Ankey SIEM

Main article: Security Information and Event Management (SIEM)

2024

Integration with Protei-imSwitch5

Gazinformservice (GIS)"" and engineers PROTEUS TL"" conducted successful integration products: the Ankey SIEM Next Generation security event monitoring and management system and. Protei-imSwitch5 software package This was announced Gazinformservice (GIS) by "" on March 28, 2024.

The Ankey SIEM NG system is designed for comprehensive monitoring of information security events and detection of incidents in real time. It collects and processes them both in the company's infrastructure and in the perimeter of its individual divisions and nodes, ensuring the automation of cyber threat detection processes. The system adapts to almost any infrastructure and works for all levels of management: from an ordinary administrator to an enterprise manager.

The Protei-imSwitch5 software complex is a software switch that performs the functions of a reference-transit automatic telephone exchange, designed to build local communication nodes using packet switching technology and an expanded set of traditional DVO/VAS services of a new generation.

The integration work done will allow customers to minimize the time to deploy and implement the Ankey SIEM system when interacting with the IP imSwitch5 PBX. This will definitely be in demand by everyone who cares about their safety IT infrastructures , - said Nikolay Kulikov, technical director of PROTEI TL LLC.

Now users will have the opportunity to include the solution of the manufacturer NTC PROTEI LLC in the information security monitoring loop, collecting information from it and transferring it to the SIEM system - this will strengthen the security of the IT infrastructure in general, - commented Dmitry Shamaev, product manager of Ankey SIEM NG, Gazinformservice LLC.

Integration with "NP MCDS"

ATI Bastion"" and Gazinformservice"" within the framework of the monitoring partnership information security conducted integration products: access control systems for privileged users "NP SCDCP" and centralized management systems for security, events and information Ankey SIEM NG. This will enable businesses to level up cyber security and respond more effectively to incidents in real time. This was announced Gazinformservice by "" on February 19, 2024.

The "SCMCS NT" solution is used to provide secure remote access to information systems. The complex solves the tasks of monitoring the connections of internal and external specialists, providing IT departments and information security services of companies with information about user actions in the infrastructure.

The Ankey SIEM NG system is designed for comprehensive monitoring of information security events and detection of incidents in real time. It collects and processes them both in the company's infrastructure and in the perimeter of its individual divisions and nodes, ensuring the automation of cyber threat detection processes. The system adapts to almost any infrastructure and works for all levels of management: from an ordinary administrator to an enterprise manager.

The connection of a new source of events Ankey SIEM NG is relevant for large industrial, transport, financial companies, public sector organizations and authorities, KII enterprises using the SKDPU NT complex. Security specialists will have a wide picture of events in terms of remote access. They will be able to more quickly respond to detected threats, prevent cyber attacks or illegitimate actions by employees and counterparties, and conduct objective investigations.

The integration of solutions allows you to organize a single point of safe connection to the infrastructure with the recording of all actions of remote users, monitor and control information systems and notify security specialists about them in a timely manner. Helps strengthen the level of security of systems and increase the speed of response to emerging cyber threats. Also, due to the new crossfunctional, information security specialists will be able to conduct an operational analysis of the state of the entire structure, including remote connections, and reduce the cost of implementing and connecting a new source of information to the SIEM platform.

The possibility of remote connections and remote work is very common. We are talking about small installations and systems that control thousands and tens of thousands of target devices and users. Accordingly, the number of threats is growing, because this access format is not fully secure and secure. Logically, the number of information control systems analyze increases: they begin to require new resources to track processes and investigate emerging incidents. Thanks to the compatibility of SKDPU NT and Ankey SIEM NG products, the business will be able to use additional tools to understand the overall picture of what is happening in the infrastructure. And we, in turn, - to offer him comprehensive solutions and seriously save resources when implementing monitoring systems, optimize and simplify operational processes, - said Konstantin Rodin, Head of the Product Development Department of iT Bastion.

The integration of the SKDPU NT solution with Ankey SIEM NG made it possible to use a wider list of events to identify information security incidents, which is valuable in itself. However, it should be noted that such compatibility provides the possibility of using data the generated by the SCADA in SIEM for further analysis, including using technologies: artificial intelligence for example, using the Ankey ASAP product. This increases the synergy of different, one might even say, diverse, products to provide - cyber security and what was disparate parts becomes a single whole, - commented the Sergey Nikitin head of the product management group of Gazinformservice LLC.

2020: Obtaining a TP Certificate of Compliance 2013/027/BY

On March 17, 2020, Gazinformservice (GIS) announced that it had received a certificate of conformity certifying that "Ankey SIEM Security Event Monitoring and Management System" v.2.5. complies with the requirements of technical regulations TP 2013/027/BY.

The Certificate of Conformity was issued on 19 February 2020 based on the test protocol of 12.02.2020. No. 20/008-12 of the test laboratory of the scientific and production republican unitary enterprise "Scientific Research Institute of Technical Information Protection." He confirms that the Ankey SIEM v.2.5 security event monitoring and management system. operates in accordance with the requirements of technical regulation TP 2013/027/BY.

Certification of the product in the Republic of Belarus was carried out by a subsidiary of Gazinformservice LLC - BELTIM SB CJSC, which specializes in integrated security and information protection systems.

Also, among the products of Gazinformservice, the BELTIM SS line includes: a software package for controlling the configuration of network devices, firewalls, virtualization environments and operating systems "Efros Config Inspector," a software package "Litoria Desktop 2" for working with electronic legally significant and confidential documents, as well as a hardware and software complex trusted download "Blockhost-MDZ."

2017

Six connectors open up the possibilities of using Ankey SIEM

On December 13, 2017, Gazinformservice announced the release of the Ankey SIEM integration connector kit for a number of proprietary products. Six connectors open up the possibilities of using Ankey SIEM.

With their help, Ankey SIEM allows you to implement a centralized collection, processing and analysis of events from funds:

• intelligent monitoring of Efros Config Inspector IT infrastructure configurations
• Ankey IDM Account and Access Management
• creating a secure electronic workflowLitoria Desktop and Litoria DVCS
• protection of workstations and servers Blokhost-Network, Blokhost MDZ and Blockhost-AMDZ
• protecting SAP SafeERP systems
• sheme ankey

Ankey Scheme (2017)

The kit also includes a connector that allows you to broadcast suspicions of information security incidents from Ankey SIEM to the Information Security Management Process Automation System (SAPUIB) for their comprehensive analysis and investigation, taking into account the criticality of assets.

The mutual integration of Gazinformservice products and solutions provides a synergistic effect that allows our customers to increase the range of detected information security events and improve the quality of incident investigation, while reducing the amount of attention paid to this process.

The release of this set of connectors was another step towards the implementation of our FAS (Free Attention Security) strategy, which is to make it clear and easy to work to ensure a high level of information security of enterprises and free the attention of managers and specialists of information security departments to solve business problems.

Getting into the register of Russian software

On August 24, 2017, it became known that the "Russian" version of HP ArcSight was included in the register of Russian software, as a result of which the product could be purchased by government agencies. According to RBC, Hewlett-Packard Enterprise (HPE) told its clients and counterparties in Russia about this. The letter to the HPE, which was reviewed by the publication, gives a link to the  Ankey SIEM program, which was registered in the registry on July 23, 2017. Read more here.