Ideco NGFW

The main articles are:

• NGFW (Next Generation Firewall)
• Firewall

2026

Mist Insight Compatibility

MIST and Ideco on February 3, 2026 announced the expansion of joint capabilities for managing network security. Based on the results of joint tests, the compatibility of the Mist Insight NSPM system and the next generation Ideco NGFW firewall was confirmed - from connecting API data collection to traffic modeling and monitoring changes in security rules. Read more here.

Ideco NGFW Novum with the ability to transfer information about all actions of administrators to external SIEM systems

Ideco has introduced the Ideco NGFW Novum update, which focuses on integrating network security into a single information security monitoring and management loop. This release is aimed at large corporate infrastructures and organizations with increased audit, access control and compliance requirements. The company announced this on January 26, 2026.

The main idea of ​ ​ the update is to turn NGFW from an isolated network device into a fully functional element of the Security Operations and Security Intelligence ecosystem. One of the key changes was the ability to transfer information about all actions of administrators to external SIEM systems. Configuration change, policy management, and administration events can now be analyzed in a centralized security framework, ensuring that the logs remain constant and the infrastructure is more transparent.

This is especially important for organizations operating under strict compliance conditions, where the control of privileged users and the confirmed traceability of changes in security systems are required.

The next-generation firewall update enhances user and administrator authentication capabilities. Integration with the RADIUS server has been implemented, which allows you to connect any third-party two-factor authentication solutions without binding to a specific vendor.

Additionally, certificate authentication is supported when using IKEv2/IPsec. Such a model corresponds to industry best practice for building VPN connections using native operating systems mechanisms.

For infrastructures with increased authentication control requirements, integration with the NGate server has been added. Thanks to this, companies can build scenarios for authenticating users of any device in accordance with regulatory requirements.

This version of the firewall enhances integration with external monitoring and analysis systems. The solution can be used as a source of events and security logs, as well as scenarios for working as a Syslog server. Thus, NGFW becomes not only a means of filtering and protecting traffic, but also a full-fledged data provider for SOC, increasing network visibility and accelerating incident response.

The update also aims to simplify the day-to-day work of administrators and reduce the risk of operational errors. Added upload of firewall rules and content filter in CSV format for auditing, documenting and mass changes. Advanced routing rule management capabilities to speed configuration and change network policies. The logic of authorization and traffic processing in a high-performance context has also been improved, which increases the predictability and correctness of access policies.

We are consistently moving towards NGFW being not just a perimeter security tool, but a manageable and observable element of the corporate security infrastructure. The updated release of Ideco NGFW Novum closes the important gap for the market between network security, audit and SOC processes, - said Dmitry Khomutov, director of Ideco.

Integration with Netopia Firewall Compliance

Ideco, a next-generation firewall developer (NGFW), and Netopia, a vendor of the Netopia Firewall Compliance platform, announced the development of technological integration of their solutions on January 15, 2026. Sharing Ideco NGFW and Netopia Firewall Compliance aims to automate access rule control, increase visibility of network infrastructure, and meet regulatory requirements in large enterprise IT environments.

Integration is focused on large enterprise infrastructures with a large number of firewalls, where manual analysis of configurations and access policies is difficult.

Ideco NGFW Novum configurations and routing tables are used by the Netopia Firewall Compliance platform to automatically analyze rules, identify redundant, shaded, and potentially unsafe settings, and make recommendations for optimizing them.

Based on Ideco NGFW Novum data, Netopia Firewall Compliance builds a L3 network map to reflect real segmentation, traffic paths, and potential risk areas. This enables customers to monitor compliance of the actual network architecture with approved access policies.

The joint solution simplifies the implementation of the requirements of the FSTEC of Russia, including Order No. 117, GOST R 57580.1 and other regulatory documents, by continuously monitoring configurations, access rules, security events and continuously keeping the network map up to date. Automation of analysis can reduce the operational burden on information security teams and network administrators: Netopia's own analytical engine is capable of processing about 90,000 rules in less than one hour, which is impossible with manual verification.

For Netopia Firewall Compliance users, integration with Ideco NGFW Novum provides up-to-date and reliable data information about network connections and access rules by API and. SSH This data is used to calculate the reachability of assets and build possible vectors, attacks as well as to control changes in access policies, taking into account the real routes and firewalls involved.

The integration of solutions demonstrates a practical approach to building an ecosystem of Russian solutions in the field of network security. NGFW and the Firewall Compliance class platform do not duplicate development functionality, but complement each other: Ideco is responsible for traffic protection and control, Netopia is responsible for analysis, optimization and strategic management of network access. This approach allows you to reduce the load on information security teams and the level of "information entropy" in the network of large corporate infrastructures, as well as increase the predictability of changes, reduce the response time to risks and regulatory requirements and move from point protection measures to system management of network security, - said Dmitry Khomutov, director of Ideco.

2025

UDV DATAPK Industrial Kit 3.0 and UDV ITM compatibility

UDV Group and Ideco on October 22, 2025 announced the completion of testing and successful confirmation of the compatibility of their IT solutions in the field of industrial cybersecurity. We are talking about a comprehensive solution of UDV DATAPK Industrial Kit 3.0 to ensure the information security of any APCS, UDV ITM - for monitoring automated and information systems and the next generation firewall Ideco NGFW.

Joint lab tests have proven that the integration of solutions ensures stable operation in a single IT infrastructure without compromising performance and fully meets modern information security requirements. Development interoperability enables industrial enterprises to build multi-layered, scalable protection systems for critical facilities, and reduces downtime and financial losses from cyber attacks.

Proof of product interoperability opens the way for comprehensive security systems to be implemented in enterprises that require uninterrupted operation of equipment and high resistance to cyber threats.

Compatibility with UDV Group solutions expands the capabilities of Ideco NGFW in industrial segments, which is especially important in the context of active digitalization of industries. We highly appreciate the potential of this partnership and plan to develop joint solutions, "said Dmitry Khomutov, director of Ideco.

Confirming the compatibility of our solutions with Ideco products is an important step towards ensuring the reliable protection of critical large production facilities in the face of growing cyber threats. We are confident that our technological partnership with Ideco will allow customers from large and medium-sized businesses to improve the stability and efficiency of their IT infrastructures, "said Viktor Kolyuzhnyak, Director of UDV Group.

Bringing Ideco NGFW Novum to Market

Ideco, a Russian developer of solutions for network security, on September 25, 2025 announced the release of the next generation firewall Ideco NGFW Novum. According to Ideco, the product is built on the basis of technologies "used by the world's leading NGFW manufacturers for large corporate networks," and about 2 billion rubles have already been invested in its creation.

𝓲

Фото: Ideco

According to the developers, the solution runs on its own network stack using DPDK and VPP technologies. They provide direct access to network cards with minimal latency and speed up batch processing on multi-core systems. An enterprise-grade firewall with its own proxy server, signatures and DPI provides performance of up to 200 Gbps and is capable of processing up to 1 million TCP sessions per second. A firewall with its own rule compiler handles traffic at 100,000 rules for 500,000 users and security groups.

𝓲

Фото: Ideco

As noted in Ideco, the firewall has all the necessary modern features. Firewall capabilities are complemented by cloud DNS protection, which detects and blocks DNS tunneling in the first minutes of anomalies, including protection against Botnets & C2C, Cryptojacking, DGA, Malware, Phishing & Typosquatting, Ransomware. And virtual context technology (VCE) allows you to create multiple isolated virtual copies of NGFW on one device with resource sharing (RAM and processor cores) and network policy management for different segments.

𝓲

Фото: Ideco

The product supports active-passive clustering with session synchronization and virtual context configuration between nodes, which provides complete fault tolerance. It also provides work with LACP interfaces in the cluster. In addition, the solution has an L2-bridge (Virtual wire) mode, which allows you to integrate the solution without rebuilding the existing network, ensuring the quick launch of pilot projects.

A cross-platform client for remote access with support for the main corporate operating systems Ideco Center provides centralized enterprise-class management of up to 10 thousand devices from a single interface. The system allows you to centrally configure security and network filtering policies, collects logs and consolidates events before sending them to SIEM systems.

The solution supports integration with enterprise user directories of up to 500 thousand accounts and security groups with synchronization of up to 30 seconds. Consolidation with other information security solutions via syslog, ICAP, SNMP, NetFlow, Zabbix is also provided.

The development of Ideco NGFW Novum is based on a deep understanding of customer needs and adaptation of the solution to the unique tasks of each business. The use of DPDK and VPP technologies in combination with its own innovative developments confirms the readiness of the solution for large-scale corporate implementations at the level of world technology standards, - said Dmitry Khomutov, director of Ideco.

At a press conference on September 24 on the launch of the product on the market, he also announced the data that the product development team is more than 150 employees - "one of the largest teams on the market," the Ideco NGFW: Creating Together community has over 2.5 thousand participants, and more than 300 participants are involved in external beta testing.

Also at a press conference, Ideco cited a comparison of its new product with the products of some major competitors in a number of parameters.

𝓲

Фото: Ideco

The competitors presented on the slide, however, having familiarized themselves with the comparison, called into question its objectivity. Thus, the "Security Code" noted that it is not possible to assess the correctness of the comparison without details of the test method. The same is said in Positive Technologies, while noting a number of specific dubious points.

We at Positive Technologies run tests for 100,000 rules, which is much more complicated than the 100 shown on the slide. We also believe that a single EMIX name without revealing the full traffic profile is not enough to accurately compare, because depending on the specific set of protocols, the results may differ significantly. In any case, the specified PT NGFW 2050 model is the average model in our PAC line, while the competitors have the most senior solutions. For correct comparison, as well as in order not to mislead the market with these results, we are ready to provide data from our senior PT NGFW 3040 platforms and the upcoming PT NGFW 3050, the company says.

UserGate believes that in the given calculation there are several non-obvious points regarding their flagship product. First, for comparative analysis, the authors of the study give not the most up-to-date version of the UserGate platform - a F8000 that has existed on the market for more than 5 years.

In our opinion, the F8010 platform, which was released in 2025, should be used to comply with the correct correlation. For comparison, in F8000 2 Intel CPUs of 18 cores and 2 HDDs, in F8010 - 2 ADM EPYC CPUs of 48 cores and 1 SSD. Design capacity - up to 400 Gb/s. UserGate NGFW F8010 performance in 100-rule FW L4 mode - 230 Gbps, FW L4 + FW L7 (DPI) + IPS - 30 Gbps. If you connect content filtering - 8 Gbps (TLSv1.2) for 4500 IPS signatures and 1500 application signatures, taking into account the analysis of the morphology of the Russian language on web pages and the use of all lists of prohibited resources (we have 220 million URLs in 89 categories, Roskomnadzor lists, etc.). Traffic - EMIX - is indicated in UserGate.

By the way, the report does not indicate how many IPS and DPI signatures were included, what traffic was supplied, what is included in content filtering, which version of TLS was used.

Secondly, UserGate has just launched NGFW to protect data centers - the UserGate DCFW line. For 100,000 rules in FW L4 mode on the F8010 UserGate DCFW platform, it shows 145 Gbps, FW 4 + FW L7 (DPI) - 43 Gbps, if you also connect IPS - 13 Gbps. Signatures and traffic as in the previous case with UserGate NGFW. Thus, this solution is faster even when applying + 99900 FW rules.

And thirdly, based on the information contained in open sources, it can be assumed that the calculation characteristics given in relation to other players in the NGFW market may, upon closer examination, be actually controversial, added to UserGate. In addition to the fact that the comparison did not use the most powerful PT NGFW solution, UserGate also pointed out that in the case of Continent 4, the FW L4 + IPS parameter took data for IPS L2 in 10 Gb/s, that is, only SOV at the channel level. This may not be entirely correct, while improving the manufacturer's result.

Compatibility with Alt Workstation on platforms 9, 10 and 11, Alt Server on platforms 10 and 11 and Alt Domain

As a result of tests conducted by Ideco specialists, the correctness of the Ideco NGFW software on the Alt operating systems of the BASEALT development was confirmed. Ideco announced this on September 18, 2025.

The next generation firewall has shown stable performance on the 86_64 platform, which expands the use of Ideco NGFW and Ideco Client in the infrastructure of government and commercial companies using Alt operating systems. As part of the tests, a certificate of compatibility of Russian solutions was obtained. Ideco NGFW has been officially confirmed to be compatible with Alt Workstation on platforms 9, 10 and 11, Alt Server on platforms 10 and 11, as well as with Alt Domain, a directory service for centralized management of computers and users in the corporate network with operating systems on the Linux kernel and Windows according to the same rules from a single center.

All results are recorded in a bilateral protocol, which confirms the successful integration and uninterrupted operation of domestic solutions.

Confirmation of the compatibility of Ideco NGFW with Alt operating systems is an important step in expanding the capabilities of Russian state infrastructures and business. We are proud that our solutions can be effectively used within domestic systems, providing reliable protection and high performance for domestic users and enterprises, - commented Dmitry Khomutov, Director of Ideco.

The joint solution will be useful for large organizations with increased security requirements for critical information infrastructure, especially during the transition from imported software and equipment to Russian. Security management from a single center implemented on domestic software products significantly increases the security of the network while reducing the cost of combating unauthorized activity, "said Sergey Gushchin, Head of Partner Relations at BASEALT.

Integration with Securitm service

A partnership is presented on the Russian information security market, combining the Ideco NGFW multifunctional firewall and the SECURITM information security process control system. The collaboration created a comprehensive solution that takes network security monitoring and management to the next level. Ideco (Aydeko) announced this on September 8, 2025.

Integration allows you to:

• Automatically import incidents from Ideco to SECURITM for management and response to IRP/.SOAR
• Group recurring incidents, tracking their time of occurrence and activity, build analytics.
• Record firewalls in a single information protection registry with detailed information about the IPS, including authorization logs and user lists, the relevance of licenses and certificates.
• Expand the existing ecosystem of integrations with other IT and information security systems, creating a single space for monitoring, control and decision-making on information security issues.

Integration with Ideco NGFW allows us to provide centralized incident control and improve the effectiveness of responding to threats related to network traffic, "said Nikolay Kazantsev, CEO of SECURITM.

Integration with the SECURITM system is a natural step in the development of Ideco NGFW, as a key element of the security ecosystem. We see a trend in combining information security products to strengthen the security perimeter of organizations, and such solutions allow companies to manage information security products centrally. Now, data from our firewall is not just being logged, but becoming part of broader processes - automated response, investigations and strategic analysis. This significantly increases the speed and efficiency of the information security departments of any organization of organizations - commented Dmitry Khomutov, director of Ideco.

NGFW 20.0 with flexible VPN routing

Ideco released the NGFW 20.0 solution. The next-generation firewall update aims to increase customization flexibility, speed up key modules, and expand the functionality of managing more rules and improving the security of domestic company infrastructures. The company announced this on July 10, 2025.

Key changes include flexible routing VPN (Split tunneling), limiting the length of VPN connection sessions, and TLS support for VPN connections in difficult communication conditions. The DNS Security module has detailed logging DNS of requests and support for DNS-over-TLS to protect DNS resolution from intercepting requests.

This release has improved content filtering setup, switched to new categories Internet of resources, and accelerated categorization URL when working with the Content Filter. It became possible to use the database from GeoIP. Ministry of Digital Development

The firewall with tens of thousands of Active Directory objects and the performance of traffic handling by intrusion prevention are significantly accelerated.

We continue to move towards adaptive security, where control, performance and scalability are key. In NGFW 20.0, we emphasized ease of administration and transparency of filtering rules, expanded support for modern DNS standards, and strengthened protection in high-load scenarios. This update is the result of our active work on the Russian market for 20 years, "said Dmitry Khomutov, director of Ideco.

Compatibility with IVA MCU and IVA One

IVA Technologies and Ideco completed testing and confirmed the compatibility of the video conferencing platformsIVA MCU and business communications IVA One with the next generation Ideco NGFW firewall. Read more here.

Compatibility Ideco NGFW 19 and Rutoken EDS 3.0

On May 12, 2025, Aktiv and Ideco announced the confirmation of the compatibility of the latest version of Ideco NGFW 19 firewalls and active key Rutoken EDS 3.0 media .

𝓲

Фото: Asset

The introduction of GOST-algorithms firewalls in is one of the tasks facing INFORMATION SECURITY the specialists of Russian companies. As a result, colleagues from Ideco integration Rutoken managed to get a product that solves this problem in a reliable way, significantly increasing the level of channel protection. communications After implementing GOST algorithms in Site-to-Site VPN using Rutoken 3.0 devices EDS in Ideco NGFW, you can be sure that the attacker will not be able to access the confidential information in the protected channel and key information used to build Site-to-Site connections, said Pavel Anfimov, Head of Product and Integration at Aktiv.

{{quote 'author=noted Dmitry Khomutov, CEO of Ideco. | Integration of Ideco NGFW and Rutoken EDS 3.0 protects Site-to-Site tunnels between two Ideco NGFWs using GOST algorithms. The solution guarantees data integrity, protection against attacks and reducing the risk of compromising communication channels. This makes it easier to deploy a secure infrastructure for distributed networks,}}

Astra Linux compatibility

Astra Group and Ideco on April 8, 2025 announced the completion of testing for the compatibility of the Ideco NGFW firewall with the Astra Linux operating system, including correct work with user accounts. The stability and reliability of solutions in a single loop is confirmed by a certificate issued as part of the Ready for Astra technology partnership program.

Astra Linux also supports the Ideco ZTNA client version, which allows secure remote access of trusted devices to information resources.

As a result of the use of a technology bundle, organizations receive advanced capabilities to detect and block threats, as well as meet the requirements of cybersecurity and data protection legislation.

NGFW technologies protect the external perimeter of organizations from key cyber threats, including DDoS attacks, phishing, DNS spoofing, and the use [[[hackers|of hacker]] tools and exploits. The next generation firewall ensures a secure connection to corporate servers and significantly reduces the risk of intruders entering and leaking confidential information from companies. The confirmed compatibility of Ideco NGFW SX with the Astra Linux operating system demonstrates its versatility, which makes the solution effective for use in various IT infrastructures, "said Ideco CEO Dmitry Khomutov.

The confirmed compatibility of Astra Linux with the Ideco NGFW firewall is not just the integration of two products, but the strengthening of the security of critical information systems based on domestic software. We are confident that this partnership will bring significant benefits to our clients, - comments Alexey Trubochev, Director of the Support and Services Department of Astra Group.

Ideco NGFW 19 with improved performance

Ideco has released an updated version of the next-generation firewall Ideco NGFW 19. This release includes many features and optimizations aimed at improving the security of the infrastructure of Russian enterprises and ease of use. The company announced this on March 13, 2025.

This version of the firewall has significantly improved performance and added features to integrate the solution into complex networks. All updates are compliant. The updated IPS module allows you to increase the cyber protection of companies from modern attacks and detect threats in real time.

Ideco NGFW 19 has a flexible structure in setting up security rules and centralized user control. With ACL access control, you can fine-tune access rights to company resources and easily migrate from. Cisco SSL VPN The portal supports (two-factor authentication 2fa) and provides secure permission to corporate network resources from. browser The implemented Loopback interface for GRE, GRE/IPsec tunnels, as well as for BGP and OSPF allows a stable connection between the company's branches and. DPCs

The release has high performance and scalability. Faster work with a large number of Active Directory users allows your organization's IT infrastructure to run faster, even under heavy load. The firewall serves hundreds of thousands of users and security groups with tens of thousands of firewall rules.

{{quote "With the release of the updated version of Ideco NGFW 19, we continue to follow our course on innovation and improving the security of the network infrastructure of large companies. The added functionality, including a structured traffic log and GOST VPN support, will allow our users to more effectively manage organization security and control network traffic. We are confident that these updates will significantly increase the level of protection and simplify administration for our customers, "said Dmitry Khomutov, director of Ideco. }}

2024

Ideco NGFW 18 with Dr.Web antivirus

Ideco has released an updated release of the Ideco NGFW 18 firewall. The company announced this on September 30, 2024.

The added capabilities of Ideco NGFW take into account the request of enterprise companies for a high level of corporate data protection. Therefore, in NGFW 18, the development team provided application and IPS security profiles in the firewall, advanced functionality of VCE virtual contexts, optimized traffic processing performance. In addition, WAF security profiles for web applications and sandbox support have been added to the release. Also, the functionality of connecting users via VPN has been significantly supplemented, including flexible management of transmitted routes and integration with RADIUS for 2FA.

NGFW 18 users can now upload their own signatures to intrusion prevention. This increases the ability to customize security for each department or company team, which is especially important for the Enterprise segment business. In addition, this version of the firewall has improved the stability of the web interface SSH and to DDoS-, to the attacks as well as updated the role-based administration model with the ability to authorizations administrators via RADIUS, and. Active Directory ALD Pro

Integration into NGFW antivirus Dr.Web allowed IT teams to complement and strengthen protection, replacing less efficient solutions with more powerful tools such as Dr.Web and Kaspersky. Updated VPN clients made it easier for users to connect Linux and, MacOS improving support for private virtual networks.

Add DNS Security Module

The vendor Ideco presented NGFW cloudy with the DNS Security module on July 16, 2024. This technology provides a high level of protection against botnets and other cyber threats, reopening business opportunities that are not available after the departure of Western vendors Russian.

In the international market, DNS Security already occupies a significant share of the information security market, about a third of the NGFW market. Players such as Cisco, CheckPoint and Sophos are investing heavily in the development of their DNS Protection products, understanding the importance of this technology. So only according to Ideco, almost 88% of cyberattacks use DNS technologies, and 33% of the total number of attacks can be prevented at the level of filtering DNS traffic.

DNS - one of the most ancient and indispensable protocols, Internet which is open on almost all network devices. This makes DNS vulnerable to attackers who can easily create many domains and update them as needed. Since DNS queries are often not tracked, it is easier for attackers to act through DNS than other channels, communications including using DNS transport for network segments not connected to the network. Internet As a result, DNS becomes the first layer of network protection that requires careful control and protection.

The DNS Security module in Ideco NGFW relies on. cloud services SkyDNS Ideco NGFW supports easy-to-configure integration with the SkyDNS service using the DNS settings to servers the SkyDNS resolver. In the near future, to improve user convenience, it is planned to display integration settings inside the Ideco Center central console. An important advantage of DNS filtering is that it can be implemented in almost half an hour.

Ideco NGFW with cloud DNS Protection is a significant step in the development of our company. We strive to ensure maximum protection of Russian enterprises from cyber threats at the international level. DNS Protection is the first step. In the future, we plan to offer an even wider range of cybersecurity solutions, - said Dmitry Khomutov, director of Ideco.

As of July 2024, Ideco and SkyDNS are actively sharing security cases and successful experience in countering threats.

Ideco NGFW 17.0 with GRE over IPSec and GRE tunnel support

The solution for reliable cyber protection of enterprises is embodied in the beta version of Ideco NGFW 17.0. Advanced technologies and innovative features of the system will help prevent, attacks phishing protect valuable data companies and ensure the safety of employees on the network. This was Ideco (Aydeco) announced on May 16, 2024.

Added Ideco NGFW functionality includes virtual VCE contexts, session synchronization cluster mode, - authentication VPN users via RADIUS-, server support for GRE over IPSec and GRE tunnels, ZTNA (Zero Trust Network Access) for checking client devices and using device profiles in policies, firewall Ideco client for, MacOS setting firewall rule expiration times and CEF format support, and selecting/for with TCPUDP integration external services (SIEM and others) by syslog.

Among the updates in Ideco NGFW 17.0, we note:

• An updated platform based on the Linux 6.7.9 kernel, which will increase system stability and performance.
• An updated version of intrusion prevention for better protection against malicious attacks.
• An improved application monitoring module to more effectively monitor and manage application traffic on the network.

Now on the dashboard and in monitoring, information on the state of IPSec tunnels is available, including channel loading, packet loss and jitter, which will help quickly identify problems and improve the quality of the network connection.

Added capabilities to fine-tune WCCP to optimize network performance and improve resource utilization. Changes were made to the publishing settings of internal NGFW services (for example, personal account, web mail interface) in the reverse proxy server, which guarantees more secure and efficient operation of services through NGFW.

In a short period of time, this is the third major release that not only the Ideco team was waiting for, but also our customers from Enterprise to SMB segments. In NGFW 17.0, we not only improved performance and network optimization, but helped Russian businesses a few steps ahead of cyber threats, ensuring the reliable protection and security of the organization's digital assets, said Dmitry Khomutov, director of Ideco.

Compatibility with Red ADM

On April 22, 2024, Red Soft and Ideco reported that the Red ADM centralized infrastructure management system and the Ideco NGFW firewall are compatible and work stably. In combination, products become a ready-made solution both for organizing the internal operation of the infrastructure and for reliable protection against external threats. Read more here.

2023

Ideco NGFW VPP

Ideco on November 29, 2023 released NGFW VPP, a next-generation firewall for protecting information from external threats, offering multifunctional capabilities for the Enterprise segment.

According to the developers, the Ideco NGFW VPP firewall is based on best practices for scanning traffic. In addition, content filtering based on network traffic allows you to restrict the access of internal users and devices to dangerous Internet resources.

Ideco NGFW VPP offers integration with external solutions such as SIEM via the syslog protocol. This enables you to transfer security event logs to the SIEM solution for centralized monitoring and analysis. It also allows you to control access to various applications, including cryptominers, instant messengers, torrent clients and other more than 250 applications. This is achieved by the ability to control access to them through a single interface for creating L4/L7/IPS/Application Control rules with priority.

Based on its own DPDK/VPP-based technology network stack, Ideco NGFW VPP provides high traffic filtering speed. According to Ideco, this ensures efficient processing of large volumes of traffic and network security with minimal latency.

"Ideco NGFW VPP is a tool for providing cyber security in today's business. Its functionality, performance and scalability meet all the requirements and needs of the Enterprise sector, ensuring reliable protection of corporate networks from modern threats, "said Dmitry Khomutov Ideco Director.

Complete transition to NGFW solutions

November 29, 2023 Ideco announced the complete transition to NGFW solutions. According to the company's idea, this will satisfy all the requirements of large companies in the market in the region. safety

Thanks to kernels Linux the 6.3-based platform ON , it is protected from interruptions in the processing of large traffic and complex operations. The user can also configure the software for his tasks by setting rules firewall for the zones where IPSec and client VPN connections are located.

"Ideco NGFW reflects the functionality and security capabilities of the network for large businesses. Quick system updates help you save resources and protect sensitive information. In 2024, we will create the Ideco NGFW 17.0 solution, which will further cover the needs of the Enterprise segment, "Dmitry Khomutov, director of Ideco, shared the company's plans.

Ideco NGFW 16.0 with reverse proxy function

Ideco has introduced the next generation of firewall - Ideco NGFW 16.0. This solution has been designed to take into account the latest trends in cyber threats and offers up-to-date features to ensure maximum network protection. The company announced this on October 30, 2023.

Among the added features:

Zone Based Firewall for simple rule creation in complex networks - with a large number of network interfaces, segments, IPSec and client VPN connections. Also added the ability to integrate with Astra ALD Pro, which ensures user authorization based on the domestic OS and increases the level of security in the network.

To protect against DoS attacks related to published web resources, the NGFW 16.0 firewall offers a reverse proxy function (now with WAF and anti-DoS). This helps prevent the penetration of malicious traffic and keep resources working. An important feature is the addition of a web access log to traffic reports. This simplifies the monitoring and analysis of users' web activity, allowing them to identify possible threats and security breaches. Another significant feature is the improved configuration of VPN user authorization, including two-factor authentication (2FA). This provides increased security when accessing the network remotely.

Another important feature is the ability to create routes for IPSec connections (including BGP), which allows you to establish secure connections between remote network segments. Authorization of users of trusted Active Directory domains allows you to work on networks with multiple domains that are combined by trust.

One notable change is the renaming of the product to Ideco NGFW. This name reflects its network security functionality and capabilities.

Ideco NGFW 16.0 has sufficient performance and capabilities to work in the ecosystem of domestic IT solutions and services, for networks of companies of any complexity. Step by step, we strive to help customers solve the problems of switching from foreign solutions, while maintaining the level of security and reliability of network services, "said Dmitry Khomutov, director of Ideco.