous implementation of the module based on the PCI-E card, successfully supplied to the Russian market, is certified by the FSB and FSTEC of Russia. The obtained certificates allow you to use PAK "Sable" to protect information constituting a commercial or state secret in automated systems with a security class up to 1B inclusive and in ISDS up to K1 class inclusive. The corresponding level of certification is planned to be preserved for the new implementation of PAC Sobol.

Certification

Certificate of conformity of the FSTEC of Russia No. 1574 for a software and hardware means of protecting a computer from unauthorized access Sable 2.1 until March 14, 2014. This certificate confirms that PAC Sobol 2.1 meets the 2nd level of control for the absence of undeclared capabilities (in accordance with the requirements of RD of the State Technical Commission of Russia) and can be used in automated systems up to and including 1B class. By renewing the certificate for PAC Sobol 2.1, the company Security Code provides an opportunity for the information systems of Customers that use this version of the electronic lock to continue to comply with the requirements of the legislation of the Russian Federation.

The Security Code company announced in September 2012 that it had received a GOST R certificate of conformity for the Sable version 3.0 trusted download software and hardware complex. Certificate No. 0748509 confirms compliance of PAC Sable 3.0 with the requirements of regulatory documents TU RU.40308570.501410, GOST R IEC 60950-1-2009. The certificate is valid until 28.08.2015. The GOST R certificate also applies to the new version of the PAC, made in the format of a Mini PCI Express card.

Computer on the lock

To block all known routes of unauthorized entry into the computer at the operating system boot level, Sobol has many protective functions. Not only user identification is provided before the start of the operating system, but also blocking the loading of an abnormal OS from any external media is implemented. The computer is also blocked if, after it is turned on, control is not transferred to Sable. After turning on the Sable computer, the integrity of the hardware and software is checked.

The implementation of the user identification and authentication procedure allows you to create an almost insurmountable barrier against attackers trying to access data stored in a protected computer. Recognition and authentication is performed every time a user logs on with the mandatory use of personal identifiers. During authentication, the password specified by the user is checked for correctness using the user authenticator stored in the personal identifier.

Depending on the type of identifier presented, Sable PAC supports two-factor (for iButton, iKey 2032, Rutoken, Rutoken RF) and enhanced two-factor (for eToken PRO, eToken PRO (Java)) authentication methods .

When implementing two-factor authentication, a personal identifier is first presented, then a user password is entered. When performing enhanced two-factor authentication, a personal identifier is first presented, then its PIN code and user password are entered.

If you present an unregistered ID or enter a password that does not correspond to the presented ID, the intruder is prohibited from entering the system. At the same time, an attempt to unauthorized access to the computer is recorded in the event log of the Sobol PAC, which is located in a special area of ​ ​ the non-volatile memory of the complex board.

Service data on user registration is also stored in the Sable PAC magazine. The complex allows you to store information about 32 user accounts of the complex, not counting its administrator.

In the Sobol complex, the administrator has a number of convenient options for managing the identification and authentication procedure. For example, it can set the minimum length of a user's password, limit the time a user is allowed to log in to present a personal ID and enter a password, or limit the validity time of their password and authenticator, etc. To increase security, the administrator can use the use of random passwords when changing the user and administrator passwords or registering a new user.

PAC "Sable" refers to trusted boot modules, the main purpose of which is to ensure the loading of a standard copy of the operating system. A standard copy refers to a copy of the operating system allowed for operation in accordance with the established procedure. All other boot options are invalid.

The Sobol complex allows you to block unauthorized boot of the operating system from any external removable media, such as floppy disks, optical disks, ZIP devices, magneto-optical disks, USB devices, etc. After successfully downloading a standard copy of the operating system, access to these devices is restored.

The ban on downloading from external media is set by the administrator of the complex, it applies to all users of the computer, with the exception of the administrator. The administrator may allow individual users of the computer to boot the system from removable media.

The implementation of the watchdog timer mode in PAC Sobol allows you to establish another obstacle in front of violators. The watchdog mechanism blocks access to the computer if control is not transferred to the complex after the computer is turned on and after a specified time interval.

There are two ways to block access to the computer: either by forcing the computer to restart automatically using the standard Reset procedure if the required connector is on the motherboard, or by forcing the power off automatically. The watchdog timeout is determined automatically during the complex initialization phase. In the future, the administrator can adjust the parameter value from 4 to 65534 seconds with a second step.

The integrity control mechanism of PAC Sobol monitors the change in the software and hardware of the computer before loading its operating system. Integrity control is based on calculation of current values of checksums of control objects and comparison of obtained values with reference values calculated during initialization or subsequent operation of Sable PAC. The complex allows you to control the parameters of the most valuable computer information resources in terms of security.

The list of objects to be monitored is generated using the integrity control pattern management program. The program is included in the delivery set of the complex. Lists of monitored objects and their checksum values are stored as template files on the computer's hard disk. The paths to the template files are stored in the protected memory of the PAC board.

The complex implements two modes of operation of the integrity control mechanism: "hard" and "soft." The operating mode is set by the administrator for each user of the computer individually. In the "hard" mode, when violations of the integrity of control objects are detected, user login is prohibited, the computer is blocked, the corresponding event is registered in the log; in soft mode, the user is allowed to log on to the system, and an event is logged.

Future

PAC Sobol is developing based on the requests and wishes of customer companies, regulatory requirements, the development of computer equipment and new threats to computer security. Now work is underway to integrate with the Unified Extensible Firmware Interface (UEFI), which is replacing the classic BIOS. It is also planned to release Sable in the Half Mini PCI-E form factor, which is half the size of the existing version. Naturally, the list of supported personal identifiers and operating systems is constantly expanding.

The Sable software and hardware complex has been protecting computers for more than ten years. Little or much? In terms of life expectancy, information protection is a lot. However, from the point of view of the development of technologies, more and more new reasons for improving PAC Sobol appear. Thanks to the ease of configuration, ease of use, reliability and relatively low price, the Sobol complex developed on the basis of the Mini PCI-E board has wide development prospects.

Sable 3.0.5

Technical release 3.0.5 is the next improved version of PAC "Sable" version 3.0, which implements new features and functions. In particular, in version 3.0.5, the following are implemented:

• Support for the new mini PCI-Express board: Now PAC Sobol 3.0 can also be delivered on a board with a mini PCI-Express form factor, in addition to the existing PCI and PCI-Express.
• support for new * Nix operating systems: Debian 6, Red Hat Enterprise Linux 6, Mandriva ROSA 2011.

Also in version 3.0.5 updated software for monitoring the integrity of the following OS: Alt Linux SPT 6.0 and Astra Linux Special Edition "Smolensk."

The updated release of PAC Sobol 3.0.5 was transferred for inspection control in, and in the FSTEC Russia near future will be submitted for certification to the FSB of Russia.

2011

Sable 3.0.4

In October 2011, the Security Code company announced the release of a technical release of a new version of the Sable 3.0.4 electronic lock with support for Alt Linux SPT 6.0 and Astra Linux Special Edition Smolensk operating systems. The new version of the Sable trusted boot hardware and software module 3.0.4, designed to protect an autonomous computer, workstation or server that is part of the organization's LAN from unauthorized access, supports the Alt Linux SPT 6.0 and Astra Linux Special Edition Smolensk operating systems. In addition to these operating systems, PAC Sobol also supports 32-bit and 64-bit operating systems Windows 2000/XP/Vista/7 and Windows Server 2003/2008, as well as Linux XP 2008 Secure Edition, MCBC, VMware ESX 3.5-4.1, Mandriva 2008, AltLinux 4.0, RHEL 4.1, Debian 5.0.

The version of PAC Sobol 3.0.4 with support for Alt Linux SPT 6.0 and Astra Linux Special Edition Smolensk operating systems was transferred to the FSTEC of Russia for inspection control.

The results of the inspection control in the FSTEC confirm that the changes made to the hardware and software module of the trusted download "Sable" version 3.0 related to the support of new operating systems are subject to the previously issued certificate of conformity No. 1967. The certificate confirms that PAC Sobol version 3.0 complies with the requirements of the guidelines of the FSTEC of Russia for the 2nd level of control for the absence of NVA, can be used in automated systems of the security level up to 1B and in the construction of ISDS of class K1.

The main feature of the new version of PAC Sobol 3.0.4, which passed inspection control, is the ability to support the Alt Linux SPT 6.0 and Astra Linux Special Edition Smolensk operating systems.

Also, the Sable PAC 3.0.4 successfully functions in the following systems:

• 32-bit and 64-bit operating systems Windows 2000/XP/Vista/7 and Windows Server 2003/2008;
• Linux XP 2008 Secure Edition;
• MCBC 3.0;
• VMware ESX 3.5-4.1 OS;
• Mandriva 2008;
• AltLinux 4.0;
• RHEL 4.1;
• Debian 5.0.

The version of the Sobol product, which passed inspection control at the FSTEC of Russia, has been on sale since March 26, 2012.

Sable 3.0.3

The hardware and software module of the trusted download 'Sable' 3.0.3 implements a number of new features:

• Support for next-generation eToken PRO (Java) identifiers. This feature allows the Sable PAC to perform strict two-factor identification, and support for Java applets allows you to expand the basic functions of the identifier. In addition, eToken PRO (Java) has an increased amount of protected memory.
• Support for computer configuration control. In addition to controlling the integrity of files and sectors of the hard drive, PAC Sobol 3.0.3 implements control over the hardware and software configuration of the computer, namely control of PCI devices, ACPI, SMBIOS and RAM.
• New mechanism for starting the work of PAC "Sobol." Support for the new start mechanism allows you to use the Sable electronic lock on new motherboards, which as a result solves incompatibility problems.
• GPT support. The ability to monitor the integrity of resources located on hard drives marked as GUID Partition Table.
• New supported operating systems. Users of the Sable electronic lock 3.0.3 will be able to form templates to control the integrity of system files and hard drive sectors of the following new supported operating systems: Mandriva 2008 Spring x86/x64; ALT Linux Desktop 4.0.2 Secure Edition x86/Lite x86; ALT Linux Server 4.0.0 Secure Edition x86/x64; Red Hat Enterprise Linux 4.1 Update 1 Secure Edition x64; Debian 5.0.3 x86; VMware vSphere ESX Virtualization Server 4.1 x64 OS.

It is worth noting that these and other innovations implemented in the Sobol PAC of version 3.0.3 significantly increase the level of protection of the workstation or server on which the Sobol PAC is installed.

The version of PAC "Sobol" 3.0.3 was transferred FSTEC Russia to for inspection control.

Sable 3.0

Version PAC "Sable" 3.0.2. features enhanced and improved user capabilities, support for new software and hardware. Among the new opportunities of PAC Sobol:

• Support for working with eToken PRO smart cards via the Athena ASEDrive IIIe USB V2 USB reader;
• Monitoring the integrity of the Windows registry;
• Support for the UFS-2 file system;
• Support for working with USB eToken identifiers has been implemented on computers with USB controllers of the OHCI type;
• Support for automatic generation of a list of modules for CC in modern Windows operating systems: Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2;
• Support for VMWare ESX 3.5 - 4.0 OS.

Sales of PAC Sobol 3.0 with new capabilities began on January 14, 2010.

Notes

Links

• Information about PAC "Sable"
• Valid certificates PAC Sable
• NIP Informzaschita

• Training course on PAC Sobol
• Other NIP products Informzaschita:
  • UPKSH Continent

• * Secret Net