IT Expertise: Sakura Information Security Complex

The main articles are:

• Security Information and Event Management (SIEM)
• DLP - Data Loss/Leak Prevention

The SAKURA software package is designed to monitor the security status of workplaces based on policies, detect and respond to security threats, and control access to corporate resources.

2024

Compatibility with Red OS M

The companies IT Examination"" and Red Soft"" tested the compatibility mobile application of "SAKURA" with mobile. operating system Red OS M This was announced Red Soft by "" on December 24, 2024. More. here

Integration with ZTN-Client Continent

Security Code"" and IT Examination"" implemented integration "" and the Continent ZTN Client software complex "SAKURA." The technology stack will allow customers to securely connect from remote personal. computers About this "IT-Expertise" reported on November 13, 2024.

The organization of remote access to corporate networks remains one of the most vulnerable places in the security system of any organization, since employees often use weakly protected personal devices, which poses a threat to critical data. Integration of the ZTN Client Continent and the SAKURA PC solves this problem by checking users' computers for compliance with security requirements.

When establishing a connection between a user's workplace and a secure IT infrastructure, the agent of the SAKURA PC contacts the server of the software complex and checks whether the employee's device meets the necessary criteria. And if it does not correspond, it prevents access.

For example, if the user does not have antivirus, then the connection to the access server of the "Continent 3" or NGFW "Continent 4" APCS on the path to protected resources is interrupted. If the test is successful, then a connection is established with the access server, and the employee receives permission to access protected resources.

After that, the compliance check is carried out at the specified frequency. Thus, if an employee violates security policies after a successful connection to the internal network, such a connection will also be disconnected.

Support for the SAKURA PC will appear in the updated version of the ZTN Client Continent.

The use of the software complex "SAKURA" and "Continent ZTN-client" in combination with "Continent 3" or "Continent 4" allows you to provide a secure connection from remote devices of employees according to the concept of Zero Trust Network Access (ZTNA). Such an architecture radically reduces the number of information security incidents related to the compromise of remote users, "said Dmitry Lebedev, a leading expert in the Security Code product promotion department.

Challenges that arise regularly in the world of information security force us to strengthen control over the work of employees who have access to critical information. Especially in remote mode, when the risks of compromise are maximum. The joint use of the products "SAKURA" and "Continent ZTN-client" allows you to remove distrust of the user workstation and minimize "the dangers of remote," said Anastasia Kulagina, Commercial Director of the product "SAKURA," IT Expertise.

Compatibility with Alt Workstation 10, Alt Server 10 and Alt SP 10

IT Expertise and BASEALT have successfully tested the compatibility of the SAKURA information security software complex with the Alt Workstation 10, Alt Server 10 and Alt SP 10 operating systems on the x86 _ 64 platform. About this "IT-Expertise" reported on September 20, 2024.

𝓲

Фото: IT Expertise

The results of the tests carried out by the specialists of the IT-Expertise company are recorded in a bilateral protocol. Based on the results of compatibility testing of Alt OS and SAKURA PC, the corresponding certificates were issued. 

The testing confirmed a high degree of compatibility and stability of our products, which guarantees the clients of both companies confidence in the reliability and effectiveness of the proposed solutions - said Maxim Efremov, Deputy General Director for Information Security at IT Expertise.

Compatibility with Tantor DBMS

On July 17, 2024, IT-EXPERTISE and Tantor Labs announced the expansion of their cooperation. As part of this partnership, technical specialists from both companies completed comprehensive testing of the Tantor DBMS and the SAKURA software complex.

The study confirmed the high degree of compatibility and stability of the products, which opens up new opportunities for their integration into various projects and systems. The test results guarantee the customers of both companies confidence in the reliability and effectiveness of the offered solutions.

The compatibility database management systems of Tantor and the SAKURA software package ensures uninterrupted exchange data between different systems, which simplifies the analysis and reporting processes, and improves performance by optimizing data management and reducing request processing time.

The results of the past tests indicate the compatibility of our flagship, the Tantor DBMS, with the Sakura PC, which guarantees stability of work and reduces the cost of supporting and developing IT infrastructure by reducing the need for additional integration solutions, "said Vadim Yatsenko, General Director of Tantor Labs.

Thanks to the technological cooperation with Astra Group, both of our products help users build convenient and efficient landscapes without additional losses and unnecessary costs. I am sure that the compatibility of the SAKURA PC and the Tantor DBMS will only benefit the domestic market, will allow us to launch new projects and increase the competitiveness of our customers, - said Maxim Efremov (Deputy General Director for Information Security at IT Expertise.

Sakura 2.33.5 with macOS support

An updated version information security of the SAKURA software package, number 2.33.5, has been released. The work of the SACURA Agent on OS families has been optimized, the macOS work of reports has been improved, support for OpenVPN Connect has been added, and other functionality has been implemented. This was IT Expertise announced on May 29, 2024.

𝓲

Фото: IT Expertise

What was added in the version:

• Revised integration with OpenVPN and added the ability to use the OpenVPN Connect client for stable integration with the SACURA PC
• A general view of the SACURA Agent has been implemented for all supported operating systems (Windows, Linux, macOS) in order to promptly inform users about the protection status of their workplace
• The SACURA Agent has been optimized on macOS operating systems, which significantly increased the speed and reliability of the Agent's operation on these operating systems.
• Increased ease of use of the program - improved reporting, added additional filtering capabilities and optimized work with Active Directory.

Red OS Compatibility 8

Users of the domestic operating system Red OS 8 from Red Software can strengthen the protection of the organization's workplaces using the solutions of the IT Expertise company, which announced this on May 27, 2024. Compatibility tests have confirmed that the SACURA software package is compatible with RED OS 8 and stably monitors the state of remote workplaces on RED OS 8 and instantly responds to inconsistencies with information security policies .

The SACURA software package is designed to monitor the security status of workplaces based on policies, detect and respond to security threats, and control access to corporate resources. "SAKURA" is a software package that immediately eliminates possible threats, provides up-to-date information on the state of infrastructure security, offers a unified security policy that applies, among other things, to users of remote workplaces, and also expands the tools for the information security department with new effective monitoring and configuration tools.

RED OS is a Russian import-independent general-purpose operating system of the Linux family for servers and workstations. The product is certified by FSTEC of Russia and is included in the Register of Russian Software of the Ministry of Digital Engineering of Russia. In February 2024, a major system update was released: RED OS 8 offered users additional functionality, an updated design, the ability to choose a user desktop environment and the Linux LTS-version 6.6 kernel, which provides compatibility with modern generations of processors, video accelerators and peripheral equipment.

Organizations that switch to the domestic solution stack and are interested in improving information security of both devices within the company's circuit and outside of it can evaluate the effectiveness of the joint work of RED OS and ISS SAKURA PC.

Compatible with Astra Linux 1.7.0 and 1.7.5

The compatibility tests of OCAstra Linux 1.7.0 and 1.7.5 and the SACURA software complex for managing access to corporate resources and monitoring the security of workplaces have been completed. The use of the software stack allows you to ensure that the IT infrastructure meets the strictest information security requirements and standards, as well as build the most reliable data protection. IT Expertise announced this on April 10, 2024.

Experts conducted a series of tests, the results of which demonstrated that the solutions work correctly in conjunction, and they can be used without restrictions. Upon completion of all inspections of the software, SAKURA received a certificate as part of the Ready for Astra IT manufacturers' technological cooperation program.

The use of SACURA software together with Astra Linux allows you to ensure the maximum level of data protection, bring the IT infrastructure in accordance with current information security standards and fulfill the strictest security requirements.

Our product is a solution that combines the advantages of IRP and NAC class protections. This makes it possible to ensure reliable and timely control of the required level of information security at the workplaces of personnel and servers. Obtaining a certificate under the Ready for Astra program confirms the compatibility of SAKURA software with one of the domestic operating systems. In addition, the use of the SAKURA complex will give Astra Linux users the opportunity to further increase the level of security of critical data, "said Maxim Efremov, Deputy General Director for Information Security at IT-Expertise.

Russia strives for technological sovereignty, in connection with which the market of domestic information security solutions is developing rapidly, ensuring the proper level of information security of organizations. In turn, the developers invest significant resources in achieving compatibility of products in this segment in order to get software that meets the needs of customers as much as possible. We can provide such a product together with colleagues from IT Expertise and sincerely thank them for their cooperation, expanding our capabilities in the information security market, - said Alexey Trubochev, Director of the Support Department of Astra Group.

2023

Release version 2.33

On December 26, 2023, the IT-Expertise company presented the information security complex SAKURA version 2.33.

SAKURA 2.33

According to the company, this version implements integration with VPN the solution of LLC AMICON"." FPSU-IP Also operating system Linux , support for the strongSwan VPN agent is implemented for. In order to inform users about the state of protection of their workplace, all supported operating systems (, Windows Linux,) macOS have a general view of the SACURA Agent.

A mechanism has appeared for fixing the security state of the AWS with the ability to respond to changes in these states. Added lock check in browser. Optimized operation with the program - optimized operation of reports, added additional filtering capabilities. An interface appeared for viewing script execution logs on the SAKURA server. Active Directory is optimized.

List of changes in version 2.33:

• Integration with the VPN solution of FPSU-IP of AMICON LLC was implemented
• A general view of the SACURA Agent has been developed to inform users about the state of workplace protection for all supported operating systems types (Windows, Linux, macOS)
• Optimized view for Process Activity report data
• Added algorithms for monitoring the state of AWS (both security level and online location), which allow more flexible response to state changes
• An interface has been added to view script execution logs by the SACURA server
• Added control and cleaning of long unused connections to the database
• Implemented support for strongSwan VPN Agent for SAKURA Agent for Linux
• Support for domain users is implemented on the SACURA Agent for macOS
• Added Lock Check to browser

Optimization:

• Active Directory Integration (AD) has been optimized to collect information about sub-divisions
• Mechanism of incremental synchronization of users with AD is implemented
• Added ability to filter data in employee name reports
• To optimize the generation of reports about the user's work, the feature of the software group "Do not take into account in reports" has been added
• A mechanism for calculating the time spent by the user on the software group is implemented

Other changes:

• In the report "Location Map" added information about the login and username
• Extended information on the used equipment and operating system has been added to the "General support" section of the AWS information
• The User Manual has been updated with information on the collection of monitoring data for the ARLMS
• The mechanism for transferring organizations and subsidiaries to the archive has been upgraded

Release version 2.32 with VPN Check Point

On November 1, 2023, IT Expertise presented the release of the version of the information security complex SAKURA, which received the number 2.32.

In this version, they appeared integration VPN with Check Point, control over the connection to SSH to servers the protected and the mechanism for executing scripts by the SAKURA server.

In addition, a mode for checking and servicing workplaces was added.

Traditionally, each release optimizes existing mechanisms. This includes a mechanism for collecting data about the user's work, performance and ergonomics of reports, interaction with agents of SACURA and macOS.

Management of SSH connection to protected servers (similar to RDP connections)

Optimization

• Improved the mechanism for collecting data on the user's work in the workplace
• Improved reporting when working with workstations that have been archived
• In desktop widgets, violations are displayed with different criticality
• Optimized reporting of violations: the criticality of the violation is indicated
• MacOS has the ability to take screenshots at the time of violations
• Optimized SACURA API for different versions of agents
• Improved information output in the SACURA agent window
• To facilitate navigation, reports have the ability to pin a column to table views
• Optimized work with subgroups of software types

A description of the procedure for delegating rights for work has been added to the User Guide

Release 2.31 with optional geolocation detection mechanism

On July 24, 2023, the IT Expertise company presented an updated version of the SAKURA 2.31 information security complex.

In version 2.31, a number of changes were implemented: an additional mechanism for determining geolocation without the use of means appeared; operating systems cartographic providers Any OpenStreetMap (OSM) compatible are now supported; Added violation reporting tools it became possible to servers collect RPM packets directly from the SACURA interface for installing agents.

All software components were optimized. This significantly increases the compatibility of SAKURA agents with Linux and macOS operating systems. A version of the SAKURA agent for the ARM architecture (in beta status) has been released. Due to optimization, the load on the processor and the time for generating reports are reduced, the accuracy of collecting the necessary data is increased.

Additional settings have appeared as service capabilities, the documentation has been updated, the list of examples of integration with domestic VPN solutions has been expanded and some processes for setting up the software complex have been simplified.

Updates:

• An additional mechanism for determining AWS geolocation is implemented without the use of operating systems tools
• Added support for any online and offline card providers compatible with the OSM interface (e.g. Yandex, Google)
• The agent has been informed about the online/offline status and the level of the current violation for Windows Agents
• The build of RPM Agent packages from the interface of the ARMS Server is implemented
• Mechanism of automated binding of "Safety Categories" to "Organization" is implemented
• "Security Categories" import mechanism implemented
• A configurable list of fields has been implemented to perform extended registration checks using the mobile application SACURA

Optimization:

• Improved compatibility of SACURA Agents for Linux and macOS
• SACURA Agent beta released for ARM architecture (for Linux and macOS)
• Increased reliability of updating of the AWS AIS Agents with the possibility of automatic return to the previous version
• Another Agent logging mechanism is implemented, log rotation is added, data grouping is optimized
• Mechanism for collecting logs and diagnostic information from Agents from the interface of the ARMS server is implemented
• Reduced load on the AWS during the Agent's operation by optimizing the collection of the list of processes
• Reduced time to report process activity on workstations
• Improved accuracy of user session activity data collection

Other changes:

• Updated page design "Settings" → "Server." The settings are grouped by meaning into separate tabs. Including added a group of settings: "GEO server addresses"
• Settings have been added to allow sending mail with an authorization login that is different from the mailing address
• Added the ability to view the password during authentication in the SACURA Server
• The description of the system for monitoring the operability of the system is given in the User Manual
• Examples of integration with VPN vendors are given in the user manual
• Load check mode implemented by the ARLMS Server during the mass movement of users on the MS AD servers
• Added MS AD connection settings
• Easy to configure AD connectivity for multiple OUs
• Recommendations for the secure configuration of ARMS, DBMS are given in the user manual

Release of version 2.30

On March 15, 2023, IT Expertise announced the release of the SAKURA information security software complex (hereinafter PC SAKURA), which received the number 2.30. This release has a number of key features: for example, its own mobile client (Android and iOS) for organizing multi-factor authentication and accurate geolocation. Enhanced notification and two-factor authentication capabilities. The mechanism for working with LDAPS, saving personal settings and updating VPN policies of the NGATE gateway has been improved. Work was done to optimize the operation and increase the security level of the SAKURA PC via interaction lines with DBMS, OCMS Windows, Telegram, workstations.

"SAKURA" 2.30

According to the company, in this version:

• Released its own mobile application "SAKURA" for Android and iOS, for organizing multifactor user authentication: by instance of a mobile device, by confirming user access to a mobile device. Also, the mobile application allows you to accurately determine the geolocation of the user (with the function on the device turned on).
• Added the ability to send notifications to all workstation users in case of violation of system security control rules.
• The mechanism for working with LDAPS has been improved for cases when two-way certificate-based authentication verification is not used. In the case of one-way authentication, you no longer need to download the certificate to the control panel of the SACURA PC.
• It became possible to update the VPN policies of the NGATE gateway without interrupting the VPN session when the compliance state of the workplace changes.
• Personal user interface settings are saved when switching between different sessions in browsers. This takes into account more parameters: column visibility, widget settings, sorting and filtering rules.

In terms of optimization and safety, the following was done:

• The compatibility of the SACURA PC server with the Postgres DBMS from the Astra Linux repository has been optimized.
• To optimize the reliability of operation in fault-tolerant mode and eliminate the likelihood of compromising the distributions of agents of the SACURA PC, they are no longer stored in the file system.
• The speed of reporting on the current sessions of MS Windows terminal servers has been optimized.
• The mechanism for recording the working time of users when the workplace goes to sleep mode is optimized.
• The behavior of managing VPN sessions together with Telegram has been changed: the lack of confirmation in Telegram is perceived as the maximum level of violation.
• Encryption of the database connection account has become mandatory.
• The mechanism for generating screenshots on workstations has been optimized.
• The mechanism for working with two-factor authentication providers has been optimized.
• The mechanism for moving domain users through groups of violations when moving the workplace to offline has been optimized.

Development of a joint solution based on CryptoPro NGate and the Sakura information security complex

The companies IT Examination"" and Cryptomissile defense"" announced a technological partnership. This was announced by the IT-Expertise company on February 15, 2023. The developers have joined forces to develop a joint solution that allows import substitution the solution, Cisco AnyConnect providing protected remote access with verification security policies of user workstations through the joint use of a -shluz and integration VPN CryptoPro NGate   information security the SAKURA complex.

A joint solution allows you to:

• Provide remote user access to corporate resources only from trusted workplaces after checking their security status and compliance with the established requirements for; information safety
• Ensure the protection of communication channels during remote access of users and exclude unauthorized access to corporate resources and remote AWS;
• Import substitution of similar solutions of foreign manufacturers, including those who left Russia.

The Universal Remote Access Gateway and VPN CryptoPro NGate is designed to protect communication channels with the ability to provide granular access to specific users or groups of users to the necessary corporate resources, taking into account flexible policies, safety including application. two-factor authentication NGate according to certified FSB of Russia classes KS1, KS2 and KS3, and provides protocol support TLS IPSec and in accordance with GOST the Russian cryptographic algorithms 28147-89, GOST R 34.11-94/GOST R 34.11-2012, GOST R 34.10-2001/GOST R 34.10-2012.

The SAKURA information security complex is designed to monitor the security status of workplaces based on policies for detecting and responding to security threats, and managing access to corporate resources. SACURA allows you to monitor the state of remote workplaces and other devices 24 hours a day and prevent the consequences of violation of information security rules, instantly reacting to inconsistencies with information security standards.

Cooperation with the company "CryptoPro" will strengthen the direction of import substitution, which is focused on the development, to ensure the compliance of the developed software, primarily the information security complex of SACURA, with the requirements for the creation of state information systems (GIS) and the operation of critical information infrastructures (CII), Vyacheslav Savlyuk commented, CEO IT of -Expertiza.

The partnership will help expand the supply of import substitution products and services and create conditions for accelerating migration projects. This cooperation is part of a joint system work aimed at a quick and safe transition from Western software to domestic, supplemented by Pavel Lutsik, Director for Business Development and Work with Partners of CryptoPro.

2022

Release version 2.29

On December 28, 2022, IT-Expertise announced that the next release of the information security software complex SAKURA was released, which received the number 2.29. This release adds capabilities for working with geopositions, increases the convenience of working with the application, and adds capabilities. API In addition, a lot of optimizations have been made for all product components safety , and the stability of the solution as a whole has been strengthened.

Updates in version:

• For geo-position maps, the ability to control language settings and select a provider is implemented;
• The tables implement the calculation of the total number of pages and the transition between them, as well as the button for forcing updating the table data;
• Copy and paste buttons have been added to the script editing page;
• The ability to specify the port of connection to the server in the agent settings is implemented;
• Sakura Control Panel now supports non-standard API ports;

Optimization of "SAKURA" complex:

• Management of historical data flows from agents is implemented, now it is possible to configure the number and frequency and send message packets from agents to the server;
• Large data packets sent from agent to server are compressed;
• A setting has been added for the agent that determines the depth of storage of data history when working offline (without communication with the server);
• Optimized behavior when exiting offline mode and faster determination of the current security status of the workplace by the agent, as well as in case of registration of the workplace;
• When determining the composition of workplace antiviruses, the change is not recorded if only the order of their listing has changed;
• When determining users of the workplace, a change is not recorded if their composition has not changed, but only the date of the last login has changed;

Other changes:

• Renamed some types of checks for better compliance with the performed control, corrected the text of the notification Telegram in when using; two-factor authentication
• Setting agent polling is not allowed more than once every 3 seconds;
• Transfer to the AD group by the level of violation when the PM exits the autonomous mode of operation is implemented;
• Duplicates of software records in PM are no longer generated;
• Improved stability of work with VPN on the agent side;
• The security of the solution has been strengthened;
• The identified errors have been corrected;

Release version 2.26

The IT-Expertise company announced on July 14, 2022 the release of version 2.26 of the SAKURA information security complex.

"SAKURA" is a software package for controlling AWS access to corporate resources and actively responding to non-compliance with security profiles. It is fully the Russian developed and introduced in. register of domestic software Compatible with both, operating systems Windows Linux and, including, and, from Astra Linux Red OS AlterOS version 2.25 - and with Mac OS.

Main capabilities of "SAKURA" complex:

• Control of access to corporate resources;
• Three-factor user authentication;
• Verify that remote users comply with internal security policies;
• Monitoring of employee activity;
• Inventory of equipment and software.

Release updates of the SAKURA complex, version 2.26.

1. Integration with NGate for Linux: added the ability to manage remote desktop connections on Linux through the NGate ecosystem, depending on the passage of security compliance requirements.

2. Integration with Checkpoint VPN: due to restrictions in 2022, not all clients have the opportunity to use Checkpoint's compliance verification service, so the ability to check the security status of workplaces and control access through Checkpoint VPN has been added.

3. Flexible configuration of violation messages: the ability to configure messages to users in case of violation of control rules.

4. Storage of the history of geolocation change on the AWS: tracking the history of the location of workplaces and reproduction of the timeline of their movement.

5. Storage of the history of changing IP addresses at the AWS: collection and storage of the history of changing all IP addresses of workplaces. 6. Storage of hardware history at AWS: maintaining the history of connection to workplaces of hardware devices, including USB and storage devices.

Integration with CryptoPro NGate in order to organize secure remote access

Specialists from CryptoPro and IT Expertise have implemented a Zero Trust Network Access (ZTNA) architecture using NAC technologies (Network Access Control) and VPN (Virtual Private Network) and based on this architecture developed comprehensive Russian solution for controlled secure remote Users' access to corporate resources. This was announced on July 4, 2022 by the IT-Expertise company.

In light of the departure from the Russian market of a number of foreign players, the question arose for customers - what replace these solutions. Already in July 2022, domestic software products successfully perform a number of functions of foreign software. Now a joint solution is available for organizing a secure remote access with verification of user workstation security policy at the expense of joint application of the VPN gateway CryptoPro NGate (hereinafter - NGate) and the information security complex SAKURA (hereinafter - SAKURA).

The solution allows:

• Provide remote user access to corporate resources only from trusted workplaces after checking their security status and compliance with established information security requirements.
• Ensure the protection of communication channels during remote access of users and eliminate unauthorized access to corporate resources and remote AWS.
• Import substitution of similar solutions of foreign manufacturers, including those who left Russia.

In the context of technological collaborations of Russian information security developers, it is possible to import substitution of foreign analogues and significantly reduce the risks associated with the departure of large foreign players from Russia, as well as increase the level of security of corporate resources and compliance with the requirements of information security legislation. And the complex solution created by our companies is a big step in this direction, "said Pavel Lutsik, director of business development and work with CryptoPro partners.

As of July 2022, most Russian software manufacturers solve the problem of replacing vendors, solutions, functions leaving the market. We consider the direction of technological partnership as one of the key, and working with colleagues from CryptoPro will take this direction one step further. The integration of SAKURA and CryptoPro NGate products allows our customers to implement the ZTNA concept in practice and online to manage workplace access to the company's infrastructure, depending on compliance with security requirements, said Vyacheslav Savlyuk, CEO of IT Expertise.

Integration with S-Terra VPN products

S-Terra CSP and IT Expertise have developed a solution for organizing a controlled secure connection of remote users to the corporate network and implementing the concept of network access control (NAC1) (or network access with zero trust ZNTA2). The IT-Expertise company announced this on June 21, 2022.

The solution is designed for secure remote access with policy verification security of user workstations. The solution is based on joint application S-Terra VPN products and SAKURA information security complex.

Thanks to the integration of two Russian technologies, it became possible:

• Allow access to confidential information only from trusted devices.
• Respond quickly to real-time security issues. If

the automated workstation (AWS) of the user has ceased to pass the check, access to target resources can be locked and automatically resumed if a policy violation will be eliminated.

• Profile the device. Depending on the result of the user-defined check

AWS is given remote access to different network resources. For example, AWS with full trust gets access to all resources, the contractor's AWS - to a limited segment. AWS, not complying with policies is not allowed in the corporate network.

The joint use of S-Terra VPN products and the SAKURA complex allows us to solve one of the most pressing tasks of our customers when organizing remote access. The implementation of the concept of network access control has become available on domestic solutions, while all the requirements of Russian legislation are met. Thus, we have taken a serious step in the field of import substitution of functions that are in high demand by customers, "said Andrey Shpakov, head of the product department of S-Terra CSP LLC.

The solution retains all the advantages of VPN clients C-Terra Client/C-Terra Client A for remote access, including integration with Active Directory through the xAuth mechanism and the ability to use 2 Factor Authentication via disposable passwords//.SMSTelegram

The integration of SACURA and S-Terra VPN products gives our customers the opportunity to implement the already standard ZTNA concept - to perform security compliance checks and "on the fly" manage workplace access to the organization's infrastructure, depending on compliance with security requirements. The joint solution allows solving problems that were previously solved only by foreign vendors, which is especially important when heading for import substitution and leaving Western vendors from the market, "said Semyon Zheida, head of information security at IT Expertise LLC.

Compatibility with ViPNet Information Protection Products

Russian developers of InfoTeCS and IT-Expertise have confirmed the correct joint operation of the ViPNet Coordinator HW hardware and software complex ViPNet Client 4 with the Sakura information security complex. This was announced on January 31, 2022 by InfoTeCS.

The result of the technology partnership was the Zero Trust Network Access solution network , which allows information security professionals to implement the principles of the expanded Zero Trust concept for organizing a controlled connection of remote users.

The ViPNet Coordinator HW security gateway, designed for secure communication channels, is responsible for building a ViPNet virtual network and for the secure transfer of data between its protected segments, as well as filtering IP traffic. ViPNet Coordinator HW is included in the register of Russian electronic products, has the status of telecommunication equipment of Russian origin, as well as certificates of the FSB of Russia and FSTEC of Russia.

The ViPNet Client 4 software package is designed to securely work with corporate data through an encrypted channel and protects the workplaces of corporate users, including remote ones. ViPNet Client 4 is included in the register of Russian software, has certificates from the FSB of Russia and FSTEC of Russia.

Sakura Information Security Complex

The Sakura information security complex is designed to monitor the security status of workplaces based on policies for detecting and responding to security threats, and managing access to corporate resources. The complex is registered in the Unified Register of Russian computer programs and databases.

The peculiarity of a joint solution for the end consumer is that, without changing its infrastructure and using the current VPN product, it receives a ZTNA class solution that meets all the security requirements adopted in the paradigm, and it does not incur significant costs for the implementation of the Zero Trust from scratch.

{{quote 'author
= comments on the general director IT of "-Expertiza" Vyacheslav Savlyuk. | "Compatibility with the products of the ViPNet line allows users of the Sakura complex to get an up-to-date solution that implements the concept of zero trust. Our complex not only monitors potential threats 24/7, but also prevents the consequences of violation of information security rules. Technological cooperation with InfoTeCS is important for our company and our customers, and we will work on expanding the line of compatible products, "-}}

"The Zero Trust concept is thought to require new products and solutions, that's not quite the case. You can implement this concept with existing products. Our cooperation with IT Expertise specialists proves this. The joint solution allows you to fully implement the approach to Zero Trust, observing all the basic principles of this information security architecture when protecting the IT infrastructure, "- noted Director of Product Development "InfoTeCS" Nikolai Smirnov.

2021

AlterOS compatibility

On November 18, 2021, the company "" and IT Examination the Group of Companies ALMIS signed a two-way compatibility certificate confirming the correctness of the SAKURA software complex with. operating system AlterOS More details. here

Red OS Compatibility

RED SOFTWARE and IT Expertise confirmed the compatibility of the RED OS operating system and the SAKURA software complex. The work is aimed at creating an import-independent technostec. Red Soft announced this on December 8, 2021.

Ensuring security in the RED OS ecosystem will create an IT infrastructure that is resistant to various types of threats. This is necessary to ensure the uninterrupted performance of strategically important areas of the country's economy. Thank you partners for your cooperation! - commented the Deputy General Director of RED SOFT Rustamov Rustam..

The SAKURA complex is already used where import-substituting products from the cybersecurity segment are needed. Confirmed compatibility with the domestic RED OS operating system will provide new options for joint solutions to users of the SAKURA complex, "commented Vyacheslav Savlyuk, General Director of IT Expertise.

Capabilities of "Sakura" software complex

According to information as of August 2021, "SAKURA" allows you to monitor the state of remote workplaces and other devices 24 hours a day and prevent the consequences of violation of information security rules, instantly reacting to inconsistencies with information security standards.

The complex protects workplaces in the perimeter of the organization, when remotely connected or using cloud and hybrid infrastructure.

"SAKURA" is an integrated internal mechanism that immediately eliminates possible threats. The solution allows you to obtain complete information about the security status of devices, extend corporate information security policies to workplaces in the circuit and outside the circuit of protection, and help identify and respond to security threats.

Problems to solve:

• Lack of up-to-date security information
• No uniform security policy across enterprise and remote devices
• Security risks can only be addressed by administrators
• Zero Trust Model Security "SAKURA"

Security according to the zero trust model "SAKURA":

• Users: Trusted User Authentication and Continuous Monitoring
• Devices: Real-Time Security Status Detection
• Network: segmentation of information resources and the ability to isolate devices
• Applications: Application-Level Access Control and Control
• Automation: Responding and Resolving Emerging Security Incidents
• Analytics: Understanding what's happening and how to make protection more robust