CyberLympha DATAPK (CL DATAPK)

Main article: Security Information and Event Management (SIEM)

2023

Compatibility with NP Access Gateway MCDS

The companies LLC CyberLymph"" (part of the UDV Group) and LLC ATI Bastion"" have completed the compatibility check integration and their products. The compatibility and correctness of the integrated security platform "CyberLympha DATAPK" developed by CyberLimfa LLC and the platform for monitoring and tracking the actions of privileged users "developed by iT NP MCDS Access gateway Bastion LLC have been confirmed. UDV Group announced this on June 13, 2023.

Product integration allows you to register connections using the following protocols: RDP, VNC, SSH, TELNET, RLOGIN. Information security events related to attempts of unresolved connection to a remote host via "Access Gateway NP SCMCS" and directly are also recorded.

The functionality implemented in CyberLympha DATAPK allows you to send correlated events to SKDPU NT Monitoring and Analytics using the Syslog protocol. In addition, as a development of product integration, a prototype of session blocking functionality was developed when connected through the "Access Gateway Access Gateway" via the "CyberLympha DATAPK" software system, which potentially pose a danger to the infrastructure.

We strive for the flexibility of our system and for it to allow us to implement an increasing range of scenarios, especially in complex and large industrial facilities. Integration with SyberLimfa solutions allows us to expand the functionality of our products and offer large businesses, including KII facilities, more flexible and mature complex solutions, "said Sergey Bochkarev, General Director of ATI Bastion LLC.

The integration of products allows our customers to comprehensively approach both the control of employee access and the monitoring of the information security status of the APCS as a whole. This solution provides more complete coverage of various scenarios for the use of products and allows you to quickly respond to illegitimate impacts - said Alexey Shanin, Director of SayberLimfa LLC, UDV Group.

Compatibility with Alt Server 10 and Alt Workstation 10

BaseALT has confirmed compatibility with the Alt Server 10 and Alt Workstation 10 operating systems with the integrated cyber security platform of industrial networks CyberLympha DATAPK, developed by CyberLimfa, part of the UDV Group, which announced this on June 7, 2023. The test results are recorded in a two-sided certificate confirming the correctness of CyberLympha DATAPK and Alt OS on the x86_64 platform.

The number of products compatible with the Alt family OS is growing rapidly. Thanks to this, the recognition of our solutions and the demand for them are increasing, - said Roman Myskin, commercial director of BASEALT. - We make the main bet on the development and release of reliable software, cooperation with Russian vendors, the development of a partner channel, and the implementation of best-in-class operating systems among customers.

The processes import substitution that have noticeably intensified recently time affect, among other things, IT infrastructures in the industrial segments with. APCS To ensure their cybersecurity, our CyberLympha DATAPK solution will be used, - said the Sergey Ovchinnikov head of the product department of UDV marketing Group. - Operating systems of the Alt family are one of the priority operating environments for our products. We aim to further develop technological cooperation with BASEALT.

2022

Release of CL Datapk Lite solution for prompt and accurate detection of information security incidents

CyberLymph, part of the UDV group, presented the CL DATAPK Lite solution to the market on December 14, 2022, designed to quickly and accurately detect information security incidents and continuously monitor the security of industrial automation systems.

CL DATAPK Lite is a lightweight version securities APCS of the CL DATAPK state analysis and monitoring suite.

The main differences of this solution are the high speed of deployment protection due to a significant reduction in the amount of necessary settings for the components of the protected system, the rapid receipt of monitoring results INFORMATION SECURITY and the implementation of basic protection measures for objects. critical infrastructure

CL DATAPK Lite provides monitoring of the protected system and detection information of security incidents only by analyzing a copy of network traffic. The solution forms a model of the TT safe state ASU and continuously monitors the deviation from it. Based on the built-in examination packages and event correlation mechanisms, the solution detects information security incidents, including using retrospective analysis, and allows you to implement the process of responding to them.

{{quote 'author = noted Alexey Shanin, director of the company SayberLimf.|The task of monitoring the safety of industrial automation systems is difficult both technically and organizationally. As technical barriers to 100% visibility of the protected system are removed, the security monitoring solution becomes much more complicated, both in terms of implementation and in terms of operation.

CL DATAPK Lite is an easy to achieve monitoring goals and fast results that can significantly increase the level of security with minimal protection costs. Already at the stage of free pilot implementation, CL DATAPK Lite provides a report on the security status of the customer's industrial network, as well as allows you to optimize costs and quickly implement the requirements of regulators. And then it is possible to gradually implement the transition to the comprehensive protection of industrial automation systems based on the full-featured CL DATAPK product,}}

Compatibility with APCS of Rius CC and ACS of Kvant GPU

CSSB On August 24, 2022, the company announced that, together with LLC "," Vega-GAZ it had completed compatibility tests and the correctness of the software and hardware complex APCS OF RIUS CC ACS GPU "KVANT" information protection and CyberLympha DATAPK and ITM tools. DATAPK More. here

2021

Compatibility with ATB-Atom-1 and ATB-Atom-2

The company CyberLymph together with the company ATB Electronics on April 7, 2022 announced the successful completion of testing confirming the compatibility of the mini computers ATB-Atom-1 and ATB-ATOM-2 and the software complex for operational monitoring and control of the security status of CyberLympha DATAPK automation systems (CL DATAPK). Compatibility tests were carried out in October 2021 at the CyberLymph cybersecurity laboratory.

During the testing, a hypothesis was tested about the use of ATB-ATOM-1 and ATB-ATOM-2 platforms as a lightweight traffic analysis sensor. Based on the results of testing, it was found that the hardware platform can be used as a lightweight sensor for in-depth network traffic analysis (DPI), detection of network intrusions, as well as the performance of inventory functions and security control functions CL DATAPK.

The use of CL DATAPK in conjunction with ATB-ATOM-1 and ATB-ATOM-2 mini-computers will enable our customers to increase the level of mobility of automated control systems in the field and provide additional protection APCS against external influences. We are pleased with our partnership with ATB-Electronics and are planning further fruitful cooperation integration in terms of CL DATAPK the Russian computers and mini on domestic ones, "said processors Baikal Pavel Bogdanov, director of the cybersecurity laboratory at SayberLimfa.

At the end of 2021, our computers ATB-ATOM-1 and ATB-ATOM-2 were entered into the Unified Register of Russian Electronic Products of the Ministry of Industry and Trade of the Russian Federation, thereby confirming their Russian origin. The ATB-ATOM and CyberLympha DATAPK mini-computer will allow consumers to make a completely Russian software and hardware complex (PAC) that meets all the requirements of Russian legislation, - said Roman Dementiev, executive director of ATB Electronics.

AMT InfoDiode Compatibility

On May 13, 2021, CyberLymph, together with AMT GROUP, announces the completion of tests confirming the compatibility of the AMT InfoDiode unidirectional data transfer hardware complex and the CyberLympha DATAPK (CL DATAPK) online monitoring and security monitoring software. Compatibility tests were conducted in April 2021 at the CyberLymph Research Center. Read more here.

Compatibility with APCS CAS "Schneider Electric"

The company CyberLymph , together with the company "Schneider Electric " March 18, 2021, announced the completion of tests confirming the compatibility of the software and hardware complex (CAS) Schneider Electric automated process control system (APCS) and the software complex (PC) for operational monitoring and control of the security status APCS of CyberLympha DATAPK (CL DATAPK). Compatibility tests were carried out on January 18-21, 2021 at the Schneider Electric Innovation Center in. Innopolis

The purpose of the tests is practical verification of the implementation of the APCS complex in a protected version, which includes all the necessary means and subsystems that ensure constant monitoring of the complex from the point of view of information security (IS). One of the main criteria for the success of tests is the lack of influence of subsystems providing information security functions on the operation of the main complex and, as a result, on the controlled technological process.

The test program included checking the operation of CL DATAPK in two main operating modes: passive, implying only unidirectional transmission of a copy of network traffic; and active, in which it is possible to directly interact the information security subsystem with other APCS CAS components.

According to the results of the tests, CL DATAPK, operating in passive mode, revealed the topology of the system, recognized the flows of data exchange between components and detected a test attack. When running in active mode, configurations and event logs of all components included in the system were collected. Subsequent correlation of the source data with built-in means made it possible to identify another test attack.

During the tests, there was no negative impact of CL DATAPK PC on the functioning of APCS CAS "Schneider Electric," which allowed companies to confirm the readiness for joint industrial operation of the tested solutions.

The use of CL DATAPK PC as part of Schneider Electric solutions significantly reduces the likelihood of implementing information security threats in APCS arising as a result of the influence of intruders or human factors, and also gives system operators the opportunity to simplify and automate the implementation of information security measures in accordance with Orders of the FSTEC of Russia No. 31 and No. 239.

Compatibility of CL DATAPK PC with APCS CAS "Schneider Electric" makes it possible to implement an integrated approach to APCS information security and significantly increase the level of APCS security status. From the point of view of the end customers and solution operators, this certainly means a radical reduction in risks and possible costs associated not only with information security incidents, but also with issues of compliance of the operated systems with the requirements of the regulator, - comments Alexey Shanin, director of CyberLimfa.