Analysis of information security technologies for use in the enterprise infrastructure

Objective. The purpose of the study is to analyze modern information security technologies for solving the problems of protecting information in the enterprise infrastructure.

Method. The study is based on the methods of system analysis, synthesis, deduction.

Result. The analysis was carried out and the features of information protection technology were disclosed for the purpose of possible use in the infrastructure of the enterprise. The analysis of domestic and foreign software for practical use is carried out.

Conclusion. The results of the analysis reveal the features of using information protection tools in the enterprise infrastructure in order to counteract modern vectors of attacks on information resources. 

1. FSTEC RF. Guidance document. Automated systems. Protection against unauthorized access to information. Classification of automated systems and requirements for information protection [El.res.]. URL: https://fstec.ru/tekhnicheskaya-zashchitainformatsii/dokumenty/114-spetsialnye-normativnye-dokumenty/384-rukovodyashchij-dokument-reshenie-predsedatelyagostekhkomissii-rossii-ot-30-marta-1992-g (Date of circulation 06/20/2022). (In Russ)

2. FSTEC RF. Guidance document. The concept of protection of computer equipment and automated systems from unauthorized access to information [El. Res.]. URL: http://fstec.ru/component/attachment s/ 299 (date of access: 06/26/2022). (In Russ)

3. State Technical Commission of the Russian Federation. Guidance document. Computer facilities. Protection against unauthorized access to information. Indicators of security from unauthorized access to information. M.: Military Publishing House, 1992; 29. (In Russ)

4. Kotenko I.V., Saenko I.B., Polubelova O.V., Chechulin A.A. Application of Information and Security Events Management Technology for Information Protection in Critical Infrastructures. Proceedings of SPIIRAS. 2012; 20 (1): 27-56. (In Russ)

5. Gustavo González-Granadillo , Susana González-Zarzosa and Rodrigo Diaz Security Information and Event Management (SIEM): Analysis, Trends, and Usage in Critical Infrastructures Sensors 2021; 21(14): 4759.

6. Fedorchenko A.V., Levshun D.S., Chechulin A.A., Kotenko I.V. Analysis of security event correlation methods in SIEM systems. Part 1. Proceedings of SPIIRAS. 2016; 47 (4): 5-27. (In Russ)

7. Fedorchenko A.V., Levshun D.S., Chechulin A.A., Kotenko I.V. Analysis of security event correlation methods in SIEM systems. Part 2 . Proceedings of SPIIRAS. 2016; 49 (6):208-225. (In Russ)

8. Kotenko I.V., Ushakov I.A., Pelevin D.V., Preobrazhensky A.I., Ovramenko A.Yu. Identification of insiders in a corporate network: an approach based on UBA and UEBA. Information Security. Inside. 2019; 5 (89): 26-35. (In Russ)

9. Fedorov V.A., Shchiptsov D.I. Overview of insider detection methods in computer networks using UEBA systems. European science forum. Collection of articles of the IV International scientific-practical conference. Petrozavodsk, 2020; 50-53. (In Russ)

10. Bogdanov V.V., Domukhovsky N.A., Savin M.V. SOAR: automation of work with information security incidents. Information security. Inside. 2021; 3 (99): 13-17. (In Russ)

11. Seleznev V.M., Borovskaya O.E. Embedding SOAR platform tools in the SOC ecosystem to automate the process of responding to information security incidents. International Research Journal. 2022; 10 (124). (In Russ)

12. Vasilyeva I.N. A modern approach to monitoring the security of network information infrastructures. Innovatsionnye tekhnologii i voprosy obespecheniya bezopasnosti real ekonomiki. Collection of scientific papers based on the results of the III All-Russian scientific and practical conference. St. Petersburg, 2021; 24-32. (In Russ)

13. Bezpalov M.Yu., Lanets S.A. Modern challenges and technological solutions for information security. Scientific, technical and economic cooperation of the Asia-Pacific countries in the XXI century. 2022; 1: 181-186. (In Russ)

14. Savin M.V., Stoichin K.L., Nekrasov A.V., Komarov N.V. Overview of standards and formats for the presentation of automated scenarios for responding to computer security incidents. Information Security. Inside. 2022; 4 (106): 14-19. (In Russ)

15. Sneps-Sneppe M., Namiot D. Rethinking the power of packet switching in the coming cyber threats era International Journal of Open Information Technologies. 2019;7( 8): 48-58.