A multifunctional complex for the protection of IT infrastructure (network and end devices, components of virtualization environments), as well as application software: SCADA, RPA, DBMS.
The architecture of the complex is designed with fault tolerance and performance requirements in mind and allows Efros DefOps to be used on sites with thousands of monitored facilities.
Efros DefOps is a fully import–independent software compatible with domestic operating systems: Astra Linux, Red OS and DBMS.
Efros DefOps is a certified solution that can be used to implement protection measures in accordance with the orders of the FSTEC of Russia: №17, 21, 31, 239. The product is certified according to trust level 4.
The implementation of the Efros DefOps platform will allow solving a wide range of tasks: access control / vulnerability audit / attack vector modeling / task portal organization / firewall rules analysis, etc. – with control in one console.
Efros DefOps implements detailed user rights settings, which allows you to flexibly assign access rights to employees of information security and IT departments.
Efros DefOps is a certified solution that can be used to implement protection measures in accordance with the orders of the FSTEC of Russia: №17, 21, 31, 239. The product is certified according to trust level 4.
The implementation of the Efros DefOps platform will allow solving a wide range of tasks: access control / vulnerability audit / attack vector modeling / task portal organization / firewall rules analysis, etc. – with control in one console.
Efros DefOps implements detailed user rights settings, which allows you to flexibly assign access rights to employees of information security and IT departments.
Efros DO
Integrity control and compliance checks
Implementation of compliance checks. File integrity control in various operating systems (OS), virtualization environments (SV). Control of OS configurations and application software. Monitoring the security of containers and means of orchestration.
Implementation of compliance checks. File integrity control in various operating systems (OS), virtualization environments (SV). Control of OS configurations and application software. Monitoring the security of containers and means of orchestration.
INTEGRITY CHECKCOMPLIANCE (ICC)
NETWORK ASFIREWALL ASSURANCE (FA)
CHANGE MANAGER (CM) SURANCE (NA)
CHANGE MANAGER (CM) SURANCE (NA)
Optimization and analysis of firewall access rules.
Network access policy control at the firewall rule level. Optimization of rule lists (ACLs), identification of anomalies and dangerous structures. Creation and assignment of requests for changing access rules.
Network access policy control at the firewall rule level. Optimization of rule lists (ACLs), identification of anomalies and dangerous structures. Creation and assignment of requests for changing access rules.
Network topology analysis
Collecting and maintaining a secure database of network equipment configurations, analyzing compliance with standards and best practices. Visualization on a network map of possible routes for a given type of traffic. Identification of known vulnerabilities in accordance with the FSTEC database, CVE, OVAL, etc.
Collecting and maintaining a secure database of network equipment configurations, analyzing compliance with standards and best practices. Visualization on a network map of possible routes for a given type of traffic. Identification of known vulnerabilities in accordance with the FSTEC database, CVE, OVAL, etc.
NETWORK ASSURANCE (NA)
VULNERABILITY CONTROL (VС)
Vulnerability analysis
Checking the infrastructure for vulnerabilities. Calculation of attack vectors in the context of a network. Assessment of the probability of using a particular vulnerability of systems to eliminate this vector in a timely manner.
Checking the infrastructure for vulnerabilities. Calculation of attack vectors in the context of a network. Assessment of the probability of using a particular vulnerability of systems to eliminate this vector in a timely manner.
Centralized access control for users and administrators to network devices that support TACACS+ and RADIUS protocols. Profiling of user devices, support for guest Wi-fi portals.
More information
More information
NETWORK ACCESS CONTROL (NAC)
Specifications
The product's programming Interface (REST API) provides extensive integration capabilities for Efros DefOps into the organization's infrastructure. API documentation is available upon request.
Supported hardware and software
Efros Defense Operations is a fully Russian development that is included in the Unified Register of Russian programs for electronic computers and databases.
