Solar webProxy Web Security Gateway

Main article: Firewall

2024

Solar webProxy 4.1

On June 26, 2024, Solar Group presented a version of the Solar webProxy 4.1 SWG system, provides control over access to web resources and protection against web threats. As a result of the collaboration of the Solar webProxy teams and the Solar 4RAYS Cyber ​ ​ Threat Research Center, two important results were achieved: the creation of the first version of the threat database to block malicious resources - feeds, and the integration of these feeds into the Solar webProxy product. The database contains URLs, domains, and IP addresses of malicious resources. From version 4.1, these feeds are available for free download through the Information Security Account until the end of 2024. Future versions of Solar webProxy will add a mechanism for automatically updating feeds from the web interface, which will allow Solar webProxy users to respond even faster to potential threats based on current data from Solar 4RAYS experts.

Solar webProxy 4.1

According to the company, one of the key changes in version 4.1 is the ability to proxying traffic transmitted via the SOCKS5 protocol. Unlike HTTP (S), which accounts for the largest amount of data transmitted, SOCKS works directly on TCP and UDP transport protocols, is not bound to upper-layer protocols and allows applications to use network resources that are restricted due to architecture or configuration. With Solar webProxy, customers can now comply with internal security requirements and route all traffic, even highly specialized applications, through proxies.

Another important change was the ability to create filtering rules for the WebSocket and WebSocket Secure protocols, which are used in dynamically updating applications running in real time - instant messengers, marketplaces and other commercial services with rapidly changing data. Thanks to the capabilities, this traffic can be recognized, checked and, if necessary, blocked.

Other changes to version 4.1 include the possibility of excluding validation of non-valid certificates. This is relevant for internal resources of the company, which the administrator trusts, but at the same time wants to maintain traffic verification. This approach optimizes the integration into the infrastructure and allows continuous access of employees to important resources for the company.

Another additional change concerns the optimization of the convenience of interaction with the system, including on the part of employees. Now the administrator can create his own HTML template in a corporate style, which will be understandable to the user in the language to notify about the blocking of the requested resource.

For the convenience of system administration, a number of settings have been added to the Solar webProxy security policy. The first is the ability to select an entire category of resources in the rule, which can be accessed without authentication. This setting is necessary for work, for example, government services or bank customers. The second is the ability to configure actions for unrecognized file types. Three options are available: resolution, blocking and sending via ICAP to the sandbox for additional analysis. In addition, a mechanism for checking the availability of ICAP servers has been added to the web interface, which allows you to find out the latest information in two clicks.

Solar webProxy is a web security gateway (SWG). Differentiates access to web resources, protects against infected and phishing sites, blocks leaks through the feed.

Obtaining the certificate of FSTEC of Russia of the fourth protection class

Solar webProxy received a certificate according to the requirements of the FSTEC of Russia for firewalls of type "B" of the fourth class of protection. Now the product can be used in government organizations with high requirements for the class of protection of confidential information and objects of critical information infrastructure of high categories of importance. Solar announced this on March 13, 2024.

Russian legislation does not provide for separate requirements for SWG-class products, but since Solar webProxy has a basic firewall (L3-L4) built in, the basis of certification was the requirements of the FSTEC of Russia for firewalls that are used in relation to confidential and personal data in state information systems.

The certificate ensures that Solar webProxy complies with the requirements of the legislation and FSTEC of Russia. Now the product can be used in state information systems, in particular: personal data processing systems (ISDS) up to the first class of protection, in state information systems (GIS) up to the 1st class of protection, when protecting significant objects of critical information infrastructure (ZOKII) up to the first category inclusive, in automated control systems of production and technological processes (APCS) up to the 1st class of protection inclusive.

Solar webProxy is used as a content filtering platform for safe access to educational and information resources in all schools of the Russian Federation within the framework of the federal project "Information Infrastructure" of the national program "Digital Economy of Russia." FSTEC certification once again confirms the reliability of the solution in ensuring comprehensive protection of the network infrastructure of both business and strategically important enterprises of KII. The product is completely importonesavisim and flexibly integrated into the existing information security ecosystem of the organization, replacing foreign analogues without loss in filtering, productivity and usability, "said Alexander Barinov, director of the network security product portfolio at Solar Group.

The web resource categorizer and firewall built into Solar webProxy protect your organization from infected, phishing and banned sites, intrusive ads. Using the ICAP protocol, you can integrate Solar webProxy with other security features: sandboxes and data breach protection systems.

Solar webProxy prevents the leakage of confidential information using several mechanisms - checking traffic by keywords and the presence of certain files, as well as controlling leaks through Outlook Web Access drafts and other corporate web resources using the built-in reverse proxy.

As part of building an information security ecosystem in the organization, the product seamlessly integrates with DLP systems, such as Solar Dozor. So, if the company already uses Solar Dozor, then it is possible to synchronize the "Personal Dossier" function and automatically block leaks through the web feed.

Solar webProxy 4.0 with Solar webProxy agent redirecting application traffic to web proxy

Solar Group of Companies in January 2024 introduced an updated version of the Solar webProxy 4.0 web security gateway (SWG). The update introduced a number of components - the Solar webProxy agent, which redirects application traffic to a web proxy, end-to-end resource search, which simplifies user interaction with the system, as well as a condition designer that allows you to create more complex rules for employees to access Internet resources.

The policy designer will help to significantly simplify the routine tasks of the administrator. It allows "and/or" logical operators to be used when composing complex multi-component policy conditions. The policy designer reduces the complexity of the rule setup process, automates this process, which is especially true for large companies with a complex organizational structure.

Thanks to the updated indexing mechanism for all objects used in policies, version 4.0 implemented end-to-end search, demonstrating high speed and quality of output results. Now administrators and information security specialists can search all web resources in one line, and in the search results see in which rules the resource is used. And it doesn't matter how the search is carried out - through an exact match, partial or through regular expressions. If you plan to take control of a new web resource, you can check if this is already in existing lists in order to avoid duplication and not overload the policy. This will optimize the time and work required by system administrators to perform routine tasks.

Not all applications, unlike browsers, allow you to configure traffic redirection to proxies. To solve this problem, administrators had to either configure each PC at the network routing level separately, which is an almost impossible task in a large company, or use third-party solutions, often foreign ones. Solar webProxy agents now give administrators a built-in tool for massive and guaranteed management of all traffic. Subsequent updates to the fourth version of the product will complement the application control capabilities. The appearance of the agency part in the product will help our customers to even more confidently implement the import substitution program for foreign SWG solutions, "said Anastasia Khveschenik, head of the Solar webProxy product.

With the development of interactive tools for working with content based on artificial intelligence, the category of AI assistants was added to the directory of categories of web resources. This category allows you to granularly block users from accessing resources such as ChatGPT.

Improved network capabilities allowed refinement of ICAP redirection rules due to the emergence of new action attributes. Now, when creating rules in policies, you can set the time and actions when waiting for a response or receiving an error from the ICAP server.

Traditionally, as part of the sequential expansion of the directory of supported formats, approaching its content to the leading foreign solutions of the SWG class, MIME types according to the IANA standard were added to Solar webProxy 4.0. This time they included video and animation formats with an extension of WEBM, FLV, MKV, IGS, as well as document data, email, archives and compressed files with an extension of OXT, MSO, TBZ, TGZ, EGG, engineering and science packages with an extension of JT, STL. This has greatly expanded the ability to identify and block files with such extensions.

2023

Solar webProxy 3.10 with support for Astra Linux Special Edition 1.7.3 "Smolensk"

Solar Group of Companies on October 10, 2023 presented an updated version of the Solar webProxy 3.10 web security gateway (SWG). The update has expanded the ability to work with users from different domains and groups of administrators, additional categories of web resources and processed MIME types have appeared, as well as support for the Astra Linux Special Edition operating system.

Separating accounts with the same logins and different domains allows you to correctly organize the operation of filtering policies and the statistics system, as well as eliminate authentication errors in large companies with a large number of domains. Now the user will not be affected by the policies of another employee with the same login, but from a different domain.

Improving the role model of system administrators allowed you to add groups from Active Directory instead of manually configuring each account, in which the role is assigned to all users at once. When you change the composition of a group in Active Directory, the ability to access Solar webProxy administration for added or deleted users automatically changes.

When creating our products, we primarily focus on market trends and user experience. In 2022, Solar webProxy sales increased 5 times, which confirms the correctness of our maple-centric approach. Most of the functions that we have implemented in this version of the product are dictated precisely by the needs of our customers. An important update for customers was support for Astra Linux Special Edition version 1.7.3 "Smolensk," which will simplify the task of comprehensive replacement of foreign solutions To IT infrastructure in organizations. I want to note that additional support is provided for an alternative basic OS -/ CentOSRHEL version 7.9, - said Anastasia Khveshenik, head of the Solar webProxy product at Solar Group.

Flexible policy management for ambiguous resources and significantly improved filtering accuracy allowed the allocation in the directory of the built-in categorizer of web resources of 3 categories of sites that cannot be categorized: web resources containing a critically small amount of content for assigning a category (or its complete absence), parked domains, as well as web resources, access to which is limited due to client or server errors.

Also, as part of the sequential expansion of the directory of supported formats, approaching its content to the leading foreign solutions of the SWG class, new MIME types according to the IANA standard were added to Solar webProxy 3.10. This time their number included audio-also video formats with the AAC, MP2, MP2A, M2A, MPA, MPG, MPEGA, M4A, MPGA, MP3, M4B, M4R, 3GP, M4V, MKV expansion and also executable files with the CLASS expansion and animation files with the UNITYWEB expansion. This has greatly expanded the ability to identify and block files with such extensions.

The user interface has been upgraded to allow regular expressions to be checked for correctness. Previously, this required accessing third-party resources, now all work with a large list of web resources to be filtered can be carried out in a single window and in less time.

Solar webProxy 3.9 with advanced third-party integration capabilities

RTK-Solar On July 4, 2023, the company "" introduced the Solar webProxy 3.9 web security gateway for controlling access to web resources and protecting against web threats. This version has expanded capabilities integration for third-party solutions, added reverse proxy functions, and improved filtering quality and usability.

In Solar webProxy 3.9, it became possible to add to HTTP headers the results of checking files on adjacent systems with which ICAP interaction is configured. This allows you to configure policies more flexibly for integration with third-party solutions. You have also expanded the list of actions available when you receive validation results. You can now modify policies to integrate as flexibly as possible into your existing infrastructure and to match the capabilities of foreign solutions.

Extending the reverse proxy feature now allows this subsystem to work with HTTP and HTTPS protocols when interacting with external and internal addresses in any combinations. This makes it possible to publish web resources using various access protocols, which eliminates the need to generate secondary certificates and reduces the load on servers in the trusted zone.

In addition, Solar webProxy 3.9 implements the ability to tag security events (triggers) according to the specified rules when filtering content, which allows you to customize reports, quickly search for and select events registered as a result of rule changes.

In addition to the implementation of certain functions, work was also carried out to improve performance. Among them are a reduction in the synchronization time of groups in the Dossier and an acceleration of Solar webProxy in conjunction with sandboxes.

To more accurately define Microsoft Word documents, new MIME types were added for DOC, DOCX, DOT, DOTX, DOCM extensions, which made it possible to improve the quality of traffic filtering. Also in this version of the product it is possible to configure static routing directly from the web interface of the product.

Solar webProxy is a web security gateway (SWG). Flexibly differentiates access to web resources, applications and files, protects against infected and phishing sites, blocks leaks through the feed.

2022

Solar webProxy 3.8 with Intrusion Prevention

On June 30, 2022, RTK-Solar introduced an updated version of the Solar webProxy 3.8 web security gateway. The solution provides application access control to web resources and web traffic protection. The update includes Intrusion Prevention System (IPS), automated response to filtering problems, a special database for monitoring system performance, help with policy layers, upgrading the Policy section and logging settings.

Solar webProxy 3.8 has added the Suricata intrusion detection system software module, which has built-in signature traffic analysis. This allows you to track transmitted packets in real time, compare them with known threat classes, and respond instantly to a given scenario. In particular, actions are available to the user: allow the connection, notify the security administrator about the connection, reset the connection, block the connection with the return of the response.

The list of IPS rules is grouped by threat class and presented in the Firewall block. Each class analyzes a certain type of signatures with the same threat level - there are five of them in the system. The system provides flexible IPS configuration - the ability to exclude traffic by network parameters, as well as exclude signatures or threat classes. This minimizes false IPS positives and prevents them from disrupting business processes. Real-time detection is available under Intrusion Prevention.

The task of analyzing web traffic has become very important, the overall level of security of the entire company depends on the effectiveness of this process. Our customers are faced with the tasks of ensuring timely protection in the face of constantly growing cyber threats and improving the attack toolkit, and we take this into account in the development strategy of the Solar webProxy system, said Anastasia Khveschenik, business architect of Solar webProxy of RTK-Solar.

In addition to functional development, in each next version of the web security gateway, a number of changes are aimed at improving the user experience. For example, Solar webProxy 3.8 has a choice of scenarios for responding to filtering problems. When detecting filtering problems in previous versions of Solar webProxy, services could only be restarted manually. Now you can choose the scenario of automatic response: stop or restart services.

In the previous version of Solar webProxy 3.7, in order to minimize user access to the command line, a log information of the system operation and a view of network connections became available in the interface. In this version, in case of an increase in the size of the database, data which can provoke problems in operation, it servers became possible to transfer it to an external server of a larger volume.

To make it easier for users to navigate, the layers in the Policy section were separated by settings firewall content and filtering, and visual icons were added for each tool in this section. In order for the user to access the documentation less, and the system setting is intuitive, help has been added to some layers in the Policy with detailed information about working with them. To minimize system deployment and administration in Solar webProxy 3.8, the General Settings has enabled the files Web Resource Categorizer and Application Control Services (nDPI) rotation configuration.

Solar webProxy 3.7 with in-depth analysis of nDPI network traffic and improved user experience

On January 11, 2022, Rostelecom-Solar introduced the next version of the Solar webProxy 3.7 web security gateway for controlling application access to web resources and protecting web traffic. The system is complemented by Network Deep Packet Inspection (nDPI) deep network traffic analysis technology, support for basic authentication on RADIUS servers, improved mechanisms for balancing user traffic and fault tolerance of SWG. At the same time, a large number of changes affected the user experience.

nDPI Deep Network Traffic Analysis Technology

Thanks to nDPI, the system analyzes not only headers, but also the payload in network traffic, filtering at the gateway level without using third-party software. This allows you to detect known protocols on non-standard ports, block the exchange of traffic with remote access, manage its exchange with instant messengers and web applications, detect and block traffic of services for cryptomining.

Optimize user traffic balancing mechanisms and improve system resiliency

In Solar webProxy 3.7, user traffic balancing mechanisms have become more flexible by adding a balancing method setting time , query waiting, and a number of other parameters. When used antivirus in a multi-node configuration, it became possible to distribute traffic between nodes, which allows you to maintain uninterrupted antivirus operation in the event of a shutdown of one of the nodes.

To increase the level of fault tolerance, Solar webProxy 3.7 uses Virtual Router Redundancy Protocol (VRRP) technology, which combines several routers into one virtual with a common IP address (VIP). By switching VIPs from one node to another, fault tolerance is improved.

Extending Basic Authentication Support

The presented version of the product has support for the RADIUS protocol for user authentication when logging on to the Internet and when connecting administrators to the web management interface.

Improved user experience

In the Solar webProxy 3.7 SWG version from Rostelecom-Solar, an automatic check of resources for a match in their domain and subdomain is implemented, which saves the user time to configure filtering policies.

To minimize user access to the command line information , the system log and network connection view are now available on the interface.

In order for the user to access the documentation less and the system setup to be intuitive, the System > Settings section converted the parameter names and added tooltips with their description. For a more flexible and quick configuration setup, its main parameters have been updated and collected by functional group.

Starting with Solar webProxy 3.7, users can configure automatic sending of email notifications when an anti-virus scan is triggered. This allows the administrator to quickly check the source of malicious activity and take appropriate measures.

2021

Solar webProxy 3.6 with reverse proxy function

On April 20, 2021, Rostelecom-Solar released an updated version of the Solar webProxy 3.6 web security gateway. The update has gained the functionality of a reverse proxy server (Reverse Proxy), which allows you to check the outgoing traffic of the company and block files with confidential information when you try to upload them to the Internet. In addition, the system was supplemented with an updated categorizer of web resources developed by Rostelecom-Solar.

The updated functionality of Reverse Proxy is designed, along with the capabilities of DLP systems, to provide additional protection for companies from leaks of confidential documents and files over the Internet. Files with confidential information are checked and blocked by keywords and file attributes when trying to upload them from the outside from internal resources published through Solar webProxy. At the same time, the content filtering policy for forward and reverse mode is common and does not require additional settings.

A fairly common scenario is when a user, being in the perimeter of a company, draws up and saves a draft of a letter with confidential information in corporate mail. And then from home he connects to mail through a web browser, downloads this draft to his home computer and uses it at his discretion. This scenario is not controlled by standard DLP systems capabilities. To solve this problem, we implemented in this version of Solar webProxy 3.6 a mechanism that allows you to control data downloaded remotely and, if necessary, transfer this information to the DLP system for analysis, "said Peter Kutsenko, analyst engineer at Solar webProxy.

In order to gain independence from external data sources, the developers created their own categorizer of web resources "Rostelecom-Solar" for this version. Thanks to this, customers of the web security gateway will be able to use quickly replenished and updated databases of categorization of Internet sites.

In addition, a number of improvements have been made to the Solar webProxy interface in order to improve user experience with the system. In particular, in all query logs in the statistics section, it became possible to filter by the mode of operation of the proxy server - direct or reverse. All traffic passing in reverse mode received the corresponding marking, which is displayed both in the request logs in the statistics section and on the system desktop. In addition, the filter node query log has been supplemented with an additional filter that allows you to build reports on the IP address of the destination server.

Inclusion in GISP

The Ministry of Industry and Trade of the Russian Federation on the basis of the State Information System of Industry (GISP) has compiled a list of solutions that are recommended for use by the authorities and commercial enterprises of Russia to organize remote work processes. In the Information Security category, it also includes the Solar webProxy web security gateway. The developer announced this on February 9, 2021. Read more here.

Solar webProxy 3.5 output with access delimitation role model

On January 19, 2021, the company Rostelecom-Solar"," a national provider service and technology company, cyber security announced the release of an updated version of access control systems employees and applications to web resources and protection against web traffic malware Solar advertizing webProxy 3.5. The update introduced a role model for granting users access to certain sections and, the to data ability to export statistics from widgets and tables in editable formats, as well as optimized automation of data presentation by user groups.

According to the company, the key change to Solar webProxy 3.5 is the ability to flexibly configure, group and restrict the access rights of system users to its objects: sections, data of individual employees or groups. In the "Users" section, a corresponding panel appeared in which you can change, block and delete accounts.

To access the data, you must add a list of employees or groups to the role card for which the role owner can obtain information. Thus, he will only have access to data on those people or groups that allow him to get his role.

The user can find information about the objects available to him through the search bar of the system.

In earlier versions of Solar webProxy, the role model assumed restrictions on access rights to interface zones. If you have access, the user of the system can get any information about all employees and groups. The updated role model assumes more flexible rules for delimiting access, which will eliminate the provision of redundant information, while maintaining the confidentiality of certain data for various departments or employees, if necessary. explained by Petr Kutsenko, analyst engineer at Rostelecom-Solar

Unlike most web security gateways, Solar webProxy provides reporting with optimized visualization of web activity monitoring data. However, in previous versions of the product, information from the system could only be uploaded as non-editable reports. To extract individual data types, you had to copy them from the document manually. In Solar webProxy 3.5, Rostelecom-Solar specialists added the ability to flexibly export data from individual widgets and report tables in an editable format.

To further improve the reporting system, the Validation Type filter has been added to the Query Log to quickly determine which condition in the rule or exception triggered the security policy. For example, you can select by resource categories, destination resources, traffic limits, and so on. In addition, this function will allow the user to quickly generate a report on the reasons for blocking data by antivirus.

In terms of optimizing user experience, the developers of Solar webProxy 3.5 added statistics on the group of employees to the Dossier section: information about allowed and blocked requests, the volume of incoming and outgoing Internet traffic and other data. Displays information about the resources most frequently visited by employees and their categories, types of downloaded data, etc. Using filters, you can make a selection according to the necessary parameters. In previous versions, building such a report required going to another section, configuring analysis parameters, and loading the report. In the release, the automated presentation of information in the "Dossier" section saved the user from additional transitions in the system.

Also, for the convenience of Solar webProxy 3.5 users, specialists have optimized the licensing process for the built-in antivirus, Dr.Web which, starting with version 3.4, is included in the standard delivery as a fully functional module. Antivirus searches for and neutralizes threats in the company's Internet traffic via//over HTTP HTTPS FTP HTTP protocols. And if in the previous version it was possible to license the antivirus by entering the licensed base64 code or file by placing the key file on, then in the server latest update it became possible to configure and activate the antivirus by entering the license serial number.

2020

Solar webProxy 3.4 output with integrated antivirus protection module

The national provider of services and technologies of cybersecurity "Rostelecom-Solar" on November 3, 2020 announced the release of the next version of the web security gateway Solar webProxy 3.4 with an integrated antivirus protection module. The supplier of the module was the Russian manufacturer Dr.Web. Within the framework of this project, the companies entered into an agreement on technological cooperation.

Previous versions of the web security gateway provided for its use in conjunction with antivirus installed in the company. However, such an implementation was not always convenient, since it required separate licenses and technical support for web proxies and for antivirus. Now, in the standard supply of Solar webProxy, antivirus is included as a fully functional module.

The Dr. Web antivirus module as part of Solar webProxy 3.4 searches for and neutralizes threats in Internet the company's traffic via HTTP HTTPS the//FTP over HTTP protocols. Various types are searched, harmful ON access to compromised and potentially dangerous resources is limited, and the verification mechanism itself is optimized by using preview technology. The user has been notified about attempts to download a malicious page or about detection. virus

In addition to protecting against external attacks using malware, the antivirus module is able to analyze [data] transmitted to the Internet. The system monitors and checks user requests - attempts to connect to the web server and download various files to it. The data sent by web servers in response to user requests is also verified. To restrict access to unwanted websites, an automatically updated database is used that contains blacklists of sites divided into categories.

Our customers are faced with the task of providing timely and up-to-date protection in the face of constant improvement of the attack tools without "inflating" the budget; and we try to help them in this, - notes Olga Isaeva, leading business analyst at Solar webProxy of Rostelecom-Solar.

The technologies used in the solution include signature and heuristic analysis, as well as cloud-based threat detection technologies. In particular, the Dr.Web Cloud service allows you to quickly disseminate information about new threats and unwanted sites even before receiving the next update of virus databases.

The system also performs regular automatic updates of the antivirus kernel and the contents of virus databases to maintain a high level of security of servers, workstations and mobile devices of users when the latter are connected to the corporate network.

Starting with Solar webProxy 3.4, the antivirus module in the solution is delivered according to a single licensing scheme along with the core of the traffic filtering and access log storage system, content filtering policy, technical support and updates. The license is urgent, and restrictions on the number of users are also set.

Solar webProxy 3.3 output for banks with a pre-configured content filtering policy according to FinCERT requirements

Rostelecom-Solar On June 9, 2020, the company "" announced the release of the next version of the Solar webProxy 3.3 web security gateway, which implements a fully predefined content filtering Internet policy for. banks The policy ensures the protection of organizations in accordance with the requirements FinCERT Bank of Russia and a number of governing Federal Law, standards and regulations in the field of information security - financiallycredit institutions.

As part of the ready-made filtering policy for banks, automatic receipt of compromise indicators - file attributes harmful ON - from FinCERT bulletins is implemented. At a given frequency, Solar web Proxy accesses the Bank's Russia incident processing platform to search for newly received data on malicious resources and files. The attributes are uploaded to the system for use in the policy and automatically updated in existing rules.

An important task of the security services of Russian banks is to quickly configure the used protection tools according to the data of regular FinCERT reports. It is extremely difficult to carry out such work manually: since an effective response to cyber threats implies an operational update of security policies, setting up security tools with a delay will not give a result. Obviously, this problem can only be solved by automating the process that we implemented in the presented version of Solar webProxy. In addition, we supplemented the regulator's recommendations with our competencies in the development of content filtering policies. Our Solar JSOC Cyber Attack Monitoring and Response Center has a track record of working with financial industry companies to counter cyber attacks. Its expertise will allow our customers to respond more quickly to the most complete list of Internet threats and reduce the burden on security personnel, "explains Olga Isaeva, leading business analyst at Solar webProxy.

The rules and exceptions of the out-of-the-box filtering policy are only viewable, but the system administrator can create and exclude traffic filtering rules that will apply first. The update of the finished policy is performed automatically and does not affect the rules and exceptions previously formed by the administrator. Traffic filtering is carried out by analyzing the hash functions of files together with their size, as well as by blocking infected files by signatures in accordance with the Bank of Russia standards STO BR IBBS-1.3-2016, STO BR BFBO-1.5-2018, etc. It also checks the resources with which malware interacts. When requesting access to websites, the system checks them according to the categories recommended for blocking by credit and financial institutions according to the best industry practices. In particular, such categories include resources dedicated to the implementation of hacking and cracking, online fraud, the phishing use of anonymous proxies, servers espionage and, etc malware spam.

Also in Solar webProxy 3.3. several additional features have appeared. For example, in the form for creating a filtering policy rule, the "Files" field was created - in it you can specify a list of files to which this rule will apply. And in the system interface, in the "Directories" section, the developers added a subsection for storing file attributes.

A number of changes were made to the presented version to improve the ease of use of the system. In terms of improving the interface, functionality is implemented for convenient work with directories of resources, keywords, files and more. In addition to searching by directory names, search is now available by their contents, sorting internal tables. In addition, in this version, directories are displayed page by page in the system interface: previously, to view them, you had to download a separate file. Also, the configuration of blocking the resource was improved, for which you no longer need to specify the port number in the URL.

At the request of the solution users, manual control of data updating was implemented in the "Statistics," "Desktop" and "Monitoring" sections. You can manually select the update period from 5 seconds to 1 day, and, if necessary, turn off the update. And the LDAPs protocol support mechanism, in addition to LDAP, allows Active Directory to synchronize with external data sources on both protocols.

Solar webProxy 3.2 output with automatic propagation of filtering policy

On March 17, 2020, Rostelecom-Solar announced the release of the next version of the Solar webProxy 3.2 web security gateway. Key changes include centralized automatic distribution of filtering policies, checking that an employee's workstation has a certificate to open HTTPS, and reports on application usage on the corporate network.

Solar webProxy 3.2 users have the opportunity to purchase a product license along with a subscription to a distributed filtering policy. When you download a license, you can now automatically download and apply the filter policy to the master node, and then propagate it to the filtering nodes. Policy updates are checked and downloaded automatically. The policy being distributed is viewable only. At the same time, the user still has the opportunity to add his own exceptions and filtering rules to such a policy.

Previous versions of the system did not contain a built-in web filtering policy: it had to be created either by the users themselves or by our technical specialists at the stage of implementing the system at the customer. Accordingly, users who fell under the requirements of the legislation governing access to the network Internet experienced great difficulties with self-writing policies. Now we offer the customer a ready-made set of rules and exceptions for filtering web traffic, which we constantly update, test and automatically supply, - notes Olga Isaeva, leading business analyst at Solar webProxy

The functionality of transparent decoding of HTTPS traffic has been supplemented by the option of checking that employees have a certificate on their workstations to open HTTPS. In the absence of such a certificate or a certificate error, Solar webProxy 3.2 redirects the user to a page with instructions for downloading and installing it. It is worth noting that the instructions are as simple and convenient as possible for installation and use on the most famous. OS This feature is especially required if the company has non-domain workstations on which it is impossible to centrally install a certificate from the Web Security Gateway console. This option is available only for. domain PERSONAL COMPUTER Previously, the administrator had to install the certificate manually on each non-domain computer, which significantly slowed down the process and increased the risk of incorrect installation of the certificate. There are non-domain workstations in all organizations: depending on the maturity of the company's infrastructure, their number ranges from 5% to 50% of the entire fleet.

In the next version, it also became possible to build reports on running applications on user workstations. Previously, it was possible to limit the use of certain applications on the corporate network using a filtering policy. Now that this functionality has been supplemented with analytical tools, information security service specialists can track the presence of unaccounted software in the company, for example, third-party (unincorporated) instant messengers or clients for remote access. This allows you to take control of such employee activities and make these applications part of a legitimate business process. Or limit their use in the corporate network.

Significant improvements were made in the direction of linking unauthenticated traffic to employees. Now applications that have a network access rule configured without authentications will be automatically linked to employees who access the Internet through an account from the same IP address. In previous versions of the system, when accessing without authentication, traffic was not tied to the user, but belonged to the unauthenticated category, while mixing with the same traffic of other subscribers.

In general, the changes improve the user experience and improve the convenience and ease of use of the system. Thus, the "Check result" field was added to the request log, which allows the information security specialist to quickly see the reason for blocking the user (resource category, keywords, data types, etc.). Previously, this information could only be found in the "Policy" section in the general data flow for all requests being processed.

In addition, in the full person card in the "Dossier" section, the "Log" tab appeared, which displays detailed information about the latest requests of the employee. Using filters by period, resource, request type, server response codes, and resource categories, you can quickly find the requests you want. In previous versions, the query log was located only in the Reports section of the general list for all employees.

Also, to improve the ease of administration, the HAProxy traffic balancing service was added to the Solar webPoroxy 3.2 distribution, which was previously installed only separately in manual mode.

2019

The company Rostelecom-Solar"," a national provider of technologies and services, cyber security announced in August 2019 the launch on the Russian market of a new product Solar webProxy, belonging to the class of SWG solutions (Secure Web Gateway). With its help, companies will be able to control the access of users and applications to web resources, protect themselves from intrusive ads in incoming web traffic, which may contain malware or imperceptibly collect user data.

The main advantages of the new Solar webProxy product are an advanced analytical reporting system, vertical and horizontal scaling of the solution, which makes it easy to increase its performance. In addition, Solar webProxy can transparently decrypt HTTPS traffic, allowing it to be scanned not only using antiviruses, like most SWG solutions, but also by keywords through its own policy. The maximum ergonomics of the interface and bright design are designed to help users quickly and easily master the system.

"The launch of Solar webProxy in the Russian market follows the global trend of the dynamic development of the Secure Web Gateway solutions market. Solar webProxy has potential, and we believe that in the future this system can become a leader in its class. Among the key advantages of the solution are high performance, fault tolerance, scalability, flexible reporting system and close integration with Solar Dozor, one of the most popular DLP systems on the Russian market, "commented Krokhin Valentin, director of marketing and product development and services at Rostelecom-Solar.

The product provides tools for the analytical reporting system. The main page of the Statistics section is divided into three parts: the Report Types section for building reports by templates, the Saved Reports section with the display of reports previously generated by the user and the ability to group them by folders, as well as the Recommended Reports section with pre-installed reports ready for use. When building reports on templates, the user must independently set the list of employees, resource categories, reporting period and other metrics. The Recommended Reports section allows you to quickly generate the most common reports without additional settings.

Visualization makes it easy and convenient to work with reports. They are interactive - they can be dynamically rebuilt by changing the time range directly on the graphs. You can also quickly navigate to more detailed information (drill down), up to log entries of visits to web resources, transition to a specific web resource or employee card. Custom reports are customized by parameter set. They can be shared with other users of the system with appropriate access rights.

The Desktop interface section contains various analytical slices on the actions of employees on the Internet. It also displays the load information on each node of the system, collected by the unique IP addresses of the workstations. The data includes information about IP addresses, full names, number of requests and traffic volume.

Information about the visited resources and their categories, allowed and blocked requests, triggered security policies and the amount of traffic consumed can be found in the employee's card in the "Dossier" section. All data is sorted by the number of requests to certain resources, the volume of incoming and outgoing traffic.

Other advantages of the gateway include the integration of Solar webProxy and the DLP system Solar Dozor, which helps to identify leaks of confidential information, even if it is transmitted in encrypted form. The new product also supports WCCP and PROXY protocols to evenly distribute the load between filters.