Information Security

INFORMATION SECURITY

1.1 Main tasks of information security systems competence center1 Information Security Systems (ISS) Competence Center

CONTENTS

3

30

2 Our services 7

4

2.1 Information security audit and consulting2.2 Implementation of management systems based on ISO/IEC 27001:20052.3 Development of regulatory and organizational-administrative documentation2.4 Ensuring business continuity based on BS 25999/ISO 223012.5 Personal data protection2.6 Consulting of organizations on preparations concerning licensing procedures2.7 Organization of certification and attestation procedures for informatization facilities, special studies and special checks of equipment2.8 Industrial control systems security2.9 Service Center for Information Security Systems

91316182123

242629

3 Our Solutions

4 Our partners 49

3.1 Network security and VPN solutions 3.2 Data leak prevention3.3 Traffic control and filtering3.4 Security Operation Center (SOC)3.5 Identity and Access Management (IAM)3.6 DDoS detection and countering

313638414446

INFORMATION SECURITY SYSTEMS COMPETENCE CENTER

SERV

ICES

SOLUTIONSPART

NER

S

INFO

RMAT

ION

SEC

URI

TY S

YSTE

MS

(ISS)

CO

MPE

TEN

CE C

ENTE

R 1

3

www.lanit.ru

LANIT SPECIALISTS WILL HELP YOU TO EVALUATE THE FUNCTIONALITIES OF

HARDWARE AND SOFTWARE FROM LEADING GLOBAL MANUFACTURERS AND

TO DETERMINE THE RIGHT-SIZING FOR IMPLEMENTATION OF INTEGRATED

INFORMATION SECURITY SYSTEMS.

In a modern company, information system

constitutes an integral part of the business. It

always has unique features reflected in the

company's IT infrastructure. Approbation of

implementation or update of the proposed

solutions usually calls for presence of test

zones in the information system or

realization of pilot projects on separate

technological sites of business partners. To

solve the above mentioned tasks, the LANIT

Competence Center has been created.

LANIT Competence Center concentrates

highly-skilled specialists and provides a

secure site for verification of the selected

solutions and technologies. Our specialists

have professional certificates and significant

expertise in solving information security

tasks of any class. In the lab of the

Competence Center, we have deployed

solutions of our partners in the sphere of

information security: Cisco Systems, Juniper

Networks, ArcSight, Stonesoft, Symantec,

EMC, HP, IBM, Websense, Blue Coat,

Kaspersky Lab, Oracle, S-terra, Infotecs,

Positive Technologies, Imperva, Radware,

SafeLine, etc.

3INFORMATION SECURITY

informationsecurity systems [ISS] competence center

1.1 MAIN TASKS OF INFORMATION SECURITY SYSTEMS COMPETENCE CENTER

WE SOLVE THE FOLLOWING TASKS WHILE PROVIDING TECHNICAL SUPPORT TO USERSOF IT EQUIPMENT AND SOLUTIONS:

Optimizing the customer’scurrent infrastructure using

state-of-the-art technologies

Providing assistancein the selection

of engineering solutions

Testing the selected solutionsand approbation of the

optimal implementation schemesduring implementation stage

Development and testingnew solutions from leading

global manufacturers

Main tasksof ISS Competence Center

BENEFITS FOR CUSTOMERS

Saving costs and resources while implementing business tasks

Capability for testing solutions without the need to buy demo equipment

Capability for involving specialists experienced in the implementation of several solutions in a particular field

Cutting the Customer’s expenditures on scaling of the current solution or purchasing of a new one

No need to construct or allocate a test zone in the Customer’s own information system

INFORMATION SECURITY 5

INFO

RMAT

ION

SEC

URI

TY S

YSTE

MS

(ISS)

CO

MPE

TEN

CE C

ENTE

R

6


SERV

ICES

2Audit and consulting in the field of infor-mation security

Implementation of management systems based on ISO/IEC 27001:2005

Development of regulatory, organizational and administrative documentation

Ensuring business continuity based onBS 25999/ISO 22301

Protection of Personally Identifiable Information (PII)

Consulting for organizations preparingto licensing procedures

Organizing certification and attestation procedures for IT Systems, specialized studies and checks of hardware platforms

Industrial Control Systems Security

LANIT, with its staff of highly-skilled profession-

als, closely follows all changes on the contem-

porary market of information security products

and offers its Customers only the most efficient

and reliable information security solutions.

We provide comprehensive support to those

choosing the proper information security prod-

ucts. We offer simulation of the required operat-

ing conditions for security products and test the

critical parameters of the systems used, which

allows selecting the optimal solutions for

individual Customers.

Our experts will select the solution you need

with the best price/quality ratio and will check

the operational reliability and convenience of

the selected solution using real infrastructure.

SERVICES PROVIDED BY LANIT IN THE INFOR-MATION SECURITY SPHERE:

7

www.lanit.ru

LANIT HAS UNIQUE EXPERTISE IN

IMPORTING, DISTRIBUTION AND TECH-

NICAL MAINTENANCE OF FOREIGN-

MADE ENCRYPTION TOOLS IN RUSSIA.

LANIT EXECUTES ALL OF THE NECES-

SARY AUTHORIZATION DOCUMENTS

FOR IMPORT OF ENCRYPTION TOOLS

IN THE CUSTOMER’S INTERESTS. THIS

SERVICE IS POPULAR WITH THE RUS-

SIAN COMPANIES WHICH NEED TO

ORGANIZE EXCHANGE OF CONFIDEN-

TIAL INFORMATION WITH FOREIGN

SUBDIVISIONS.

Offering its services for creation of information

security systems, LANIT is ready to provide a full

range of project implementation process steps:

we will supply information security software

and hardware, provide commissioning and

setup as well as technical support of the System.

In this process we prefer the manufacturers

whose solutions fully meet not only the techni-

cal requirements, but also conform to the

economic efficiency parameters. With our

skilled personnel and powerful technical

resources, LANIT offers assembly and debug-

ging of the information security system compo-

nents according to the detailed design docu-

mentation developed, and then provides the

Customer with an operational information

security system based on the results of the

acceptance tests program.

8


LANIT’s fundamental approach to the organiza-

tion of consulting services in the field of

information security provides for active involve-

ment of specialists from the Customer’s

business divisions in the processes of audit,

identity the assets within scope of the ISMS,

analyse and evaluate the risk and other types of

Information Security activities. As information

security processes are implemented to gain

benefit to the business, the decisive role in the

preparation and decision-making in various

security aspects should be played by owners of

the Customer's capital assets. To form such a

team and prepare it for effective activity, LANIT

provides the necessary methodological assist-

ance and respective training for specialists.

2.1 INFORMATION SECURITY AUDIT AND CONSULTING

BENEFITS FOR CUSTOMERS

SERV

ICES

Transparency of investments and substantiation of the budget allocated for information security (IS)

Efficient IS development strategy

Seamless integration of IS mechanisms with the Customer’s information system

Business resistance to information system threats

Unique methodologies LANIT uses in IS projects offer efficient allocation of the available resources and let us achieve the required result within the shortest time

Improved reputation and trust of business partners

Information security audit aims at evaluating

the efficiency of the information security meth-

ods and techniques applied by the Customer

and checking compliance with the require-

ments established in the internal organizational

and administrative documents on information

security issues.

The audit is a comprehensive inspection allow-

ing to evaluate the current level of information

security in the organization and to plan subse-

quent steps aimed at improvement the security

level. The audit may be conducted both for the

company in general and for specific critical

information systems or business processes.

THE FOLLOWING WORKS ARE CARRIED OUT AND TASKS ARE SOLVED DURING THE AUDIT:

1 COLLECTION AND ANALYSIS OF INITIAL DATA ABOUT THE CUSTOMER’S INFORMATION SYSTEMS:

Compiling a list of the Customer’s functional subsystems (and information systems), determining their structure and boundaries

Determining the Customer’s current information flows

Determining the content of the protected information processed in the existing information systems

Determining the information security meas-ures and techniques applied

Analyzing the current organizational and administrative documents on information security issues (by-laws, policies, proce-dures, regulations, job descriptions, etc.)

Evaluating compliance with the require-ments set forth in the internal organiza-tional and administrative documents on information security issues

Developing a report based on the results of the inspection, including recommendations on enhancing the efficiency of the methods used

ANALYSIS OF THE CUSTOMER’S RESOURCE SECURITY AND DEFINITION OF THE MAIN PRINCIPLES OF INFORMATION SECURITY:

Audit of information systems protection from various information security threats

Analyzing the possible scenarios for materi-alization of potential threats associated with the actions of both internal and external violators

Analyzing the efficiency of the information security products currently in use

RISK ASSESSMENT:

Developing the risk assessment methodo-logy that is suited to the ISMS

Develop criteria for accepting risk and identify the acceptable levels of risk

Determining the acceptable level of information risks

Developing recommendations for the treatment of risk

2

3

10


PREPARATION OF REPORT ON THE INFOR- MATION SECURITY AUDIT, INCLUDING THE FOLLOWING MAIN PROVISIONS:

Description (characteristics) of the security facilities, including technological and business parameters, preparation of the list of applicable organizational and administra-tive documents on information security and the procedures for their implementation

Evaluation of the current information security level within the scope of the audit, including analysis of the efficiency of the information security measures applied

Recommendations in case improvement of information security

2.1.1 ACTIVE INFORMATION SECURITY AUDIT

To obtain an objective evaluation of security

condition in both the Company's overall

information system and its specific nodes and

applications, and to control Compliance with

the standards, the Company should conduct

regular systemic checks (Audit) using various

penetration testing (Pentest) mechanisms in

the existing information system.

Active information security audit is usually

conducted within the scope of General IS Audit

at the stage of technical analysis of the

Customer’s IT infrastructure security. The results

of active IS audit allow identification of vulner-

abilities in the information system components

which could be used by intruders to organize

attacks on the Customer's IT infrastructure.

The Customer’s IT infrastructure security audit is

conducted by using two mechanisms: scanning

vulnerabilities of the internal network using a

network scanner and auditing the Customer’s

network services accessible from the Internet.

During the Customer’s IT infrastructure security

audit specialized software products are used,

i.e. security scanners.

PROCEDURE OF WORKS:

Based on the information received about the

facilities subject to vulnerability scanning

process, a scanning schedule is prepared and

the list of technical methods to be used for

analyzing the Customer’s IT infrastructure is

defined:

Penetration testing allows to evaluate security from the intruder’s viewpoint using specialized current bases and intelligent vulnerability search mechanisms which are as close to real-time intruders as possible.

Database security analysis allows obtain-ing an adequate evaluation of security for all of the popular database management systems (DBMS), including Microsoft SQL Server, MySQL, Oracle, etc. All of the possi-ble DBMS security aspects are evaluated,

4

1

SERV

ICES

12

2

3

4

5

including unauthorized escalation of DB user privileges, installation of false updates, mechanisms for controlling access isolation inside the DB, etc.

Web application security analysis allows detecting vulnerabilities in web application development, which can result in materiali-zation of various threat types, including SQL injection, Cross-Site Scripting, etc.

System checks use the mechanism of deep inspection of the most common operating systems, such as Windows, Linux and Unix, as well as client applications installed on the above, which are unavailable for evaluation in the penetration testing mode

Network scanner allows detecting all of the network nodes, open ports, operating systems and server applications with maxi-mum operational efficiency.

Scanning the network perimeter according to the established policies and the schedule.

Expert reviews of technical scanning results.

Analysis of the information received, deter-mining the possible vulnerabilities.

Developing recommendations on remedia-tion of the faults detected.

Based on the information obtained, the Custo-

mer will receive methodological guidelines and

recommendations on the localization, elimina-

tion and control of the vulnerabilities detected,

as well as the development or update of its

organizational-administrative documentation.

The recommendations concern both the use of

the current products for protection of confiden-

tial information at the Customer's disposal and

the implementation of additional products.

THE WORK RESULTS IN RECEIVING OBJECTIVE DATA ON THE TECHNICAL SECURITY

LEVEL OF THE ANALYZED INFORMATION SYSTEMS, AS WELL AS ON THE

VULNERABILITIES, BREACHES AND DEFECTS DETECTED IN THE SECURITY OF THE

CUSTOMER'S IT INFRASTRUCTURE RESOURCES. THE DATA OBTAINED WILL ALLOW

TO FORMULATE THE LEVELS OF RISKS DETECTED AND TO DETERMINE THE MOST

JUSTIFIED SECURITY MEASURES FOR THE ABOVE.


SERV

ICES

2.2 IMPLEMENTATION THE MANAGEMENT SYSTEM BASED ON ISO/IEC 27001:2005

As a certified partner of the British Standards Institution (BSI), which develops international IS

management standards, including ISO/IEC 27001:2005, LANIT provides services involving

establishment of information security management systems and their preparation to

certification audit. A BSI certificate obtained by a company not only serves as recognition of its

high level of Information Security organization, but, other terms being equal, constitutes an

undeniable competitive advantage over other companies, especially taking into account the

present-day steady growth of security threats.

An organization’s Information Security

Management System (ISMS) is based on the

international standard ISO/IEC 27001:2005.

While constructing its ISMS, an organization

can clearly determine how the Information

Security processes and subsystems are inter-

related in the company, who is responsible for

them, what labor and financial resources are

required for their efficient implementation and

operating, etc.

The main purpose the project of Implementa-tion ISMS constitutes the formation and ongo-ing maintenance of the conditions in the Company where the risks associated with infor-mation assets security are continually control-led and are at the acceptable level of residual risk. In this case, the information assets security is evaluated based on the degree of confidenti-ality, integrity and accessibility of the informa-tion required to implement the primary and the supporting business processes in the Company.

14

THIS AIM IS ACHIEVED BY SOLVING THE FOLLOWING TASKS:

Detecting the key business process which becomes the basis for ISMS activity in the Company

Detecting and classifying the Company's information assets

Implementing the information security management and assurance processes

Implemented the processes for analysis, assessment and handling of information security risks

Determining and documenting the main information security requirements and procedures

Evaluating the current administrative meas-ures, technical and physical information security products implemented in the Company

Preparing the main organizational-admi-nistrative documents taking into account the requirements of ISO/IEC 27001:2005

Implementing training and awareness programs

Compiling recommendations and determin-ing subsequent measures on monitoring, analysis and maintain and improve the implemented ISMS processes in the Company according to the requirements set forth in ISO/IEC 27001:2005

Optimization of information security costs

LANIT PROVIDES FULL RANGE OF CONSULTING SERVICES CONCERNING THE

FORMATION OF AN ORGANIZATION’S INFORMATION SECURITY MANAGEMENT

SYSTEM, FROM AN IN-DEPTH INVESTIGATION OF THE ORGANIZATION WITH

REGARD TO INFORMATION SECURITY TO CERTIFICATION IN THE SYSTEM OF THE

BRITISH STANDARDS INSTITUTION (BSI) OR ANOTHER COMPETENT

ORGANIZATION.


SERV

ICES

WHILE CREATING AN EFFICIENT SECURITY SYSTEM, SPECIAL ATTENTION IS PAID

TO INTEGRATED APPROACH CONCERNING INFORMATION SECURITY MANAGE-

MENT. THAT IS WHY MANAGEMENT ELEMENTS ARE NOT LIMITED SOLELY TO TECH-

NICAL OR SOFTWARE SECURITY PRODUCTS. THE EMPHASIS IS PLACED ON

ORGANIZATIONAL PROCEDURES AND PROCESSES AS WELL AS THE OVERALL

MANAGEMENT SYSTEM OF THE ORGANIZATION.

To build an integrated ISMS in a Company, attention should be paid to the most critical requirements to the information security management system listed in ISO/IEC 27000:2005:

Availability of a documented Information Security Policy

Control and monitoring of the possible breaches of the Information Security Policy

Compliance with documents and standards (providing compliance with the international and the internal guidelines and standards)

Providing information security during interaction with external parties

Identification and classification of the Company’s assets

Planning business continuity (providing protection of critical business processes from failures and disruptions)

Controlling access to information resources and services provided

Development and support of system and application software (providing information security functions in operating systems and applications)

Controlling user compliance with the rules set forth in the Information Security Policy

Infrastructure management (reducing the risk of system failures, preventing damage to network equipment, control over confi-dentiality, integrity and accuracy of informa-tion during its transmission)

16

WITH ITS VAST EXPERTISE IN DEVELOPMENT OF THE ABOVE MENTIONED DOCU-

MENTATION, LANIT IS READY TO OFFER THE SERVICES OF EXPERIENCED

SPECIALISTS WHO WILL DEVELOP ORGANIZATIONAL-ADMINISTRATIVE DOCU-

MENTS, INCLUDING POLICIES ON SPECIFIC AREAS OF ACTIVITY, PROCEDURES,

REGULATIONS AND INSTRUCTIONS WHICH, AS A WHOLE, CONSTITUTE A PACKAGE

OF DOCUMENTS FOR THE INFORMATION PROTECTION SYSTEM. LANIT PROVIDES

CONSULTING SERVICES INVOLVING DEVELOPMENT OF DOCUMENTATION FOR

VARIOUS CUSTOMER NEEDS, INCLUDING PREPARATION TO CERTIFICATION AND

LICENSING PROCEDURES.

During its lifecycle, the Information Security System (ISS) undergoes material changes, developing with time, which requires ongoing

improvement of the organizational-admini-strative and regulatory documents.

The documents are prepared according to the requirements set forth in the international standards on IS management and the guideline

documents provided by the Federal Service for Technical and Export Control of Russia and other regulators in the information security field.

2.3 DEVELOPMENT OF REGULATORY AND ORGANIZATIONAL- ADMINISTRATIVE DOCUMENTATION


SERV

ICES

IS Conceptof Organization

IS Policy of Organization

Individual IS policies

Procedures, regulations

Instructions

Development of regulatory andorganizational-administrative documentation

2.3.1 INFORMATION SECURITY CONCEPT OF THE ORGANIZATION

Development of an organization’s Information

Security Concept as a systematic description of

the information security goals and objectives,

the main principles of IS system architecture,

the organizational, technological and proce-

dural aspects of information security assurance

in the organization’s information and computer

system.

2.3.2 INFORMATION SECURITY POLICY OF THE ORGANIZATION

Development of organization’s Information

Security Policy as a top-level document decla-

ring the main principles of the approach to

Information Security Management System.

2.3.3 INDIVIDUAL INFORMATION SECURITY POLICIES, PROCEDURES, AND INTERACTION REGULATIONS

Development of individual policies and other

documents of level 2 and lower, with a detailed

description of the information security methods

and techniques, down to instructions for

administrators and users of specific applica-

tions.

IS ConceptIS Conceptof Organizationof Organization

IS Policy of OrganizationIS Policy of Organization

Individual IS policiesIndividual IS policies

Procedures, regulationsProcedures, regulations

InstructionsInstructions

Ensuring continuity of key business processes which directly affect the company’s ability to produce profit constitutes the most important task of any enterprise. Operational faults cannot be avoided, including in case of natural and technogenic disasters.

To reduce the consequences of such faults to a minimum and to minimize the risk of such faults in information systems, various recommenda-tions and methodologies have been developed. The British Standards Institution (BSI) has consolidated the best global recommendations into a single code of practices (Best Practice) in international standard ISO 22301.

Business continuity management constitutes a process closely connected to the company’s primary business, in the course of which the strategic and operational system is formed according to the company’s goals aimed at:

Ongoing improvement of the organization’s capability for restoration of its primary activity

Providing the Company with capabilities for risk management with regard to continuity of the main business processes and protec-tion of the organization’s reputation

Providing a practiced method for restora-tion of the organization’s capability to manufacture its main products or provide primary services

BENEFITS FROM IMPLEMENTATION OF AN EFFICIENT BUSINESS CONTINUITY MANAGE-MENT PROGRAM IN THE COMPANY:

Ability to promptly determine the impact caused by disruptions in the normal course of operations

Ability to manage risks

A system for effective response to disrup-tions in the normal course of operation which enables to minimize the impact of such disruptions

2.4 ENSURING BUSINESS CONTINUITY BASED ON BS 25999/ISO 22301

18

Ongoing process improvementBusiness Continuity Management System

Interested parties

Managed businesscontinuity ВСМ

Establishment –

PLAN

Maintainand

improve –

ACT

Monitoringand review–

CHECK

Implemen-tation –

DO

Ability to take reliable incident response measures due to drills

Improvement of reputation and acquiring a competitive advantage due to the tested capability to ensure ongoing supply

The Standard introduces the notion of Business Continuity Management System (BCMS). BCMS allows organizing, controlling and improving the overall business continuity management process in the Company.

Within the scope of projects on building and implementation of a business continuity system based on BS 25999/ISO 22301, LANIT offers the following services:

Designing fail-safe IT infrastructure functioning schemes and testing theme within the framework of pilot projects

Implementation of fail-safe IT infrastructure functioning schemes

Development of regulatory documentation for switching to backup capacity in case of failures in operation of IT infrastructure

Testing the mechanism for switching to backup IT infrastructure capacity in terms of continuity of business processes

Formalizing the process ensuring continuity of IT infrastructure operation and imple-menting the process system for Business Continuity Management (BCM) aimed at protecting the designated key business processes in the Company from unexpected emergencies

Implementation of BCMin the organizational culture

Interested parties

BCM requirementsand expectations

Understan- ding of the organization’sbusiness

Managementof BCM program

Trainings, program update and monitoring

Establishin- gand imple-

menting the BCM response system

Develop-mentof BCM strategy

Business Continuity lifecycle and PDCA cycle


SERV

ICES

Within the framework of the project for imple-mentation of business continuity management systems, the following tasks are solved:

Analyzing the impact of emergencies on the Company’s key business processes (Business Impact Analysis – BIA)Developing a strategy for continuity of business and IT services

Developing variants for protection of the Company’s information system from emer-gencies and approving the budget of a dedicated disaster-proof solution

Developing incident management plans, Business Continuity Plans, and Disaster Recovery Plans

A formalized method for determining the impact of any disruption in the ordinary course of activities ensuring manufacture of basic products and services in the organization

Realistic evaluations of the current recovery parameters (Recovery Time Objective - RTO, Recovery Point Objective - RPO) for specific subsystems, infrastructure elements and for the Customer’s inspected infrastructure in general

Identified risks associated with the architecture, implementation peculiarities and practical operation of infrastructure and services which support the key business processes and services of the Company

Documented engineering solutions and organizational procedures in the form of a structured Emergency Recovery Plan which provides evaluation of an emer-gency, its correlation with a certain scenario defined in the above Plan, making decisions on activation of the Plan, control and chronometry of the emergency recovery procedures

A ready Testing Program for business continuity management

Identified capabilities for improving the current IT service continuity solutions (quick wins)

Recommendations on the procedures, terms and man-hours required for training the personnel participating in the processes of implementation of the business continuity management system for the Customer’s organization in general

DUE TO THE ABOVEMENTIONED PROJECTS, THE CUSTOMER ACQUIRES:

20

SERV

ICES


2.5 PERSONAL DATA PROTECTIONLANIT offers a full range of services to provide compliance with the Requirements of Federal Law of the Russian Federation №152-FZ "On personal data" as of July 27, 2006, which sets forth the main requirements to personal data processing and security procedures.

Below are the key stages of works carried out by LANIT specialists while creating a personal data protection system and bringing the Customer's personal data information systems into compli-ance with the requirements of Federal Law №152-FZ "On personal data:"

Stage 1 Audit of Personal Data (PD) handling processes and IT infrastructure:

Collection and analysis of source data Separation of PD information flowsCategorization of PDDetermining the employees involved in PD processingDetecting Personal Data Information Systems (PDIS) Separation of documents regulating PD processing in the CompanyDetermining the current PD protection mechanisms

Stage 2 Analysis of the information collected and preparation of reporting documentation:

Agreement with the Customer upon PDIS composition, structure and classesDevelopment of the Threat Model, classifi-cation acts, and PDIS DescriptionPreparing a report based on the inspection conducted at the Customer’s facilities

Stage 3 Development of organizational-administrative documents to ensure PD security.

Stage 4 Creation of the PD protection system: selection of the optimal PDIS security products, development of the technical assignment, design assignment, etc.

Stage 5 Supply and startup of PD protection system (including commissioning works).

Stage 6 Preparation of PDIS to attestation (if necessary).

Preparation to checks by Federal Su- pervision Agency for Information Technologies and Communications (Roskomnadzor), Federal Service for Technical and Export Control (FSTEC), and Federal Security Service (FSS) of the Russian Federation, conducted with regard to personal data operators.

Stage 7

In addition to that, LANIT offers the services

involving urgent preparation of Customers to

checks of PD processing compliance with the

requirements of the Russian Federation perso-

nal data laws conducted by regulators. Within a

period from one to four weeks, LANIT will

inspect the Customer’s facilities, develop the

necessary organizational-administrative docu-

ments, provide instruction for users, and will be present during the site inspection by regulators to protect the Customer’s interests.

Following the implementation of a complete set of measures for creating the personal data protection system, LANIT will continue its coope-ration with the Customer providing full techni-cal support and consulting.

Inspecting the personal data handling processes and IT infrastructure

Preparing a report on inspection

PDIS preparation for attestation(if necessary)

PDIS attestation for compliance with the information security requirements(if necessary) or compliance evaluation

Preparation of the Customer to checksby Roskomnadzor, FSTEC, FSS conducted with regard to personal data operators

Stages of bringing the personal data information systems into compliance with the requirements of Federal Law № 152-FZ "On personal data"

Development of personal data security threat models for each PDIS and PDIS classification

Development of a set of organizational-admini-strative documents for PD processing and protection

Supply and setup of information security products

Creating a PD protection system

22

Support of the personal data protection system

SERV

ICES


LANIT PROVIDES CONSULTING SERVICES FOR PREPARATION OF THE REGULA-

TORY-PROCEDURAL AND ORGANIZATIONAL-ADMINISTRATIVE DOCUMENTATION

AND CHECKS COMPLIANCE WITH OTHER REQUIREMENTS TO THE LICENSE ESTAB-

LISHED BY INFORMATION SECURITY REGULATORS BASED ON THE LICENSE’S

RESPECTIVE TYPES OF ACTIVITY.

2.6 CONSULTING OF ORGANIZATIONS ON PREPARATIONS CONCERNING LICENSING PROCEDURES According to the Russian laws, certain types of activities require that the company should have the appropriate license.

A license from the FSS of Russia has to be obtained for development, manufacture, tech-nical maintenance and distribution of encryp-tion (cryptographic) tools.

A license from the FSTEC of Russia has to be obtained for activities involving technical protection of confidential information.

LANIT provides the following services in the course of preparatory works for organizations seeking FSS and FSTEC licenses:

Preparation of regulatory-procedural and organizational-administrative documentation

required to pass the licensing proceduresPreliminary expert review of the documents prepared to check their compliance with the requirements set forth by the licensing authoritiesChecking compliance with the require-ments to a license applicant, based on its respective activity types, set forth by information security regulatorsPreparation of recommendations and taking steps aimed at prompt elimination of the detected non-conformities to the licens-ing requirements

LANIT provides services involving:

Certification tests of information security products for compliance with Guideline Documents of the FSTEC of Russia

Attestation tests of automated systems for compliance with the Guideline Documents of the FSTEC of Russia

Special lab tests and equipment checks

2.7.1 ATTESTATION OF INFORMATIZATION FACILITIES

Attestation of informatization facilities consti-

tutes a set of organizational and technical

measures which result in verification, by virtue

of a special Compliance Certificate, of the

facility’s compliance with the requirements set

forth in the information security standards or

other regulatory and technical documents

approved by FSTEC of Russia.

2.7 ORGANIZATION OF CERTIFICATION AND ATTESTATION PROCEDURES FOR INFORMATION INFRASTRUCTURE, SPECIAL STUDIES AND SPECIAL CHECKS OF EQUIPMENT

24

INFORMATIZATION FACILITY (IF) CONSTITUTES A SET OF INFORMATION

RESOURCES, INFORMATION PROCESSING EQUIPMENT AND SYSTEMS USED

ACCORDING TO THE SET INFORMATION TECHNOLOGY, INFORMATIZATION FACIL-

ITY UTILITIES, PREMISES OR FACILITIES (BUILDINGS, STRUCTURES, EQUIPMENT)

WHERE THE ABOVE ARE INSTALLED, OR PREMISES AND FACILITIES DESIGNATED

FOR CONFIDENTIAL NEGOTIATIONS.

An informatization facility with a valid Certifi-

cate of Compliance is entitled to process

information with the relevant confidentiality

level within the time period specified in the

Certificate of Compliance. Information facilities

processing information which constitutes state

secrets or confidential information are subject

to mandatory attestation.

Attestation provides for comprehensive check

(attestation tests) of the protected informatiza-

tion facility in real-time operating conditions

with a view to evaluating compliance of the set

of security measures and products currently in

use with the required information security level.

The procedure for informatization facility attes-

tation with regard to information security

requirements includes the following actions:

Preparation to attestation (if necessary)

Preliminary study of the facility subject to attestation

Tests of non-certified information security products and systems used at the facility subject to attestation (if necessary)

Developing a Program and Methodology of Attestation Tests

Conducting attestation tests

Execution, registration and issue of the Certificate of Compliance


SERV

ICES

Cyber security of industrial control systems (ICS)

is becoming critical for ensuring efficiency,

continuity and safety of the ICS operation.

Unauthorized access to ICS components,

network or data may result in serious financial

issues, loss of production, environmental

impacts or direct danger to human life.

Initially ICS were isolated, highly specialized

systems developed for individual customers.

With this approach in place, information

security risks had lowest priority. Now ICS are

adopting standard IT solutions such as Internet

Protocol and widely used operating systems to

promote connectivity with corporate business

systems. But still, most information security risks

remain unaddressed.

In most cases, ICS do not provide necessary

security mechanisms, such:

User, device and node authentication

Verification of correct use of communication protocols

Integrity of the information and control signals

Protection from unauthorized access to ICS nodes and communication channels

Integrity of ICS software and logic

2.8 INDUSTRIAL CONTROL SYSTEMS SECURITY

26

LANIT HAS NECESSARY SKILLS AND EXPIRIENCE TO IMPLEMENT WIDE RANGE OF

INFORMATION SECURITY SOLUTIONS. LANIT WILL HELP YOU TO CHOOSE

APPROPRIATE SOLUTIONS AND PROVIDE SEAMLESS INTEGRATION OF NECES-

SARY SECURITY CONTROLS INTO ICS.

For ICS that are already in-place security mecha-

nisms have to be integrated into the current

system as a separate hardware and software. For

the security measures to be efficient, the

company have to develop a set of internal

policies and instructions that determine proper

procedures for various security controls and

corresponding responsible personnel.

A wide range of engineering solutions, stand-

ards, protocols and technical approaches imple-

mented in various ICS makes it tremendously

difficult to develop universal information

security solutions. It also complicates integra-

tion of information security solutions into the

ICS without interruption of the production

cycle.

We use an integral approach to ICS security,

providing the information security controls and

solutions on every level of ICS architecture.

Security solution we use are integrated into a

unified ICS security operations center. Solutions

we are able to integrate into ICS include (but

not limited to):

Firewalls (FW)

Intrusion prevention systems (IPS)

Antivirus solutions and End-point protec-tion systems

Vulnerability management systems (VMS)

Security Information and Event Manage-ment (SIEM)

Virtual Private Networks (VPN)

Access Control Systems (ACS)


SERV

ICES

28

Due to significant consequences of ICS security

breach authorized parties including govern-

ment organizations have been developing

mandatory standards and requirements on ICS

security. LANIT will help you evaluate relevant

legal regulatory requirements on ICS security

and to implement them with maximal

efficiency.

ICS security controls

24-hour registration of any Cus- tomer queries with regard to the solutions supplied by LANIT's NID

Customer site visit services

Services involving replacement of the Customer’s equipment

Providing training to the Customer’s personnel (both in the RF and abroad)

Software updates

Software testing on the test bench in the Service Center

Development and testing of pilot projects

Additional set of services ("Extended Support") for solutions that are especially complex from the implementation and support viewpoint

SERV

ICES


2.9 SERVICE CENTER FOR INFORMATION SECURITY SYSTEMS The Service Center for Information Security Systems operates based on LANIT's Network Integration Department (NID). The main mission of the Service Center is to support major IT systems or the Customer’s IT systems critical from the security viewpoint, as well as IT systems that are especially complex from service maintenance viewpoint.

LANIT Service Center for Information Security Systems offers its Customers a set of services including technical support of software and hardware solutions within the effective period of warranty garanties of information system and component manufacturers, as well as based on separate service agreements.

MAIN BENEFITS RESULTING FROM WORKWITH THE SERVICE CENTER

FOR INFORMATION SECURITY SYSTEMS:

Network security and VPN solutions

Data leak prevention

Traffic control and filtering

Security Operation Center (SOC)

Identity and Access Management System (IAM)

DDoS detection and countering

LANIT OFFERS A WIDE RANGE OF INFORMATION SECURITY SOLUTIONS:

30

INFORMATION SECURITY 31SO

LUTI

ON

S

Solutions for perimeter security, i.e., the level

where the internal network comes into contact

with the external public networks, and for data

transmission channels are designated for any

small, medium and large business organization.

The above technology solutions are based on the

functional basic information security Solutions

such as firewalls, intrusion detection and preven-

tion Systems, and VPN concentrators.

Firewalling systems act as the first security frontier

and are installed on the network boundary. They

allow control of specific applications at a protocol

level, thus providing external information into the

internal network according to a predefined set of

rules. Such systems allow determining the correct

structure of incoming packets at application level,

which enables them to stop attacks on internal

resources.

3.1 NETWORK SECURITY AND VPN SOLUTIONS

THE ABOVE SECURITY PRODUCTS, PUT TO GOOD USE AND COMBINED WITH THE

VAST EXPERTISE OF LANIT SPECIALISTS IN THE FIELD OF NETWORK SECURITY,

GUARANTEE A HIGH LEVEL PROTECTION OF IT INFRASTRUCTURE FROM EXTERNAL

AND INTERNAL THREATS.

3

Intrusion Detection and Prevention Solutions

are designed to filter the network traffic and

protect the internal network, i.e., servers, network

equipment and users, from external attacks,

parasitic traffic, etc. Using a combination of

various counter measures against attacks, includ-

ing application signature and behavior analysis,

they provide the highest level of malicious activity

detection. Such systems are installed on commu-

nication channels and operate based on the

gateway principle – the information that passes

through them is "purified" and suitable for safe

use. Unlike demilitarized zone security systems,

which are designed mainly to withstand attacks

from public networks, the intrusion detection and

prevention systems are configured to fight specific

types of malicious activity critical for the organiza-

tion, including through the internal network, to

protect the databases and the most important

segments of the Company’s IT infrastructure.

Apart from classic firewalls and intrusion preven-

tion systems, the current threats call for the use of

specialized Web application and database security

systems. Such solutions enable to check traffic on

the highest possible level, which allows a more

accurate detection and termination of security

threats specific for the given traffic type.

SOLUTIONS OFFERED BY LANIT ALLOW DETECTING WHICH WEB APPLICATION USER

MADE THIS OR THAT ALTERATION TO THE DATABASE, THUS ENABLING MUTUAL COR-

RELATION OF EVENTS. IN ADDITION, THE ABOVE SOLUTIONS BRING THE WEB APPLI-

CATION AND DATABASE SECURITY LEVEL VIRTUALLY TO 100% DUE TO THE DYNAMIC

PROFILING TECHNIQUE, WHEN THE SECURITY SYSTEM FORMS A STRICT OPERA-

TIONAL PROFILE OF THE APPLICATION AND SUPPRESSES ANY SUBSEQUENT DEVIA-

TIONS FROM THE NORMAL OPERATING MODE. THEREFORE, EVEN THE APPLICATIONS

WHICH CANNOT BE OVERWRITTEN OR CORRECTED CAN BE SECURED.

32

Wireless Network Security Solutions are also

aimed at intrusion prevention and internal

network protection. An important peculiarity of

the above solutions is their objective of detecting

and suppressing the operation of unauthorized

access points - modems, laptops, etc. that consti-

tute a powerful information leak channel as they

are usually equipped with independent Internet

connections. As the coverage zone of wireless

access points often extends beyond the control-

led zone, cryptographic security methods should

be used to protect confidential information.

Organization of secure data transmission chan-

nels constitutes the basic objective of perimeter

security tools and is implemented by means of

Virtual Private Network (VPN) technology. In this

case, depending on objectives, various VPN

technologies can be applied. To implement a

secure branch data transmission network, IPSec

VPN is used, while SSL VPN is used to provide

remote access of employees to internal resources.

SSL VPN concentrator provides secure remote

access to the enterprise’s information resources

via the SSL VPN channels, which increases the

overall security level during operation through

open data transmission channels. The use of

national encryption algorithms provides

additional assurance in the integrity of the

information transmitted. The above solutions

operate through the user’s browser, providing

convenient and transparent work with the appli-

cations required by the user, without the need to

install special software on the workstation or

laptop.

TO IMPLEMENT VPN INFRASTRUCTURE, LANIT OFFERS ITS CUSTOMERS A WIDE

RANGE OF DATA ENCRYPTION SOLUTIONS USING BOTH RUSSIAN AND FOREIGN

CRYPTOALGORITHMS.


LUTI

ON

S

Centralized Perimeter Security Control System

provides the administrator with a single interface

for interaction with the security system. It enables

centralized collection of logs and security events,

input of incident data based on the above events

and control over the process of solving the above.

This system allows a material reduction in the

administration costs of overall infrastructure

security management.

LANIT CUSTOMERS ACQUIRE:

An integrated system for protection of internal infrastructure against external threats

Minimization of the probability for unauthorized access to the company’s information resources

Increasing customer trust level by creating a trusted data transmission environment both within and beyond the company

Providing the required accessibility level for internal resources combined with a high security level

Saving financial resources and reduction of administrative expenses to maintain the relevant security level

Increasing the overall efficiency of business processes due to high accessibility of resources and mobility of users

34


LUTIONS

Diagram of perimeter and communication channels security

36

Control of confidential information leaks is grow-

ing more complex year by year. Internal informa-

tion security policies do not limit the employees’

desire to share confidential information with work

colleagues, friends and employees from other

companies. The growth of information technolo-

gies contributes to the increase in the number of

information leak channels (email, ICQ, Skype,

Internet forums, etc.). To efficiently detect and

prevent leaks of confidential information, organi-

zations require DLP class solutions (Data Leak

Prevention).

The contemporary DLP systems allow detecting

and preventing data leaks via all technical chan-

nels, i.e., proxy servers, mail servers, messenger

channels (including Skype), network printers and

removable media.

The above mentioned solutions use two main technologies:

"Word form" technology which stipulates that

critical information messages and confidential

documents should be included in the data

bank system using either key words associated

with the business specifics or based on

passport data, contract numbers, words like

"confidential," etc.

FingerPrint technology allowing to create

digital fingerprints which enable quick identifi-

cation of critical data banks based on "visual

resemblance" principle. The technology allows

processing of any document types, including

graphical (drawings, images) and audio files

(music).

3.2 DATA LEAK PREVENTION

THE MAIN BENEFIT OF USING DLP CLASS SOLUTIONS BY LANIT’S CUSTOMERS IS THE

PREVENTION OF INFORMATION LEAKS WHICH OFTEN CAUSE DIRECT FINANCIAL

LOSSES. THE COMPANY MANAGEMENT CAN OBTAIN INFORMATION ABOUT THE

DATABASES EACH EMPLOYEE WORKS WITH. SUBSEQUENTLY, THIS WILL ENABLE

ADJUSTMENT OF ACCESS RIGHTS TO THOSE DATABASES AND DETECT INSIDERS,

THUS PREVENTING INFORMATION LEAKS.


LUTIONS

Data leak prevention system

38

3.3 TRAFFIC CONTROL AND FILTERINGTraffic filtering allows to make decisions regarding

traffic legitimacy based on the analysis of its

content and not on the sender’s or recipient’s

address. The analysis is generally applied to mail

and web traffic. The technique allows a much

more flexible and accurate filtering, providing the

Company with virtually complete control over

employee and server traffic. The content analysis

enables to efficiently deal with such corporate

network security threats coming from outside as

financial fraud ("fishing") and malware pene-

tration, including Trojan horses, worms, rootkits,

backdoors, adware, etc.

3.3.1 MAIL TRAFFIC FILTERING

This filtering type is traditionally used to detect

and block unwanted messages (spam) and

penetration of malicious software; however, it can

also be used to solve the tasks associated with

data leak prevention.

There exists a whole range of methods for

evaluating the content of mail traffic:

Statistical analysis (Bayesian method, etc.)

Blocking attachments of certain type

Analysis based on the list of key words/phrases and regular expressions

Analysis of message headers

Heuristic analysis of text (searching for typical patterns of spam messages)

Checking the message body and attachments for malicious code

Taken as a whole, the above methods allow

detection and prevention of unwanted traffic

penetration into the organization’s network.


LUTI

ON

S

3.3.2 WEB TRAFFIC FILTERING

Web traffic filtering is designated to solve two

main tasks – controlling employee access to

unwanted resources and preventing malware

penetration to user computers. Contemporary

filtering tools allow analyzing not only the open

protocols (HTTP, FTP, ICQ) but also encrypted ones

(HTTPS and Skype). Web traffic filtering is based on

various criteria (key words, malicious code in

bodies of web pages, HTML code anomalies, etc.).

Web traffic filtering allows to protect the

organization’s network from compromise, and,

therefore, from financial and goodwill losses, and

to save employees’ labor hours.

3.3.3 APPLICATION USE CONTROL

Uncontrolled installation and startup of software

by employees on their workstations constitutes a

problem for most companies and bears serious

information security risks. In addition, it can result

in additional problems if users install and use

illegal software without the knowledge of the

employer. Application use control systems are

designed to solve the above problem.

Up-to-date systems of the above class allow

forming a complete image of the software used in

the Company and providing flexible control over

the process. Thus, not only can administrators ban

or allow a specific application to be run, but they

can also allow limited running, i.e., ban access to

the network or printer, allowing all other

functionalities. The dynamic structure of ‘white

lists’ of the permitted software makes the

administrators’ tasks easier and allows material

cutting of costs for list processing.

3.3.4 INTEGRATED ANTIVIRUS PROTECTION

The current antivirus systems consist of two

components. The first one is the protection of

workstations and is implemented by installing

antivirus agents on the users’ workstations.

Presently, the agents are usually characterized by

multi-functionality: they include virus attack

detection systems, firewalls, various IT

environment controls and authorization tools.

The second component of an up-to-date antivirus

system constitutes filtering on the level of

gateway installed at external information access

points in the organization’s IT system. This

component can also be implemented using two

types of solutions: either via a threaded antivirus

gateway or by filtering the incoming information

flow at the application systems level, in the form of

firewalls installed on communication channels.

40

Integrated antivirus protection consists of the

above two components and is usually based on

the whole range of various software and hardware

solutions. The system can provide protection of

major corporate nodes, such as mail, Web servers

and user workstations, as well as protection of IT

environment from its user in case the latter is

infected with malware.

First of all, the above effect is achieved by neutral-

izing a significant amount of virus threats at the

gateway level. Considering the fact that installa-

tion of antivirus agents takes up quite a lot of IT

resources (up to 30-40%), this variant of fighting

viruses does not seem very efficient. Viruses can

be stopped at the perimeter, on the gateway level.

This enables to reduce the load on users and their

workstations and to eliminate incompatibilities

between the antivirus and the corporate software.

It should be emphasized that protection of certain

facilities, including servers, with antivirus agents is

not economically efficient, as it is very expensive

from the operating viewpoint.

Data control and filtering diagram

Users

Mail(SMTP, IMAP,

POP3)

WEB (HTTP, HTTPS, FTP)

IM (ICQ,Skype, Jabber)

Antivirusprotection

Internet URL-filtering

MAIL-filtering

«Clean»traffic

Malicious code Fishing Spam

THE ANTIVIRUS PROTECTION SOLUTIONS OFFERED BY LANIT OFFERS THE CUSTOMER

SIGNIFICANT SAVINGS OF EXPENSES ON IT INFRASTRUCTURE AS WELL AS ECONOMY

OF PROFESSIONAL LABOR HOURS.

Creation of Security Operation Centers is among the most relevant lines of development in the IT industry. Essentially, this is the center for security incidents management which constitutes a single segment for managing all of the security mecha-nisms as well as the IT infrastructure monitoring.

A Security Operation Center allows centralized information security management in the Customer’s company, which is achieved by regulating the information security threat neutralization mechanisms, a complete and accurate understanding of the condition of the corporate information system and comprehensive monitoring of the security condition of IT services. Organizing a reasonable balance of technologies, processes and human resources, a SOC offers the capability for continual monitoring of the corpo-rate information system, tracking of the security incidents and fast implementation of counter-measures in response to threats.

A Security Operation Center consists of the following basic set of subsystems:

Security incident and event management subsystem

Security control subsystem

Change control subsystem

Update management subsystem

Reporting subsystem

Management subsystem

Subsystem for control of regulatory compliance

Storage subsystem

The main component constitutes the Security Incident and Event Management (SIEM) system. This solution is designed to collect information from all security mechanisms, network devices, servers and employee workstations. The system provides an intelligent mechanism for correlation between events from various sources, which helps detect even the most complex types of attacks, including time-phased ones.

3.4 SECURITY OPERATION CENTER (SOC)


LUTI

ON

S

42

BENEFITS OF USING THE SOLUTION

MANY INFORMATION SECURITY INCIDENTS CAN HARDLY BE ANALYZED "MANUALLY"

ESPECIALLY WHEN THE ANALYSIS INVOLVES COMPARISON OF DATA FROM VARIOUS

INFORMATION SECURITY SYSTEMS. LET US CONSIDER A VERY SIMPLE SITUATION: AN

EMPLOYEE WHO ENTERED THE BUILDING WITHOUT HIS ACCESS PASS LOGS INTO THE

IT SYSTEM USING HIS OWN PASSWORD. THIS SITUATION IMMEDIATELY CALLS FOR

THE ATTENTION OF A DESIGNATED ADMINISTRATOR. FOR IT SYSTEMS WHICH

INCLUDE HUNDREDS OF WORKSTATIONS AUTOMATION OF SIMILAR CONTROL PROC-

ESSES IS VITAL – "MANUAL" CONTROL IN SUCH CASES IS NOT SIMPLY EXPENSIVE, IT IS

OFTEN PHYSICALLY IMPOSSIBLE TO IMPLEMENT.

This is an automated system which enables real-time detection of an attack, determining how critical it is for the IT system at the network administrator’s workstation, and displaying the attack history: its origination, the nodes it affected,

and the damage caused. In this case, both the integrated and the customized event correlation rules can be used, thus providing capability for connection of even unique systems, including those developed by customers.

Integrated solutions developed by LANIT in the sphere of Information Security and IT monitoring allow:

Completing a full cycle of incident response due to integration of monitoring tools in the incident management processA timely response to a detected incident and elimination of its consequences

Collection and analysis, within a single system, of all the signals received from the technical monitoring and information security systems

Prompt detection of the causes for failures and determining the enterprise’s department responsible for elimination of the above

Reducing the time for elimination of defects and the downtime of IT infrastructure

Providing capability for retrospective analysis of the security metrics and the information systems operation

Long-term storage of information systems statistics

Providing uniform reports on the condition of information systems

Recording and analyzing failures in the opera-tion of IT infrastructure with a view to its improvement and cost minimization

Reducing business losses associated with IT infrastructure downtime


LUTIONS

Schematic diagram of Security Operation Center (SOC)

44

3.5 IDENTITY AND ACCESS MANAGEMENT (IAM)Identity and Access Management Systems (IAM)

are generally popular with organizations with a

large number of applied IT products and an

extensive system of user authorization.

The construction of similar systems includes two

tasks:

Development of a role model according to which access rights for system users will be defined

Building an IAM system according to the developed role model

An IAM system enables, based on the developed

role model, to unify the employee access rights to

all (including self-designed) information resources

in the organization as well as to automate the

processes for granting/revocation of information

resource access rights of employees depending

on their roles.


LUTIONS

Identity and Access Management Structure

46

3.6 DDOS DETECTION AND COUNTERINGDDoS attacks have long overgrown the ruffian,

often absurd, category and turned into a powerful

tool of competitive struggle. Few would be

surprised at the fact that a DDoS attack can be

ordered on Ebay for USD 300. In this case, an

attack can aim either at a separate business

resource (Web server, internet portal, virtual shop,

etc.) or at overall data transmission channels – in

order to limit or totally block access to the facility

being attacked.

LANIT offers two types of solutions for counter-

ing DDoS attacks:

The first solution includes systems designed

for communications operators. They are the ones

suffering most from DDoS attacks, even if their

own services are not the object of the attack.

Implementation of such solutions will enable

them not only to protect their own resources,

providing the required service level and conform-

ing to the Service Level Agreement (SLA), but also

to provide security services for their clients. The

advantages of operator-class solutions include

simple integration into the existing IT infrastruc-

ture due to the capability for "out-of-band" mode

installation. In this case, the cleansing system

receives only the traffic from the object under

attack, without the need to make prompt changes

in traffic routing.

The second solution involves systems for

corporate Customers wishing to protect their IT

infrastructure from DDoS attacks. These systems

are especially relevant for the business types

where a denial of service for clients caused by a

DDoS attack immediately results in significant

financial losses, i.e., for banks or online shops.

1

2


LUTIONS

Diagram of DDoS attacks detection and countering

TO COUNTER DDOS ATTACKS, LANIT OFFERS SOLUTIONS BASED ON PRODUCTS BY

LEADING VENDORS, SUCH AS RADWARE AND ARBOR, WHICH ALLOW SIMULATION OF

IT SYSTEM’S OPERATIONAL PROFILES IN THE STANDARD MODE AND, IN CASE OF SERI-

OUS DEVIATIONS, AUTOMATICALLY DETECT MASS NONSTANDARD REQUESTS AND

REJECT THEM, AS WELL AS OTHER REQUESTS FROM SUSPICIOUS ADDRESSES.

48

PART

NER

S

Symantec specializes in security, data storage and system management solutions which help corporate clients and end users to provide security and manage informa-tion. Symantec is among the leading suppliers of antivirus solutions, vulnerabil-ity control products, software for filtering Internet information resources and solutions for data loss prevention in the process of their storage or use, as well as information security services for enterprises all over the world. The company’s ability to successfully integrate its products enables Symantec to offer best-in-class solutions for millions of corporate and individual customers in more than 50 countries, holding leading positions on the market.

BSI Management Systems (BSI – British Standards Institution) is a recognized leader in the sphere of management systems certification and a founder of the Interna-tional Organization for Standardization (ISO), as well as other international organi-zations and associations. BSI Management Systems offers independent assessment of second and third parties, certification of management systems, and personnel training. All of the above enables its clients to implement the best global methods, technologies and standards in their business, which, in turn, makes them confident competitors under any circum-stances. In its work, BSI uses best global practices that add value to the company assisting it in developing its tactics and winning strategy intrinsic to global-level organizations.

Cisco Systems is a recognized leader in network solutions, offering a wide range of information security products from firewalls and attack prevention systems to content supervision, application security tools and personal security systems for servers and workstations. The innovations of Cisco Systems in the security field provide protection of network computers, web and email services. Cisco Systems acquired leading positions and is among leaders not only on the global market, but in Russia and CIS as well, offering email and Internet access security products, Secure Access Control and security management solutions.

http://www.bsi-russia.ru/ http://www.cisco.com/http://www.symantec.com/

4www.lanit.ru

ourpartners


Protecting the Data That Drives Business®

Headtechnology is a specialized distributor of information security solutions. Founded in early 2005, headtechnology RU is now a leader on the information security solutions distribution market. The main lines of activity include protection of corporate data from theft and leaks, control of all ports and external devices on the corporate level, protection against unwanted and malicious software, cryptographic protection of laptops, servers, PDA, specific folders and files, corporate email, filtering of web traffic, protection of corporate email from spam and viruses, content filtering of email messages; virtualization of data for management and storage of the continually growing information volumes, profound audit and control of administrators’ work at all levels; real-time network control, NAC; centralized password management; strict authentication systems and tools.

Imperva is a unique developer and manufacturer of products for security of web applications and database management systems (DBMS). A great number of large businesses and state institutions around the world rely on automated, scalable and modern business process-oriented solutions provided by Imperva which are aimed at preventing information theft, data substitution and modification. Imperva’s products allow to solve many pressing problems in the field of information security, to implement the requirements set forth in international standards SOX, PCI and HIPAA, conduct database audit without reducing the efficiency of business tasks performance.

Netwell was created in 2003 to distribute on the Russian market the telecommunication equipment and technologies of leading manufacturers, including Juniper Networks, Extreme Networks, NetApp, Imperva, PineApp, Davolink, Aruba Networks, Siemens Enterprise Communications, Riverbed Technology, etc. Currently, the products and solutions of vendors which actively cooperate with Netwell have been selected by leading industrial, financial and telecommunication companies as well as a range of large state structures. Thorough vendor selection allowed Netwell to form an integrated package of solutions in the field of data storage, network infrastructures and information security structures, optimized with consideration for the Russian market realities.

http://www.headtechnology.com/

Positive Technologies is a leading Russian company in the sphere of information security. The main line of activity constitutes the development of systems for security control and compliance with MaxPatrol standards, as well as XSpider security scanner. XSpider security analysis system has been a recognized leader among network IS audit products for over 10 years in Russia and is used to analyze and control security of corporate resources. MaxPatrol information security monitoring system allows objective evalua-tion of the security condition for both the information system in general and its separate subdivisions, nodes and applications. The mechanisms for penetration testing (Pentest), system checks (Audit) and compliance control (Compliance), combined with the capability for analysis of various operating systems, database management systems and web applications, enable MaxPatrol to provide ongoing technical security audit at all levels of the information system.

http://www.ptsecurity.ru/

http://www.netwell.ru/http://www.imperva.com/

50

PART

NER

SINFORMATION SECURITY 51

Radware is an acknowledged leader in the field of integrated solutions for software deployment, a member of RAD Group, which provides complete accessibility, maximum productivity and absolute safety of business applications for over 10000 enterprises all communication service providers all over the world. A complete software package of APSolute Radware includes applications which combine developed access and security tools and a logical customer interface. Users from any sphere can enhance business efficiency, increase profit and reduce network maintenance and infrastructure costs, making their networks intelligent from the business viewpoint.

SafeLine (SC "Informzashchita") is a leading multivendor distributor of integrated information security and information technology solutions in Russia and the CIS. SafeLine offers a full range of information security products for companies at any level, from small enterprises and remote offices to major companies, service providers and communications operators. Using the products and technologies of key market players, SafeLine offers their unique combination aimed at solving real information security problems. Solutions from SafeLine have are widely applied in the finance, telecommunications and gas industries, as well as in educational and healthcare institutions.

Stonesoft Corporation develops innovative solutions in the sphere of network security and business continuity. Stonesoft offers its clients integrated network security solutions: StoneGate firewall, VPN (Virtual Private Network), IPS (Intrusion Prevention System), SSL VPN, UTM with centralized and unified management system. StoneGate Management Center provides centralized management of all the StoneGate devices as well as collection and management of security events from various network and IT infrastructure devices for subsequent analysis of security incidents. The produc-tion of the above solutions is certified by the national state and industrial regulators, such as FSTEC, FSS, etc.

S-terra CSP is a Russian developer and manufacturer of network information security products. The company’s solutions for virtual private networks (VPN) provide protection of internetworking, wireless and multiservice networks, as well as operational security of remote and mobile users. S-terra CSP is a technology partner of Cisco Systems. The company aims at supplying VPN solutions to the Russian market. The CSP VPN network security product family allows implementing any scenarios of VPN construction. Flexibility is provided due to the use of multiple information security scenarios and the development of individual security policies. The company’s solutions are designed, primarily, for organizations that require reliable protection of VPN connections using Russian cryptography, in particular, for protection of confidential information and personal data.

http://www.radware.com/ http://www.safe-line.ru/

http://www.stonesoft.com/ http://www.s-terra.com/

52

Websense is an acknowledged leader in the sphere of integrated security solutions (web, data and email) as well as solutions providing protection of crucial information in more than 50000 organizations around the world. Websense information security solutions will help organizations to block malicious code, prevent losses of confidential information and provide appropriate use of Internet according to each specific security policy. Websense solutions are based on the innovative ThreatSeeker technology which provides preventive protection from web threats, closing the security gaps that exist despite the installed antivirus solutions and firewalls. ThreatSeeker uses over 100 unique processes for detecting new comprehensive web threats. ThreatSeeker technology forms the basis for all of the Websense security solutions and provides clients with automatic updates with the intervals not exceeding several minutes.

Doctor Web is one of the few antivirus vendors in the world that has its own unique technology for malware detection and treatment, along with its own virus monitoring service and analytical lab. This results in a high speed of response to new virus threats by the company specialists and enables them to provide assistance to clients in solving problems of any complexity within hours. Dr.Web antivirus products have been developed since 1992 and have continually demonstrated excellent results in malware detection, conforming to the global security standards.

ArcSight is a leading provider of solutions in the spheres of security and regulatory compliance management which intelligently identify and mitigate business risks for enterprises, communications operators and government institutions. Developed in compliance with the requirements set forth by geographically distributed and heterogeneous companies and technology infrastructures, ArcSight offers a unified industrial vendor-independent solution for intelligent identification and blocking of most attack types.

Kaspersky Lab is one of the most dynamically growing companies in the field of information security. Years of hard work allowed Kaspersky Lab to become a leader in the development of antivirus products. Antivirus software modules from Kaspersky Lab provide reliable protection of all the potential targets of virus attacks, i.e., workstations, laptops, file and web servers, mail gateways, firewalls, pocket PCs and smartphones. Convenient control tools allow maximum automation of the antivirus protection for computers and corporate networks. Kaspersky Lab offers a wide range of solutions to provide reliable protection against viruses, spam and hacker attacks, taking into account the needs of all the client categories. Kaspersky Lab designs, implements and supports corporate antivirus complexes and information security systems conforming to any specific business requirements of the customers.

http://www.websense.com/ http://www.kaspersky.ru/

http://www.drweb.com/ http://www.arcsight.com/

PART

NER

SINFORMATION SECURITY 53

The Network Integration Department (NID) began

to operate in 1990. Currently, over 300 certified

specialists are developing this line of activity. An

ongoing system of professional development and

trainings in the vendors’ training centers all us to

maintain the highest professional level of our staff.

The Network Integration Department has success-

fully implemented over 2000 large-scale projects. It

boasts over a hundred of industrial solutions for the

oil and gas, banking, industrial and other leading

sectors of economy. A developed service network

represented in all regions of the RF contributes to

the success of NID projects.

SERVICES OFFERED BY THE DEPARTMENT:

Information security

Corporate infrastructure

Data processing centers (DPC)

Engineering infrastructure

Management of IT services

Software licensing

Systems of telephone communication, videoconferencing and multimedia systems

Standard architecture systems

Network solutions

LANIT’S NETWORK INTEGRATION DEPARTMENT

KEY CLIENTS:

Sberbank of Russia, Central Bank of the Russian Federation, Military Insurance Company, Master Bank, JSC "NK

ROSNEFT," "LUKOIL-INFORM" LLC, JSC "TNK-BP Management," Russian Association of Motor Insurers, JSC

"ZhaASO," the Pension Fund of RF, the Federal Treasury, the Supreme Arbitration Court of RF, the Ministry of

Agriculture of RF, the Federal State Statistics Service, Roskosmos, the Ministry of Transport of RF, NIC GLONASS,

Rosgidromet, etc.

54

LANIT – "LAboratory of New Information Techno-

logies" – is the leading multidisciplinary group of IT

companies in Russia and the CIS, which has

celebrated its 20th anniversary in 2009. The group

companies offer a full range of IT services, their

number growing continually due to deployment of

state-of-the-art and the most popular technologies

and solutions.

Presently, LANIT is the largest systems integrator in

Russia and a leading partner of over 200 of major

global high-tech equipment and software solutions

manufacturers. LANIT enterprises boast a steady

and highly professional team totaling more than

5000 people. Many of our employees have

academic degrees. Over 1200 specialists have been

certified by the leading global vendors supplying

high-tech equipment and software.

ABOUT LANIT

105066, Moscow, 5 Dobroslobodskaya St., build. 1tel.: +7 (495) 967-66-50fax: +7 (499) 261-57-81еmail: [email protected]

www.lanit.ru

105066, Moscow, 5 Dobroslobodskaya St., build. 1tel.: +7 (495) 967 66 50fax: +7 (499) 261 57 81

Email: [email protected]

www.lanit.ru

Date post:	19-Mar-2016
Category:	Documents
Upload:	mila-roshchina
View:	213 times
Download:	0 times