May 31, 2007

FSB approved Windows Server with Russian cryptography

Telecom Internet Security
May 28, 2007, Mon 6:04 PM Moscow

The Russian Federal Security Service has announced the certifying center based on the Windows Server 2003 operating system with integrated Russian data protection means correspond to the KC2 security level. The system differs from its certified analogues, since it preserves the functions of the initial Microsoft product, including the integration with the Microsoft Windows domain.

The Federal Security Service has announced the results of certified tests of the appliance which will be used within the certifying center based on the Windows Server 2003 OS with integrated Russian information security means of the KC2 level. Vladimir Mamikin, Information Security Director at Microsoft Russia and CIS office told CNews among such security means are the crypto service provider CSP 3.0 from the Crypto-Pro company and Secure Pack Rus for Server and Secure Pack Rus for CA. “The fact that the required security level was reached gives the opportunity to use the center on objects which demand the KC2 level and where it has been impossible so far to use the Windows Server 2003 center”, Mr. Mamikin told CNews.

The certifying center differs from its analogues since it preserves the functions of the initial Microsoft product, including the integration with the Microsoft Windows domain, which helps managing the key infrastructure. Besides, the application system which is part of the domain allows searching for users and conduct any other activity using the standard means of the Windows platform.

As a result the center integrated with platforms based on windows XP and Windows Server 2003 form a complete information security system for corporate networks which process confidential data. The center was certified by STC Atlas, Microsoft’s partner in Russia. Alexander Alferov, the company’s Deputy Director General said a research is underway to boost the level of information security means within the Windows OS and Windows Server 2003.

Sergei Shalmanov, CNews Analyst said Microsoft’s moves are in line with the company’s marketing strategy. “The company’s aim is to be able to fill on time the IT use functional in Russia”, he said. “With its platform solutions Microsoft is leading on the market. It would be weird if clients decided to deal with other developers for acquiring or identifying electronic signatures”.

Microsoft said the new center might be put to operation by modernizing the existing Windows Server 2003 and preserving the earlier made investments. “Microsoft conducts work to enlarge the line of products certified by the Russian FSB in order to create functionally complete secure complexes”, Mr. Mamikin told CNews. “We intend to certify a range of products at the FSB. Governmental organizations will be able to create a secure work flow. For example Atlas is now certifying a number of products from the SharePoint line at the FSB now”.

In 2002 Microsoft signed an agreement with Atlas to provide access to all its source codes in terms of the Government Security Program. “We cooperate with Atlas specialists on different information security questions. That is why it was absolutely natural for us to choose Atlas as a certifying organization”.

No comments: