AstroSoft of MatchLogon

In October, 2010 the AstroSoft company received the certificate of the Federal Service for Technical and Export Control (FSTEC) on compliance of the solution AstroSoft MatchLogon to requirements of the current legislation of the Russian Federation in the field of data protection and personal data. For the first time in Russia the certificate of conformity to requirements of data protection was received by the software product for access security, but not a hardware and software system.

The received Certificate of conformity No. 2173 certifies that AstroSoft MatchLogon is the software tool of protection against unauthorized access to information and conforms to requirements of the relevant legislation of the Russian Federation, in particular – the Federal law of the Russian Federation N 152-FZ "About personal data". Certification of the separate software product expands possibilities of application of AstroSoft MatchLogon. Earlier only hardware and software systems were certified that created a number of restrictions at implementation of security systems and access control: for compliance to requirements to the certified information security systems the customer had to buy not only software, but also the equipment specified in the certificate. Such approach limited possibilities of the companies when choosing an optimal configuration of the equipment and the software for data protection, created additional difficulties at software integration and the equipment in the operating IT infrastructure of the customer and raised project risks, implementation cost and ownerships of an information security system.

MatchLogon certification as software product, irrespective of the used equipment, became possible thanks to unique characteristics of the software created by specialists of AstroSoft. "The compatibility with any technology and hardware platforms, support of all modern methods of identification and easy integration with other systems used at the enterprise of the customer are the main competitive advantages of MatchLogon and are confirmed with successful implementations in the large companies of the oil and energy sector", - Oleg Kolpak, the head MatchLogon of AstroSoft company noted. It is possible to give the project in JSC Surgutneftegas as a result of which 8 thousand employees of the company passed from the standard circuit of the authentication based on input of a name of an account and the password to authentication on a fingerprint as an example of implementation of AstroSoft MatchLogon.

The solution allows to perform authentication of users in the domain Microsoft Active Directory and to refuse use of the password at access to network, portals and applications. In addition to a traditional method of authentication using the password, AstroSoft MatchLogon allows to use more than 20 modern methods of authentication – biometric, RFID, USB keys, one-time passwords, etc. Support of biometrics devices the solution AstroSoft MatchLogon is based on BioAPI use - the first international ISO/IEC of the standard in the development areas and uses of biometric technologies and systems. Application of the BioAPI standard allowed to avoid orientation to any certain producer and to use any biometrics devices which are almost existing in the market. Moreover, in terms of a solution architecture, there is no basic difference between biometrics and not biometrics devices of authentication: for authentication electronic keys, smart card, proximity-cards, tokens and other hardware can be used.

Solution infrastructure AstroSoft is completely based on standard mechanisms of trust and authentication of the Active Directory which are implemented by the domain controller and Kerberos key distribution center. Such approach provides user authentication on any of the available servers, i.e. the distributed authentication, and guarantees integrity and security of data by their transfer against the client to the server or between servers.

Support of a product is complete in 2011.