Solar DAG Data Access Management and Control Solution

Solar DAG is an end-to-end solution for managing and controlling access to data stored and processed in an unstructured and semi-structured manner across multiple storage systems to minimize the risks of confidential information leakage.

2024

Solar DAG 1.3

Solar Group of Companies, a comprehensive architect, Solar cyber security DAG 1.3 enhances the ability to seamlessly integrate the platform with,,, IT infrastructures and. operating systems Linux This was announced Microsoft Windows on December 19, 2024 by representatives of the Solar Group of Companies.

𝓲

Solar Group

According to analysts at the Solar 4RAYS Cyber ​ ​ Threat Research Center, the main goal of most groups on industrial and telecom companies in 2024 was espionage and data destruction. At the same time, Solar experts note that in 2025 the number of incidents related to the theft of confidential corporate information will increase. Therefore, there is a growing need for more transparent data access management, taking into account the distributed IT infrastructure based on DAG platforms in these industries.

According to the company, the key update was the integration of Solar DAG with distributed file systems for storing data based on DFS (Distributed File System) technology. Integration with DFS is implemented taking into account the requirements for the protection of unstructured data from the banking sector, retail, industrial vertically integrated holdings, telecom operators and other companies with a wide geography of presence in Russia. They have an extensive network structure, a large number of regional offices, mobile offices and employees, so it is important for them to reduce the burden on individual servers, optimize data backup and replication processes, and ensure access to confidential information is controlled.

{{quote 'author
= told Mikhail Nikulin, Head of Solar DAG Product Solar Group|The risks of unauthorized access to data, on the one hand, make information security policies more complicated, on the other hand, we see a request to simplify audit and control access to data, more efficient use of data storage systems. To control access to data under distributed file system conditions, Solar DAG has implemented functions that allow the agent to collect and transfer information about namespaces, links, and other types of resources. The decision is also classifies data based on rules registered in the system. All collected information is available in reports, including Top Duplicate Files.}}

The solution helps to find copies of files on all controlled systems at the same time, so customers get a tool to analyze the available storage capacity of servers and monitor access to information.

The updated version also introduces a mechanism for marking data and users based on access labels. IT infrastructure administrators can more accurately classify users and resources by labeling objects and system principals. Thus, objects are assigned several levels of secrecy, and subjects (users) - various categories of access to information. Labels are assigned to resources and users and denote business owners. The tool also helps to identify access rights that employees have accumulated while working in the company or changing roles in different departments.

You can create, edit, copy or delete a label in the Solar DAG platform, labels can also be seen in system reports to monitor access to confidential information. Administrators can manage labels Automatically, using dynamic rules to classify resources and users.

Improved classification rules enhance the ability to work with file resources. Added the ability to mark exceptions in the rules, templates for classifying images using optical character recognition (OCR) are included in the graphical interface.

Using the Access Policy Trigger Log, administrators can analyze user actions that differ from the generally accepted behavior or violate security policies. Parameter filtering helps identify specific incidents that require response and investigation. Version 1.3 optimized agents for file storage for integration with Microsoft SharePoint.

As part of integration with Syslog, the Linux system log, Solar DAG introduced a section to configure settings for sending access policy violation messages. This tool allows you to integrate Solar DAG with SIEM systems. This mechanism optimizes the accuracy of threat detection and the speed of response to potential facts of corporate fraud and information security incidents.

In 2024, Solar released three Solar DAG updates, developing the functionality and performance of the platform for managing access to data in IT infrastructures that use Russian and foreign operating systems. The Ministry of Digital Development of Russia has included the solution in the unified Register of Russian software, which allows the use of Solar DAG in import substitution projects.

Compatibility with Red OS 7.3

GC Solar"" confirmed the compatibility of the solution for controlling access to unstructured to data Solar DAG operating system Red OS with 7.3. Technology compatibility simplifies integration DAG/DCAP platforms in projects for to import substitution companies that already use Russian operating systems. About this "Solar" reported on December 18, 2024.

According to RAEK, published in October 2024, Russian companies were able to replace about 30-40% of foreign software, including office packages, basic software products and operating systems. Therefore, integration with domestic operating systems has become a mandatory factor in the development of the Solar DAG platform.

Earlier, the company implemented the compatibility of Solar DAG with Astra Linux OS, which occupies 70% of the Russian operating systems market. In turn, integration with RED OS (a share of about 15%) expands the potential for using the DAG/DCAP platform to 85% of infrastructures using Russian OS.

We constantly conduct market research and monitor the dynamics of import substitution in the infrastructures of our customers, study the practice of investigating information security incidents and conclusions based on the results of an analysis of the security of industry companies. Thus, we respond to the "pain" of Russian business, which "at the moment," needs solutions that are easily integrated with already implemented technologies. Therefore, compatibility with RED OS expands the possibilities of using Solar DAG at CII facilities and other organizations that must follow increased cybersecurity standards, "said Mikhail Nikulin, head of the Solar DAG product.

We strive to ensure the reliable protection and usability of RED OS, actively developing the ecosystem of compatible solutions. Integration with Solar DAG will strengthen security at critical information infrastructure facilities and provide a unified approach to structuring, hosting, storing and controlling data, "said Alexander Sabov, Head of RED OS Product.

Solar DAG 1.2

On September 23, 2024, Solar Group announced the release of Solar DAG 1.2.

𝓲

"Solar"

As reported, according to the Center for Countering Cyber ​ ​ Attacks Solar JSOC in 2023, 29% of infrastructure security analysis projects had access to critical, to data external systems and applications. According to experts, in some cases, confidential, sensitive and other types of unstructured, information containing are personal data stored in common. file storages

The risks of information leaks from cyber attacks increase if companies do not control access to unstructured information in different storage systems.

According to analysts of the Solar Group, the average damage from one information leak for Russian companies in 2023 amounted to about 5.5 million rubles, but such incidents as a result of deliberate actions of insiders may be several within a year.

To solve the problems of managing access to unstructured data, Solar Group consistently develops Solar DAG, a comprehensive solution for managing and controlling access to data that is stored and processed in unstructured and semi-structured on different storage systems. Up-to-date updates reflect a product strategy with a focus on optimizing access control, data integrity, and end-to-end cybersecurity. Thus, the Solar DAG 1.2 release implements integration with enterprise data warehouses MS Active Directory, Linux FS, MS SharePoint system and Solar inRights platform to cover additional sources of corporate information.

The integration of Solar DAG and MS SharePoint allows you to monitor and maintain the relevance of the data structure in filters and reports for a wide range of web portal resources. SharePoint This provides support for various events related to groups and resources, as well as the ability to classify and send MS SharePoint agent data for content analysis.

Integration with Linux FS (SMB) allows you to maintain data structures in filters and reports for various objects of this system, shares, folders and files. The system ensures that the data structure is up-to-date by activating the Hierarchy Scan function.

Solar DAG 1.2 also extends support for data coming from Microsoft Active Directory. Users can keep events associated with users, groups, and user directories up to date. The system supports the registration of various events: creating a user account, deleting, turning on/off, changing the password, moving, renaming, as well as a wide range of events for user groups and directories.

An important stage in the development of the ecosystem of access control solutions was the integration of Solar DAG with the Solar inRights platform. A secure connection feature is now available to users using a security certificate that protects and protects data transfer between systems.

In addition, an external API was developed to provide access to Solar DAG system data, including a list of data classes and account groups and subsequent access to documents corresponding to these data classes. As a result, IT and information security professionals can centrally obtain information about the permissions granted to unstructured data and control access rights, preventing possible leaks of confidential information or illegitimate use.

{{quote 'author
= noted Mikhail Nikulin, Head of Unstructured Control Technology data of Solar Group|A request for DCAP/DAG solutions has been formed on the market, which, through integration with information systems, allow you to effectively manage access to confidential and sensitive information, ensure security and save capacity of data storage systems.}}

Solar DAG 1.2 also expanded the list of system access policies and added policies to coordinate actions to create, modify and delete user accounts, change account passwords. The system takes into account changes that allow you to configure event filtering for certain policies, such as adding or removing an account from a group.

The Configuration section allows you to manage logon-related system settings by setting a password policy, domain authentication settings, and the Welcome window. Administrators can configure idle session blocking, number of failed logins, expiration dates password, password complexity requirements, and more.

In response to customer requests, the system includes a scheduled reporting feature. Users can schedule automatic reporting and log events, including used and unused resource reports, by account, and history of changes to object permissions. The generation schedule for each report is personalized to more effectively manage the reporting processes.

The updated version of Solar DAG has also changed the user interface. All actions - create, edit, or delete objects - are now accompanied by system notifications confirming successful execution. For optimization functionality has been redesigned to address resources, accounts, scope, data classes. You can now filter by criticality type and select the appropriate objects in the system.

Inclusion in the register of Russian programs

The Ministry of Digital Development of Russia has enter into the unified register of Russian programs a multifunctional product for protecting unstructured data Solar DAG. The solution was developed by the Solar Group, which announced this on July 31, 2024.

Solar Group introduced Solar DAG in November 2023 as a comprehensive multifunctional solution that provides a unified approach to structuring, monitoring the use and storage of confidential information. As of July 2024, the key advantages of the product are high performance - the ability to stream up to 100 million events on storage systems per day, high speed of content analysis - up to 1.5 TB per day, as well as work in geodistributed mode.

The current capabilities of the product close the main tasks of customers in the field of protecting confidential data from cyber threats. The ability to integrate Solar DAG with business intelligence (BI) and access control systems, such as Solar inRights, allows you to implement an integrated approach to control access to unstructured data and reduce the risk of confidential information leakage.

The volume of unstructured data stored in organizations is growing in multiples. The international analytical company ITC predicts that by 2025 the volume of data will grow to 175 zettabytes and most of it will be unstructured. The high performance of Solar DAG allows you to work with a large amount of data and control the actions of users. The inclusion of the solution in the register of domestic software confirms its high reliability in ensuring the comprehensive protection of confidential data, including unstructured, as well as complete import independence, - said Dmitry Bondar, director of the access management products development department of Solar Group.

Solar DAG 1.1

On May 20, 2024, representatives of Solar Group announced the release of the Solar DAG 1.1 unstructured data control system, equipped with functions to optimize the management of unstructured data in organizations. Key developments in this release are focused on optimizing storage resources, optimizing data quality, and improving information security.

𝓲

"Solar"

As reported, the Solar DAG product was first introduced to the market in November 2023 as a universal tool for the control, storage and use of confidential information.

One of the key changes that improve the efficiency of the system was the enrichment of the information systems event log with events from Active Directory (AD). The updated Solar DAG system maintains the relevance of the data structure in filters and reports of various AD objects. This feature supports logging events such as creating, deleting, enabling, disabling, and modifying user accounts, as well as events associated with groups and directories. This enhancement allows you to manage Active Directory objects with greater accuracy and control.

This version of Solar DAG supports management of classification rules based on regular expressions and keywords. Users can create classification rules using keywords, phrases, templates, and previously registered rules, and develop rules based on regular expressions. This function allows you to more accurately classify and organize data.

In addition to the previously mentioned developments, the updated version also adds an updated section with data source parameters and their hierarchy, which optimizes the process of registering sources (file servers, directories, etc.), and also allows you to control the depth and scanning mode with the ability to display the hierarchy resources for all sources. A modification of the Windows FS agent has appeared: added functions for transferring checksums, file sizes and information about inheritance attributes. Support for Windows Server 2008r2 is implemented, and event logging based on the file system log (NTFS) is now supported. A mechanism for managing "scopes" has been implemented through the system menu to delimit access to information.

In the updated version, the system has been supplemented with three reports that help users optimize methods of managing unstructured data, make more informed decisions on information storage, optimize efficiency, performance and cybersecurity.

The Unused Resources report allows system users to identify resources that have not been used for a period of time and then manage them. This feature allows the business to optimize operating costs by reducing the cost of storing unnecessary information, and improving security by identifying potential risks associated with uncontrolled data.

By reporting duplicate files, Solar DAG administrators can identify duplicates in a company's file resources without overflowing them. This enables companies to optimize storage resources, optimize data management consistency and quality, and manage versioning.

The disabled inheritance report defines directories that have unique file and folder access rights granted directly, without regard to hierarchical structure, inheritance, or specific rights and access group policies. By addressing the issue of broken inheritance, organizations can strengthen information security, reduce the risks associated with bypassing policies, and ensure comprehensive control over access rights.

Redesign and expand information in basic system widgets, implement pagination for step-by-step loading on portal pages, add various calendar modes, optimize format, report presentation, and more.

{{quote 'author
= explained Dmitry Bondar, Director of inRights Department of Solar Group|Solar DAG solution is included in the product portfolio of access management of Solar Group, where we have accumulated various practices and technologies to protect confidential data from cyber threats. In particular, Solar inRights allows automate user identification, and Solar SafeInspect manages privileged access.}}

2023: Solar DAG Solution Presentation

Solar Group of Companies on November 30, 2023 announced the launch of the multifunctional product Solar DAG. The solution offers the market a unified approach to controlling the storage and use of confidential information.

According to research by Gartner, 80% of data stored in organizations is unstructured. Unlike an ordered set of structured information in databases, unstructured is stored in a format that is very difficult to control and manage using any standard tools and processes. In addition, 70% of employees in organizations have access to data that they should not have. Inefficient data management leads to a significant increase in financial and reputational risks to the business.

Managing access to unstructured assets is a pressing issue for every large company. Solar DAG helps you identify critical and valuable information in a common data array, which allows you to focus on protecting your organization's internal security services.

Solar DAG provides control over all activities that potentially carry the risk of data misuse. The solution has high performance and is focused on Enterprise customers. Up to 100 million events per day on storage and up to 1.5 TB per day of content analysis can be streamed, as well as the speed of reporting queries that enable you to work with a large amount of information and control the actions of a large number of organization employees.

Enterprises with a developed branch network will be able to control file servers throughout the network thanks to the support of work in a geodistributed mode. And within the framework of centralized use of the Solar DAG system, it allows you to configure the scope for administrators of each branch separately, which eliminates the possibility of unauthorized access to information and statistics that are beyond its responsibility.

The solutions of the product portfolio of access control of Solar Group allow us to already provide customers with effective protection of confidential data from cyber threats. Our best practices and technologies have already been implemented and help Solar inRights automate user identification and Solar SafeInspect manage privileged access. The integration of existing platforms with Solar DAG will strengthen access control by increasing the level of confidentiality of unstructured data, as well as protect them from leakage, "said Dmitry Bondar, director of the inRights department of Solar Group.