Rubicon Software and Hardware Impact Counteraction System

Rubikon Complex, 2018

Rubikon is a Russian complex for countering software and hardware impacts (surfactants). The Rubikon network information protection system is a hardware and software complex that includes a firewall and an intrusion detection system (IDS).

Composition of the line

As of August 2018, the entire line of certified software and hardware systems "Rubikon" consists of the following products and complexes:

• Rubicon: protection of information constituting a state secret.
  • Certificates: Ministry of Defense of Russia (NDV-2, RDV, IT.ME.A2.P3, IT.ME.B2.P3, IT.SOV.S2.P3).

• Rubikon-A: protection of information constituting a state secret.
  • Certificates: FSTEC Russia (IT.ME.A2.PZ, IT.SOV.S2.PZ).

• Rubikon-K: protection of confidential information (ISDS, GIS, CII, ISOP).
  • Certificates: FSTEC of Russia (IT.ME.A4.PZ, IT.ME.B4.PZ, IT.SOV.S4.PZ).

Among the features of PAC Rubikon (data for August 2018):

• High performance and reliability
• a wide range of versions: Mini, 1U, high-performance, multi-port; protected variant (including including marine version according to transport safety requirements: group 2.1.1 as per GOST RV 20.39.304-98), etc.;
• implementation of ME, RMS and router functions in one device;
• The ability to build a unidirectional gateway (two devices and special expansion modules are used)
• support for filtering network traffic by mandate tags of domestic protected operating systems, including Astra Linux Special Edition, etc.

2023: Delivery capability as part of the Ampire platform

Promising Monitoring (InfoTeCS Group of Companies) and Echelon Group of Companies have reached an agreement on a technological partnership, under which the Echelon line of information protection tools can now be delivered to customers as part of the Ampire platform. InfoTeCS Group of Companies announced this on July 13, 2023. As of July 2023, three Echelon development products are built into the Ampire platform: the KOMRAD Enterprise SIEM centralized information security event management system, the Scanner-VS comprehensive security analysis system, the Rubikon firewall and intrusion detection system. Read more here.

2018

Certification "Rubikon" in the system of the Ministry of Defense of Russia

On August 9, 2018, the company Echelon"" announced the certification of the software and hardware complex "Rubikon" in the system of certification of protective equipment information Ministry of Defence Russia according to requirements. information security

According to the company, the software and hardware complex for countering software and hardware impacts (KP SAW) "Rubikon" with support for virtual networks meets the requirements of the order of the Minister of Defense of the Russian Federation, including:

• Level 2 monitoring of the absence of undeclared capabilities in accordance with the guiding document "Protection against unauthorized access to information. Part 1. Information security software. Classification by the level of control over the absence of undeclared opportunities "(State Technical Commission of Russia, 1999);
• compliance with the real and declared functionality in the documentation;
• compliance with the requirements of the documents "Requirements for firewalls" (FSTEC Russia, 2016), "Protection profile of firewall type" A "of the second protection class" IT.ME.A2.P3 (FSTEC of Russia, 2016), "Firewall Type B Security Profile of the Second Protection Class IT.ME.B2.P3" (FSTEC of Russia, 2016), "Requirements for intrusion detection systems" (FSTEC of Russia, 2011) and "Protection Profile intrusion detection systems of the Second Protection Class Network" IT.SOV.S2.P3 (FSTEC of Russia, 2012).

The Rubikon software and hardware complex can be used at the facilities of the Armed Forces of the Russian Federation to protect automated systems for special and military purposes, which process information containing information constituting a state secret that has a degree of secrecy up to and including "top secret."

Renewal of the FSTEC certificate for Rubikon-K

On August 2, 2018, NPO Echelon"" announced the extension of the validity of the certificate FSTEC Russia for the software and hardware complex firewall and the detection of attacks "Rubikon-K." The Rubikon-K complex is successfully used to protect state information systems and information systems in which confidential information, including personal information, is processed. data

Rubicon-to

The Russian FSTEC Certificate No. 3290 has been extended until December 4, 2020 and confirms the compliance of the Rubikon-K complex with the following requirements of the Russian FSTEC:

• "Requirements for firewalls" (FSTEC of Russia, 2016) - according to the 4th protection class, "Protection profile of firewalls of type A of the fourth protection class IT.ME.A4.PZ," "Protection profile of firewalls of type B of the fourth protection class IT.ME.B4.PZ."
• "Requirements for intrusion detection systems" (FSTEC of Russia, 2011) - according to class 4 of protection and "Protection profile of intrusion detection systems of the fourth class network level of protection IT.SOV.S4.PZ."

The Rubikon-K hardware and software complex is available in several versions: Mini, 1U, High-Performance, Multiport and Protected.

Rubikon-K Mini is an affordable firewall and network intrusion detection complex that protects GIS and ISDS. Its price for the final customer is 90,000 rubles.

2017

Functionality expanded in Rubikon-A

On July 19, 2017, NPO Echelon announced the expansion of the functionality of the firewall firmware and intrusion detection platforms Rubikon-A.

Two functions appeared in the Rubikon-A complex:

• the ability to use streaming. antivirus PAC Rubikon-A can now be used with an antivirus server. Kaspersky This will increase the overall security of the user network by adding the ability to filter malicious; content
• an FTP proxy function that allows you to filter control commands when communicating.

Rubikon-A line expanded

On June 26, 2017, AONGO Echelon announced the expansion of the line of platforms for the Rubikon-A firewall and intrusion detection complex. The technology is designed to protect automated systems where information containing state secrets is processed.

Rubikon-A is certified by the FSTEC of Russia (certificate of the FSTEC of Russia No. 2574) according to the requirements of type "A" of the second protection class.

Previously, one model was available to consumers in the 2U form factor, now added:

• micro;
• mini;
• 1U;
• high-performance;
• multiport.

A set of supported platforms allows consumers to choose the optimal solution for performance and cost. The user interface has been modified.

2016

According to 2016 data, the Rubikon agro-industrial complex could be used in GIS, ISDSn, APCS systems up to and including class 1 and to protect information containing information constituting a state secret.

Distinctive features of the complex:

• high ME performance: up to 4.2 GBit/s;
• High CPS performance: up to 2.8 GBit/s
• support for filtering packages with mandate tags of domestic protected operating systems, including Astra Linux Special Edition.

Rubikon received FSTEC certificate

On December 10, 2016, Echelon Group announced the certification of the Rubikon agro-industrial complex according to the new requirements of the FSTEC of Russia.

The Russian FSTEC Certificate No. 2574 confirms the compliance of the Rubikon complex with the requirements of the Russian FSTEC:

• "Requirements for firewalls" (FSTEC of Russia, 2016) and "Profile of protection of a firewall of type" A "of the second protection class" IT.ME.A2.PZ;
• "Requirements for Intrusion Detection Systems" (FSTEC of Russia, 2011) and "Security Profile of Intrusion Detection Systems of the Second Protection Class Network Layer" IT.SOV.S2.PZ.

The obtained certificate of conformity allows the use of the Rubikon complex in information systems that process confidential information and contain information constituting a state secret. As of December 2016, the Rubikon firewall and intrusion detection complex is the only firewall certified according to the requirements of the 2nd class of protection.

APK "Rubikon" is included in the unified register of Russian programs for electronic computers and databases (register of Russian software).

The Rubikon complex is certified by the Russian Ministry of Defense in terms of SOV-2

The hardware and software complex of firewalls and intrusion detection "Rubikon" was certified in early 2016 Ministry of Defense of Russia in terms of SOV-2. The obtained certificate confirms that the Rubikon software product "Software and Hardware Impact Countermeasures Complex (EP SAS)" meets NPESh.05002-01 requirements of the documents "Requirements for Intrusion Detection Systems" (, FSTEC Russia 2011) and "Protection Profile of Network Level Intrusion Detection Systems of the Second Class of Protection" IT.SOV.S2.P3 (FSTEC of Russia, 2012).

Also, the Rubikon complex meets the requirements of the order of the Minister of Defense of the Russian Federation:

• according to the 2nd class of information protection against unauthorized access according to the guiding document "Computer equipment. Firewalls. Protection against unauthorized access to information. Indicators of protection against unauthorized access to information "(State Technical Commission of Russia, 1999);
• Level 2 monitoring of the absence of undeclared capabilities in accordance with the guiding document "Protection against unauthorized access to information. Part 1. Information security software. Classification by the level of control over the absence of undeclared opportunities "(State Technical Commission of Russia, 1999);
• compliance with the real and declared functionality in the documentation.

The Rubikon hardware and software complex is used to protect information of any category up to and including the Top Secret label in automated military systems.

In addition to firewall and intrusion detection, Rubicon acts as a router, a unidirectional gateway.

2012

The Rubikon complex is certified in the 2nd class of protection in the FSTEC of Russia and the Ministry of Defense of Russia

The Rubikon software and hardware complex developed by Echelon has been certified by the FSTEC of Russia. The complex combines a firewall and intrusion detection system. "Rubicon" can be used in personal data information systems (ISDS) of the 1st class, as well as in information systems in which information is processed up to the "Top Secret" label.

The Rubikon complex can be used as a one-way gateway for organizing one-way information transmission to segments of local computer networks in which information constituting a state secret is processed.

The issued FSTEC of Russia certificate of conformity No. 2574 confirms that the Rubikon complex meets the 2nd level of control over the absence of undeclared capabilities and the 2nd class of security of the Gostekhcomission RD, as well as technical conditions. Recall that Rubikon has previously successfully passed certification Ministry of Defence Russia in accordance with the most stringent requirements for the means of protecting state secrets.

Rubikon is the first intrusion detection system (SOV) to be certified by the FSTEC of Russia. The SOV functionality implemented in the product allows you to quickly detect various attacks:

• · to web services;
• · Service protocol · (including SMTP, POP, SNMP, TELNET, FTP)
• · to known databases;
• · Denial of service (DOS and DDOS) class ·
• · and others.

The system allows you to identify computer attacks based on the analysis of network traffic up to the application layer and signal the attack to the administrator.

2011: Certification according to the requirements of the order of the Minister of Defense of the Russian Federation

In April 2011, SMT Rubikon passed certification for compliance with the requirements of the order of the Minister of Defense of the Russian Federation, during which it was confirmed that the product meets the 2nd class of information protection from unauthorized access in accordance with the guidance document "Computer equipment. Firewalls. Protection against unauthorized access to information. Indicators of Protection against Unauthorized Access to Information "(State Technical Commission of Russia, 1997) and level 2 of control over the absence of undeclared capabilities (NDV), according to the guidance document" Protection against unauthorized access to information. Part 1. Information security software. Classification by the level of control over the absence of undeclared opportunities "(State Technical Commission of Russia, 1999).

In addition to having a certificate of this level, Rubikon ME distinguishes not only the built-in intrusion detection system (IDS) from similar security systems, but also the lack of the need to use a certified operating system.

The Rubikon software and hardware allows you to protect a medium-sized network in which data constituting a state secret is processed, with a stamp up to Top Secret. The hardware of the complex is implemented on a mini-ITX platform, has 4 network interfaces, an Intel Atom 330 processor is used.