Developers: | Code of Security |
Last Release Date: | July, 2013 |
Technology: | Firewall |
Quite often the organizations when choosing information security tools rely on accomplishment of statutory requirements, leaving on the second plan the interface of a product, convenience of operation, simplicity of management and other quality characteristics of the solution which are not connected with the protective functionality determined by regulating authorities. The provided information security tools meeting the requirements of the legislation often have the bulky interface, a complex system of management, high labor input of settings for obtaining the reports necessary for the administrator of cybersecurity, and require making changes in network topology. Besides, the companies which information system has client-server or multilink structure meet certain difficulties with a compliance with regulatory requirements in the field of personal data protection. Difficulties are connected with the fact that in these systems personal data are processed not only locally on computers, but also on database servers, in the client applications using network services in web applications, etc. Traditional information security tools from unauthorized access (NSD) are focused on protection of local resources and at data transmission on network do not provide their protection. Besides, according to requirements of the order of February 5, 2010 No. 58 of FSTEC of Russia within a management subsystem 'identification and authentication of the user at login of an information system' should be executed by access, difficulties concern as well accomplishment of qualifying standards to a subsystem of registration and accounting. Traditional do not provide to the information security facility from NSD registration of the events connected with receiving network access to personal data in client-server and multilink ISPDN.
Use of the certified TrustAccess firewall with function of authentication of network connections can become the solution of the listed problems. The information security facility TrustAccess represents the system of the distributed firewalls with centralized operation. The TrustAccess firewall has the FSTEC certificate of Russia on the ME 2 and NDV 4 level that allows to create protection for ISPDN to class K1 inclusive. In addition TrustAccess provides effective protection against the majority of the known network threats, such as Man in the Middle, substitution of the protected object, the replay-attack, IP спуффинг, interception of network packets, listening of network, substitution of network packets, failure in service. The solution also differs in a broad set of protection gears, among them there is an authentication of network connections, filtering of network connections, protection of network interaction, restriction of work on some network protocols and ICMP protection. It should be noted the fact that the authentication mechanism certifies not only subjects, but also access objects that allows to deaktualizirovat the threats based on simulation (substitution) of the protected objects. Unlike other information security tools which also have powerful protection gears, TrustAccess, having own authentication mechanisms and access isolation, does not require reconfiguration of network infrastructure, i.e. it is possible to use the existing network topology without making changes. For implementation of means there is no need to break a local network into segments, to install additional gateways and the software. Similarly TrustAccess does not require to make changes to logic of work of information systems and to change protocols of network component interaction of an information system. Thus, protection of TrustAccess is absolutely transparent for applications. Besides, TrustAccess has a number of distinctive features, one of which is access isolation of both authenticated users, and computers that profitable distinguishes this mechanism from the mechanisms of access isolation based on the level only of the network addresses and TCP/IP networks. The rules of access isolation operating with users and computers represent more perfect mechanism considering, for example, movement of users from one computer on another. Especially It should be noted the user interface automated workplace of the administrator allowing to manage without effort the system of protection with a large number of the protected objects. TrustAccess also allows to configure necessary reports of events of cybersecurity in the PDF and HTML format.
On August 30, 2010 the Code of Security company announced completion of certification of the product TrustAccess on the ME 2 and NDV 2 level in FSTEC. It will give the chance to use TrustAccess for protection of the automated systems (AS) to class 1B inclusive and for information system protection of personal data (ISPDN) to class K1 inclusive.
On September 27, 2010 it became known about of receiving by the product TrustAccess of confirmation of compatibility with virtual environments on platforms of VMware and permission to publish the corresponding logo on information media about a product. The certified TrustAccess firewall can be used with success to protection of both physical computers, and virtual machines. Being installed on the virtual machine, TrustAccess will protect as from network threats from external physical networks, and from threats from the next virtual machines in conditions when traffic does not leave the virtualization server. In addition, mechanisms of firewalling TrustAccess are not sensitive to the attacks of substitution of MAC-and the IP addresses.
TrustAccess is the distributed protection high-class firewall intended for protection of servers and workstations of a local network against unauthorized access, differentiation of network access to enterprise information systems.
The product will be delivered in two editorial offices — TrustAccess intended for the data protection of limited access which is not the state secret, and the strengthened TrustAccess-S intended for protection of the state secret. The received certificates confirm that an information security product:
TrustAccess — corresponds to the ME 2 and NDV 4 levels and can be used for confidential information protection in automated systems of a class of security up to 1G inclusive and personal data information systems to class K1 inclusive;
TrustAccess-S — corresponds to the ME 2 and NDV 2 levels and can be used for protection of the state secret in automated systems of a class of security up to 1B inclusive that allows to protect information with signature stamps "top secret", "confidentially".
Means of hardware support — personal identifiers of eToken or the iButton device can be applied to increase in efficiency of the procedure of authentication of users.
The means associating network connection on Named Pipes with the current user and allowing to cut the unwanted users addressing the specific server on an undesirable way of Named Pipes are provided in TrustAccess.
For gain of protection of network connections the mechanisms counteracting violation not only integrity but also confidentiality of transmitted data are implemented. Means using which passive capture of data with the subsequent their transfer for receiving unauthorized access (protection against the replay-attacks) is prevented are added.
The TrustAccess components function directly on the protected computers, and control functions are concentrated on a dedicated server of management. The software of all components functions on Windows OS.
In June, 2011 it was announced an exit of technical release of the new version of the TrustAccess firewall intended for protection of servers and workstations of a local network of the organization against unauthorized access.
In the new version of the TrustAccess firewall a number of the key functions directed to increase in level of security of key resources of the organization and efficiency of work with TrustAccess is implemented. In particular:
- filtering of appeals to shared folders under the SMB protocol (Server Message Block) is implemented that allows users of TrustAccess to differentiate network access to the set shared folders on the specific server and to prohibit unwanted users access to the critical information;
- for convenience of work with the TrustAccess configuration the automated workplace of the administrator is considerably improved: the navigation ergonomics between sections of an automated workplace of the administrator are raised, the informational content of the statuses of the protected server is increased, in uniform space all settings the protected servers and different types of rules of access for it are grouped, the version information of the set agent of TrustAccess and its status is added to the list of computer accounts, the convenience of work with license keys is increased.
The new version of TrustAccess is transferred to FSTEC of Russia for passing of inspection control.
On August 23, 2011 the Code of Security company announced passing by upgraded version of the product TrustAccess of inspection control in FSTEC of Russia. Inspection control in FSTEC of Russia there underwent two editions of the program TrustAccess firewall: the edition TrustAccess intended for confidential information protection and personal data, and the strengthened edition TrustAccess-S intended for protection of the state secret.
The undergone inspection control confirms the FSTEC certificates of Russia issued earlier certifying that:
- TrustAccess (certificate No. 2146) conforms to requirements for the 4th level of absence control of NDV and the 2nd class of security for firewalls;
- TrustAccess-S (certificate No. 2147) conforms to requirements for the 2nd level of absence control of NDV and the 2nd class of security for firewalls for protection of the state secret in automated systems to class 1B inclusive.
In upgraded version of the TrustAccess firewall a number of the functions directed to increase in level of security of key resources of the organization and efficiency of work with TrustAccess is implemented. In particular:
- filtering of appeals to shared folders under the SMB protocol (Server Message Block) is implemented that allows security administrators to differentiate access for users of TrustAccess to the set shared folders on the specific server and to prohibit unwanted users access to the critical information;
- the user interface for the administrator of a product is improved: the navigation ergonomics between sections are raised, the monitoring system is improved, the convenience of work with license keys is increased.
"Firewalls are traditionally used to protection of perimeters of local networks. In the conditions of development of wireless and cellular technologies of communication, the concept of the protected perimeter becomes indistinct. Need for creation of the means capable to resist to threats not only from the outside, but also from within network ripened. TrustAccess is established directly on the protected computers and allows to provide more flexible and effective protection of information resources of the enterprise" — the CEO of Code of Security company, Shirmanov Alexander said.
TrustAccess 1.3
In the new version of TrustAccess features for the centralized collecting and viewing events of information security and also creation of reports on these events are added.
When implementing the listed opportunities new program components were added to a solution architecture:
- "The server of event handling TrustAccess" – is intended for the collecting and event handling connected with information security from the protected network resources;
- "The server of reports TrustAccess" – is intended for creation of detailed reports on collected events.
Integration of TrustAccess 1.3 into the network version of the information security facility from NSD Secret Net 7 became a key innovation. When sharing these products the uniform input for users and automatic control of accounts in TrustAccess will be provided.
In the new version of the firewall possibilities of setup of rules of access are expanded. At differentiation of access rights to the protected computers the name of the executable file of process which creates or accepts network connections can be considered, the network adapter servicing connections that increases security level can be Also considered.
Besides, for more convenient and effective work with a large number of the protected objects the user interface automated workplace of the administrator of TrustAccess 1.3 was improved: the feature for setup of rules of access for group of the protected computers is added.
The new version of TrustAccess 1.3 is transferred to FSTEC of Russia for passing of inspection control. Obtaining the certificate it will be announced in addition.
TrustAccess with support of Windows 8 and Windows Server 2012
Upgraded version of the distributed TrustAccess firewall can function at the workstations and servers working running the Windows 8 and Windows Server 2012 operating systems. Full compatibility and correct work with modern operating systems of Windows is confirmed with the statuses received earlier from Microsoft company - Compatible with Windows 8 and Certified for Windows Server 2012.
Upgraded version of the TrustAccess firewall successfully underwent inspection control in FSTEC of Russia in confirmation to the certificates issued earlier which validity is extended till 2016:
- TrustAccess (certificate No. 2146) conforms to requirements for the 4th level of absence control of NDV and the 2nd class of security for firewalls;
- TrustAccess-S (certificate No. 2147) conforms to requirements for the 2nd level of absence control of NDV and the 2nd class of security for firewalls.