Monitorium

Monitorium is the control system and monitoring of corporate network traffic developed by the company of Traffic and intended for prevention of leak and dissemination of confidential information via the Internet. A system in real time exercises control and blocking of the undesirable outbound traffic on the basis of rules of security policy of the company, whether it be business or corporate correspondence.

Main advantage of the Monitorium system is its possibility of installation as gateway that has no negative impact on operability of locally computer network of the organization. Reliability of the Monitorium system is confirmed with the FSTEC certificate.

Monitorium 1.7

Monitorium 1.7: DLP solution for small and medium-sized companies of the company of Traffic.

The solution is intended for protection of information resources of the company against unauthorized distribution. The solution in real time performs monitoring and/or blocking of the undesirable outbound traffic out of limits of corporate network on the basis of the created rules. Performs monitoring and data filtering, transferred out of limits of the company by e-mail, through a web or IM services.

Monitorium1.7  gives the chance to the companies to prevent the information leak made as on negligence and is deliberate (industrial espionage, distribution about the companies of information menacing to reputation and other discrediting actions). The product effectively stops any attempts of unauthorized actions from users of corporate network to transfer the protected information: personal data, technology information, information which is trade secret, credit card number and bank accounts, etc.

In the nearest future all companies, anyway, should use social networks – the modern situation does not leave other choice. Whether it is reasonable to block access to sotsresursa to the companies if it is enough to filter in the automatic mode outgoing messages regarding leaks of data, strategically important for the company, and in case of need – to block the messages containing the protected content. The company of Traffic, thanks to exact identification of data, suggests to protect confidential data from loading in any social networks, web mail, file hosting services, services of instant messages.

More and more wide use of social networks – a current trend of the successful companies. LJ (livejournal.com), Facebook and the Russian analogs are used for collecting of statistics, promotion of services, interactive communication with clients.

The set of social resources integrates millions of people worldwide, and their quantity constantly increases. Social Internet actively develops as the integral instrument of business. Work as clients is in real time brought to essentially new level. PR on social networks is used at the state level. HR-a for search of new employees not only, but also VKontakte, Odnoklassniki and Facebook in increasing frequency uses resources of professionals (LinkedIn and "my Circle"). The most advanced in the IT company learned to use content created by users of social networks.

As it usually happens, the medal has a reverse side. Uncontrollable access to social networks leads to a number of problems from almost harmless "inappropriate use of corporate resources for personal reasons" before leak of confidential information. Without having learned to profit effectively by social networks, many companies just block access to VKontakte, Odnoklassniki, etc. Losses from leak of confidential information are estimated significantly above, than profit on use of social networks.

DLP the Monitorium system of the company of Traffic allows to solve assigned tasks. Monitorium automatically filters all outgoing messages regarding confidential information and, in case of need, blocks data transmission. A system analyzes not only messages on social networks, but also mail (including mail.ru, rambler, yandex, etc.), ICQ, Mail.Ru the Agent, file hosting services, and many other widespread communication channels. Combination of different technologies of data validation (key phrases, regular expressions, verification of the text on compliance to the set subject, "digital fingerprints") allows to protect information critical for business of the company.

History

In May, 2011 it was announced conclusion of an agreement about release of the joint solution with a hardware-software complex "Langraf With", developed by Norsi Trance company. The joint solution allows to expand functionality of Monitorium, increasing efficiency of counteraction to internal threats of information security due to information analysis at data exchange with external devices. On the basis of statutory rules Monitorium takes for the analysis contents from the files copied on external devices or sent to printing from jobs of users of corporate network. Is maintained the extensive list of controlled devices among which:

• drives of data of the USB Flash format;
• the hard drives connected through the USB interface or Firewire:
• the floppy or magneto-optical disks which are built in a system or connected through the USB interface or SCSI;
• recording devices on the optical mediums CD/DVD. both built in a system, and connected through the USB interface, SCSI or Firewire;
• the local list devices connected through the USB interface or LPT;
• the network devices of printing using the RAW or LPR protocol.

The release of this solution allows to control most channels of information leaks of a corporate local network of the enterprise of any scale.

12/28/2011 FSTEC certificate No. 2536 that the software package Monitorium functioning in the environment of Debian GNU operating system/Linux 6.0.0 (the version of a core 2.6.32), is an information security product from unauthorized transfer (output) of information of limited access which is not containing the data which are the state secret from the protected segment of an information system on the basis of the analysis of semantic contents of information is received.

The certificate certifies that the Monitorium PC conforms to requirements of the regulating document "Protection against unauthorized access to information. Part 1. Information security software. Classification by the level of absence control of not declared opportunities" (State Technical Commission of Russia, 1999) on the 4th level of control and specifications.

The certificate was issued on the basis of results of the certification tests which are carried out by testing laboratory Federal State Unitary Enterprise Enterprise for Deliveries of Products of the Presidential Property Management Department of the Russian Federation. Marking control by marks of conformity of the certified products is exercised by testing laboratory Federal State Unitary Enterprise Enterprise for Deliveries of Products of the Presidential Property Management Department of the Russian Federation.

The undergone certification was result of work of specialists of Federal State Unitary Enterprise Enterprise for Deliveries of Products of the Presidential Property Management Department of the Russian Federation and Data protection IT-5 department of Moscow State University of Instrument making and information science.

Monitorium 1.8

The new functionality allowing to perform monitoring and blocking of the Skype protocol is added to Monitorium 1.8.