S-Terra S-Terra CSP

S-Terra CSP specializes in developing products for building virtual secure networks (the CSP VPN family of products) that work autonomously or in integration with Cisco's communication solution and infrastructure. CSP VPN products are certified in accordance with the requirements of national technical regulation and use Russian cryptographic algorithms. S-Terra CSP is the first Russian technology partner of Cisco (Cisco Solution Technology Integrator).

As of July 2022, about 150 employees work at S-Terra CSP.

Products and Services

The products of S-Terra CSP are certified by the FSB of Russia up to and including classes KS3 and ME4, as well as the FSTEC of Russia for levels ME 3, NSD 3, OUD 4 +, NDV 3, AS 1V, GIS up to 1 cell incl., PD 1-4 ur. These levels of certification ensure compliance with the requirements of Russian legislation, including:

• Federal Law No. 149 "On Information, Information Technologies and Information Protection,"
• Federal Law No. 152 "On Personal Data,"
• Order of the FSTEC of Russia No. 17 "On Approval of Requirements for the Protection of Information Not Constituting a State Secret Contained in State Information Systems."

S-Terra products are included in the unified register of domestic software of the Ministry of Telecom and Mass Communications of Russia and allow you to comply with the requirements of Decree of the Government of the Russian Federation No. 1236 "On establishing a ban on the admission of software originating from foreign countries for the purpose of procurement to meet state and municipal needs."

• Use of global IKE/IPsec standards (RFC2401-2412). This ensures that there are no security protocol design errors. The IPsec architecture has been tested by multiple technical analysis and testing of specialists from many countries and is being implemented around the world, including in Russia.
• Not dependent on equipment vendor. IPsec technology is a unified global technology standard. Any organization already uses computing systems in Intel architecture (x86/x86-64 compatible) and ARM for universal purposes. Therefore, by installing S-Terra VPN software on them, you will protect your network in accordance with Russian law.

S-Terra Solutions for Industry Challenges

Protect interoperability between offices in the same organization

Protecting interoperability in an organization's geographically distributed network is a typical C-Terra solution that has been proven many times by our customers. In each department, a crypto gateway is installed that implements IPsec VPN with GOST algorithms and firewall. Thanks to the wide range of C-Terra products, it is possible to choose a suitable device for solving any problem, with the required data transfer rate. Clustering is supported in C-Terra products to improve link resiliency with critical objects.

Employee Remote Access

To exercise their powers, mobile employees need access from their user devices via the Internet to the shared resources of the organization. In order to reduce risks and ensure the confidentiality and integrity of the transmitted data, a C-Terra VPN client is installed directly on the user's device.

Connection to SMEV

S-Terra security gateways are included in the list of recommended cryptographic equipment for protecting the connection to SMEV, which is enshrined in the document posted on the SMEV technological portal (Regulation 3.41 Appendix 3 "Requirements for the data transmission network of information exchange participants"). To organize the connection of users in the federal data processing center SMEV - at the site of PJSC Rostelecom - crypto-locks of the company "S-Terra CSP" are installed.

Data Center Interaction Protection

Centralizing IT resources is necessary to create a full-scale, unified network infrastructure that is integrated with security and operational resilience. At the same time, the task of protecting high-speed communication channels between organizations and the data center (data center), as well as between the main and standby data centers, appears. Common misconceptions that optical communication channels do not require protection, as well as the lack of domestic cryptographic protection tools for 10GB/s speeds, are very easy to refute. Firstly, devices for removing information from optical channels have significantly decreased in price and can be freely purchased for $100-300, which significantly expands the capabilities of attackers. And it indicates that optical communication channels need to be protected in the same way as any other. Secondly, the performance of domestic S-Terra cryptoschips Gateway 10G encrypts up to 10GB/s of mixed traffic over the GOST28147-89.

Protection of interaction with foreign branches

Employees of state bodies with foreign representative offices and departments also need secure access to the resources of the central office and/or data center located in the Russian Federation. Most domestic means of cryptographic protection can be used only on the territory of the Russian Federation, special permission and many approvals are required for export abroad.

Clients

Among the users of S-Terra decisions are: banks, financial institutions, the Federation Council, the Ministry of Foreign Affairs, the Federal Tax Service, the Federal Property Management Agency, Rosobrnadzor, the Ministry of Transport, Rosavtodor (FDA), the Ministry of Education and Science, the Constitutional Court of the Russian Federation, the Ministry of Internal Affairs, the Ministry of Emergencies, the Federal Drug Control Service, the Russian Post, regional authorities (more than 25 subjects).

History

2021: Creation of a competence center for network security together with the Research Institute "Scale"

In St. Petersburg, a network security competence center is being created on the basis of a technological partnership between the Concern NII Scale JSC and S-Terra CSP LLC. This was announced on April 2, 2021 by the Avtomatika Concern. Read more here.

2017: ISO 9001:2015

The quality management system of S-Terra CSP is certified according to the requirements of GOST R ISO 9001-2015. MPC "Expertise" certifies that the quality management system of the company "S-Terra CSP" in relation to the design, development, manufacture, sale, maintenance, maintenance and distribution of software, software and hardware information protection tools, including encryption (cryptographic), as well as consulting activities for the design and maintenance of information protection systems meets the requirements of GOST R ISO 9001-2015 (ISO 9001:2015). The certificate was issued on the basis of the decision of the expert commission.

2016: S-Terra products are included in the list of cryptographic equipment for connecting to SMEV

logo in 2016

C-Terra products have been included since the beginning of 2016 in the list of cryptographic equipment allowed for use to connect to the e-government infrastructure. A document establishing new requirements for the data transmission network of information exchange participants has already been published on the SMEV technology portal .

The updated document defines the recommendations that Organizations/ICs connected to the secure data transmission network (SPDA) of Rostelecom used for SMEV organization should comply with. You can now select the appropriate equipment from the C Terra Gateway line to connect to the SPDA. The choice depends on the number of AWS/servers connected, the need for redundancy and the C-Terra solutions already available in the network infrastructure.

The inclusion of S-Terra products in this list took place following a pilot project to connect to SMEV using alternative cryptographic equipment, which was carried out by the Ministry of Communications of Russia and PJSC Rostelecom. The S-Terra equipment was successfully tested due to its high operational and technical characteristics, including reliability, economy, high performance, a flexible line of hardware platforms, etc., as well as the availability of the necessary certificates from the FSB of Russia and FSTEC of Russia.

In November 2015, the Ministry of Telecom and Mass Communications of Russia informed by an official message that participants in interdepartmental electronic interaction will be able to choose a convenient method of connection based on the equipment they have without additional costs. This became possible after the approval in December 2015 of new requirements for communication channels that are posted on the SMEV technology portal (Regulation 3.4 Appendix 3 Requirements for the data transmission network of information exchange participants).