CorpSoft24: Internet traffic blocking service from foreign networks

Main article: Firewall

2022: Launch of Internet traffic blocking service from foreign networks

As part of the development of the cloud direction, CorpSoft24 launched a service on April 21, 2022 that allows you to block incoming traffic coming from the IP addresses of individual countries that are the source of computer attacks.

The full use of Western hardware software and at the beginning of 2022 has become a real problem for state institutions and businesses. The introduction sanctions USA EU and and subsequent withdrawal from the market Russian of a number of foreign vendors threatened the use of their decisions.

Updating such devices and programs can lead to their failure and complete inoperability, the company notes.

To combat the threat, there are FSTEC recommendations. The agency proposes to suspend updates to software and hardware released by companies from these countries, as well as to disable the automatic update mode for them over the Internet. The presented service allows you to fulfill this task by blocking interaction with foreign networks, "explained Vitaly Soldatov, CorpSoft24 engineer.

The CorpSoft24 service is intended for clients with virtual machines without public Internet services, which include a site, a mail server, and DNS servers. Such a client has virtual machines in the cloud: a terminal server, a 1C database and CRM systems.

Thanks to the service, it will be possible to connect to client virtual machines only from the Russian segment of the Internet. At the same time, client information systems will not be able to send or download data to foreign servers. This will solve the problem of unwanted updates.

Russian networks are considered networks that are announced from autonomous systems registered with a Russian person.

According to Vitaly Soldatov, any client whose virtual machines in the cloud are behind the virtual router can connect the service, since all settings are made on it.

Routing information about all Russian networks is transmitted to the virtual router using the BGP protocol. The virtual router must have at least 1 GB of RAM to process routing information. Most often, the router in the cloud infrastructure works with 512MB of RAM. The client on the router remains the same public IP address, "he adds.

The client can also achieve a similar result on its own, if necessary, by creating a "white list" on the virtual router for user access.