| Developers: | Kaspersky Kaspersky |
| Last Release Date: | 2025/10/17 |
| Branches: | Information security |
| Technology: | IS - Firewalls |
Main article: NGFW (Next Generation Firewall)
2025
FSTEC certification on requirements for multifunctional firewalls
The Kaspersky NGFW software and hardware complex received a certificate from the Federal Service for Technical Export and Control (FSTEC) of Russia according to the rules established in 2023. The solution meets the requirements for multifunctional network layer firewalls in class 4 protection. The developer announced this on November 17, 2025.
Kaspersky NGFW is also assigned the fourth level of trust, which means that it can be used to protect significant objects critical information infrastructure (ZO), CUES state information systems (GIS), automated process control systems () APCS and personal data information systems (ISDS).
The entire line of hardware platforms of Kaspersky Extension has been tested: KX-3500, KX-1000, KX-400 and KX-100.
 | We are constantly developing our solutions in accordance Russian with market demands - both in terms of functionality and compliance with current regulatory requirements. Certification of FSTEC is an important stage in the life cycle of the commercial version of Kaspersky NGFW, - said, Anna Kulashova vice president of "" Kaspersky Lab for business development in and. Russia - countries CIS Now our customers, for whom it is important that the solution being implemented is included in key registries Russian software and meets the mandatory security requirements, will be able to freely use the development of Kaspersky Lab. |  |
Kaspersky NGFW 1.1 with anti-virus archive scanning
Kaspersky Lab on October 17, 2025 presented an updated version of Kaspersky NGFW 1.1. Features have been added to the solution that increase its fault tolerance and level of protection against cyber threats. The company also expanded its line of hardware platforms.
Synchronize sessions and routing information in the cluster. Switching between devices has become even more invisible, which minimizes downtime and significantly increases the fault tolerance of Kaspersky NGFW. In addition, there is support for the BFD (Bidirectional Forwarding Detection) protocol for the BGP (Border Gateway Protocol) and OSPF (Open Shortest Path First) dynamic routing protocols. The update allows you to speed up traffic redirection in case of problems on communication channels.
Antivirus scan of archives. Kaspersky Lab's own antivirus engine, which is used in Kaspersky NGFW, has added the ability to check archives of any extensions, which improves the quality of protection against cyber threats.
ICAP client for development of integration scenarios. ICAP client support will allow you to send files for scanning not only to Kaspersky Anti Targeted Attack, but also to any third-party sandboxes, as well as integrate with external DLP systems.
Hardware platforms - KX-1000 and KX-100-KB1. KX-1000 - Provides up to 100 GB/s performance in L4 FW + Application Control mode. KX-100-KB1 is an alternative KX-100 model with an increased number of copper gigabit interfaces, as well as rack-mountable capabilities.
Kaspersky NGFW 1.1 has policies based on the GeoIP database, which makes it possible to control traffic from specific countries. A role-based access model (RBAC) has been added to the Open Single Management Platform management console, allowing users to assign different roles with specific features. There was also the possibility of migrating policies from Fortinet.
| | We continue to improve Kaspersky NGFW to make it the most reliable, high-performance and fault-tolerant solution with a convenient interface. The release of version 1.1 is a consistent stage in the development of the product, which is part of an integrated approach to ensuring the information security of organizations. We continue to monitor market trends and the landscape of cyber threats, as well as take into account customer requirements and turn them into new opportunities within our solution. The plans are to pass the certification of the FSTEC of Russia by the end of 2025, "said Dmitry Golovko, senior product manager at Kaspersky NGFW. | |
Kaspersky NGFW is designed for medium and large companies (1000 or more devices) with a network infrastructure of any complexity and load, including those subject to regulatory policy in the field of information security. The solution will be relevant for organizations from the public and financial sectors, retail and other areas. The product is already included in the register of Russian software and PAC Ministry of Digital Development Russia,
20 "pieces of iron" burned down, 5 refused to serve. Kaspersky revealed the "kitchen" and the main challenge in creating its NGFW
To create its new product, Kaspersky NGFW, Kaspersky Lab tested the solutions of many hardware manufacturers available on the domestic market in an internal laboratory - a total of more than 25 different platforms. Such data at the presentation of the commercial version of Kaspersky NGFW in August 2025, which TAdviser visited, was cited by the company's technical director Anton Ivanov.
Collectively, more than 120 people work on the creation of Kaspersky NGFW. The company followed the path of using not ready-made components, but its own: all components that detect threats, process traffic, work with load are the production of Kaspersky Lab, Anton Ivanov also emphasized during the presentation. And the hardware platforms selected based on the results of thorough testing were "sharpened" specifically for the new solution.
According to Anton Ivanov, more than 5 hardware platforms did not survive these tests: when the company set the required load and the traffic format that Kaspersky Lab customers need, the platforms showed service failures. In addition, 20 SFP transceivers burned during load testing.
More than 10 times the company sent solutions for revision to the manufacturer and more than 5 times some manufacturers themselves came to the Kaspersky Lab office and "finished" their platforms: someone, for example, changed network cards, someone flashed the BIOS to show and prove that their product can be used in the new NGFW.
During testing, many bugs were found in the platforms and many improvements were made as a result: "Thus, we helped many vendors make their products of higher quality," said Anton Ivanov.
At the same time, the company has not yet disclosed the hardware from which specific manufacturers it eventually chose for Kaspersky NGFW. It is possible that this is due to sanctions risks.
In total, as TAdviser was told in the company, solutions from several Russian manufacturers are used in the first commercial line of Kaspersky NGFW. This is due to the fact that, for example, one of them is engaged in the development of small hardware platforms with low bandwidth, and the other specializes in the development of high-speed solutions. As previously reported in Kaspersky Lab, Kaspersky NGFW is focused primarily on large customers - they are now faced with a huge number of cyber attacks. But such enterprises also require, among other things, entry-level solutions for use in small branches.
The heart of traffic processing for older Kaspersky NGFW models is based on 5th generation Intel technologies. In the near future, there is a transition to 6th generation Intel, and Kaspersky Lab announced that they will be the first on the market to use such processors to analyze traffic.
It should be said that some of the competitors of Kaspersky Lab - in particular, UserGate is already actively using NGFW and ARM processors, not just Intel, in its hardware platforms. Kaspersky Lab Cloud and Network Security Product Manager Dmitry Golovko told TAdviser that the company is still focused on the x86 processor architecture, because the current software architecture is "tied" to using additional libraries to speed up traffic.
There are, of course, frameworks that allow you to use the same libraries with ARM processors, but this is not easy. Perhaps the company will look deeper into this direction when it goes to the SMB segment, because Intel processors are not cheap, and the price issue for this segment is critical. "There are prospects here, but this is not a story for the near future," summed up Dmitry Golovko.
In a conversation with TAdviser, he also noted that finding a supplier of suitable trusted equipment was the main challenge when creating a product: this process is associated with a huge amount of work, including, among other things, checking the entire microcode of all hardware platforms.
Kaspersky Lab did not even consider any domestic hardware manufacturers, having familiarized itself with the specifications of their hardware platforms, as well as those who offered just general-purpose servers. The aforementioned 25 hardware platforms are those that passed the initial dropout and reached the tests.
Another key challenge is the understanding that the Russian market's request for NGFW is serious, and this class of product requires extensive functionality so that it can be put into a productive environment. Implementing all the necessary functions in a fairly short time is a non-trivial task. Pilot projects helped a lot in its solution, according to the results of which it was possible to get feedback from users.
In the future, considerable work still looms in terms of integration. According to Kaspersky Lab's cloud and network security product manager, the company is looking towards expanding the ability to integrate the product with both its own solutions and external ones. And already in the plans for 2026, for example, there is a provision of an external API so that external integrations can be implemented as a whole.
Bringing the Commercial Version of the Product to Market
On August 8, 2025, Kaspersky Lab announced the release of a commercial version of Kaspersky NGFW, a new generation firewall of its own design to protect organizations from cyber threats. The official presentation of the decision is scheduled for the afternoon, but the company shared some details with TAdviser earlier.
Kaspersky Lab claims that Kaspersky NGFW is suitable for working with a network infrastructure of "any complexity and load." It is intended for medium and large companies (1000 or more devices), including those falling under regulatory policy in the field of information security. The developer believes that his solution will be relevant for organizations from the state and financial sectors, retail, healthcare, transport and education, as well as telecom.
The product has been included software register Ministry of Digital Development in No. 28270 since May 19, and as of August, it is being certified FSTEC and registered in the registers of the PAC Ministry of Digital Development and, Ministry of Industry and Trade which is especially important for the above categories of customers.
In recent months, organizations in Russia have been subjected to a large number of cyber attacks. According to Kaspersky Lab, in many incidents, attackers, including pro-Ukrainian hacktivists, use traffic tunneling tools such as ngrok, Chisel, gTunnel, localtonet to bypass traditional information security solutions. Kaspersky NGFW, the vendor claims, is capable of detecting and blocking such traffic, as well as protecting against other complex and current threats faced by Russian organizations.
Kaspersky Lab claims the following product features:
The Detection Rate exceeds 95%. Kaspersky NGFW uses its own Intrusion Detection and Prevention System (IDPS). According to tests, the Detection Rate exceeds 95%.
Own antivirus engine. One of the key advantages of Kaspersky NGFW in Kaspersky Lab is called its own antivirus engine, which uses artificial intelligence technologies.
Active-Passive failover cluster. One of the frequent wishes of customers for next-generation firewalls is a high level of fault tolerance. To solve this problem, Kaspersky NGFW supports the Active-Passive cluster and has developed its own KHCP protocol (Kaspersky High-availability Cluster Protocol), which supports flexible cluster scenarios.
Advanced security technologies and easy management. Kaspersky NGFW provides native integration with other security solutions, as well as enriching you with unique knowledge about cyber threats from around the world thanks to Threat Intelligence data streams. Centralized management is carried out through a single Open Single Management Platform console - for the commercial version of the solution, its interface has been completely redesigned.
Hardware platforms designed specifically for Kaspersky NGFW. The Kaspersky Extension line of network hardware platforms was developed specifically for Kaspersky NGFW. It includes three types of Russian-made network devices that are designed for enterprises from small offices to corporations. PAC provide performance - up to 180 Gb/s in L4 firewall mode with application control enabled, reliable protection against cyber threats and scalability for various scenarios.
At the time of the announcement, a line of KX-Series hardware platforms is available in the commercial version of Kaspersky NGFW 1.0:
- KX-100 (10 Gb/s *)
- KX-400 (40 Gb/s *)
- KX-3500 (180 Gbps *)
* Performance in L4 FW + Application Control mode
Kaspersky Lab clarified to TAdviser that in terms of hardware for NGFW, the company does not use ready-made solutions, but cooperates with manufacturers and jointly works out an industrial design in order to get exactly the equipment that will meet its requirements and customer requests.
| | The key difficulties faced by our customers in recent years are the transition from foreign solutions to domestic ones, as well as the complication of the cyber threat landscape. It was these factors that were the prerequisite for the development of Kaspersky NGFW. After two beta versions and several pilot projects, we are ready to present the solution that the market needs: reliable, high-performance, fault-tolerant, with a convenient interface, and most importantly, capable of replacing foreign products, - notes Anton Ivanov, CTO of Kaspersky Lab. | |
According to him, at the time of the release of the commercial version of Kaspersky NGFW, several dozen customers, including from the financial and transport sectors, are testing this solution. At the same time, the NGFW check inside Kaspersky Lab itself was no less serious than external tests.
| | We can confirm the effectiveness of the solution. The plans include the development of a version of NGFW for industry, as well as the further introduction of AI technologies into the product, - added Anton Ivanov. | |
In addition, as Kaspersky Lab added, answering TAdviser questions, when developing its solutions, the company is guided by the fact that they will be in demand not only in Russia, but also in the international market. Now the commercial version of Kaspersky NGFW in Russia is entering the market, and in the future Kaspersky Lab will consider the possibility of launching abroad.
It is worth noting that the company is entering a fairly well-heated and even overheated market. After leaving Russia in 2022, the world leaders-developers of NGFW, whose products were used by many customers, domestic manufacturers rushed to urgently create solutions to replace them. And as of 2025, there are already a number of fairly sophisticated solutions on the market in terms of functionality and performance.
At the same time, the strongest players are gradually expanding their offer, trying to reach as wide a range of customers as possible. For example, UserGate, which previously focused mainly on small and medium-sized clients, later went more actively into big business. And Positive Technologies, on the contrary, is gradually "pulling" its NGFW line, including on SMB, at first focusing on large business: in August 2025, the company released a line of NGFW models specifically for small offices and branches.
Positive Technologies, in particular, previously noted that at some point the number of vendors developing NGFW in the Russian market exceeded 50, but as of May 2025, they confidently continued to talk about the development of about 25 vendors. The company predicts that the domestic NGFW market will return to a state where there will be only a few players on it. Similar expectations were voiced in UserGate. One of the most notable players to have already retired in this league was Garda.
Release of the second beta version of Kaspersky NGFW
Kaspersky Lab on April 16, 2025 introduced the second beta version of Kaspersky NGFW, a new generation firewall. It significantly expanded network functionality, improved the quality of detection and blocking of network cyber threats, increased performance, improved stability and added the ability to work in failover cluster mode.
Improved network protection. attacks Kaspersky NGFW integrated anti-virus has an engine that uses the latest Kaspersky Lab technologies. It is used to detect previously unknown threats. artificial intelligence The updated engine will provide an additional level of security, while maintaining the high performance of the solution as a whole.
Thanks to integration with Kaspersky Anti Targeted Attack (KATA), files from the inspected traffic are additionally checked in a special sandbox sandbox. This allows you to prevent, among other things, complex targeted attacks.
Kaspersky NGFW also has native integration with Kaspersky Symphony XDR. Thanks to this, it will become much easier to use the response capabilities in XDR: just press one button.
Increased performance. The performance of Kaspersky NGFW in L4 firewall mode with application control enabled in the second beta version reached 180 Gbps.
Fail-safe operation. One of the key innovations is support for the active-passive failover cluster based on the proprietary Kaspersky High-availability Cluster Protocol (KHCP). In the event of a disaster, switching between cluster nodes will take less than a second, which will ensure stable operation of the network infrastructure with continuous protection.
| | When developing Kaspersky NGFW, our team carefully examines the market and the needs of organizations from various industries. We divided the release into beta versions, each of which is tested in the customer infrastructure. Throughout the development cycle, we collect their feedback to bring in all the necessary functionality. The wishes of customers voiced during piloting will be taken into account in the commercial release of NGFW, which is scheduled for 2025, "said Anton Ivanov, CTO of Kaspersky Lab. | |
Kaspersky NGFW is designed for medium and large companies (1000 or more devices) with a network infrastructure of any complexity and load, including those that fall under the FSTEC regulatory policy in the field of information security. The solution will be relevant for organizations from the public and financial sectors, retail, healthcare, transport and education, as well as telecom.
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |