CIPF "Continent-AP"- is a software VPN client for connecting a remote workstation or mobile device to resources automated system enterprises. Helps to solve the following tasks:
- Identification and authentication of a remote user when establishing a connection is based on public key certificates of the X.509 standard
- All access policies remote employees are configured by the administrator of the organization's VPN network using the control program of the NCC "Continent"
- The personal firewall in Continent-AP for MS Windows provides secure connection to public networks and access control to network resources workstation
- Traffic encryption in accordance with GOST 28147-89 with a modern key scheme provides guaranteed cryptographic strength of a secure connection
The certificate of the FSB of Russia confirms compliance with the requirements of the guidelines for the 3rd level of control for the absence of NDV and the 3rd class of security for firewalls.
When ordering CIPF "Continent-AP" must be purchased for each geographically distributed office.
Available only for legal entities.
Manufacturer: "Security Code" LLC
RUB 8,200.00
The account will be generated automatically. Specify the type of payer " entity and fill in the details.
Possibilities
- Cryptographic data protection- Cryptographic protection of transmitted data is implemented on the basis of Russian cryptographic algorithms in accordance with GOST 28147-89 in the gamma mode with feedback.
- Remote User Authentication / Identification - Identification and authentication of a remote user when establishing a connection between the subscriber station and the access server "Continent" is carried out on the basis of public key certificates. The scheme is implemented using X.509 certificates. There are 2 options for working with certificates: the trusted certification authority is the access server management program - the first option and the trusted authority is an external certification authority - the second option, in the second option, integration with the CryptoPro CA is possible.
- Support for a variety of key media - Floppy disks, flash drives, electronic keys eToken, ruToken, iKey, and it is also possible to use iButton identifiers, if the PC allows you to install the Sobol PACK or TM Card.
CIPF "Continent-AP" for Adnroid supports the ability to store key information on secure MicroSD-cards JaCarta company "Aladdin R.D."
- Remote access users to protected network resources via an encrypted channel.
- Remote access for mobile users.
- Communication with the access server "Continent" at a speed of up to 16 Mb / s * in encryption mode.
*For VPN client for mobile devices connection speed is limited by the quality of the communication channel (3G, GPRS, Wi-Fi, etc.). - Support for dynamically assigned IP addresses.
- Centralized Management filtering rules and user access rights to information resources secure network.
- Transparent traffic exchange with secure network segments for any application (including VoIP and video conferencing).
- Access both via dedicated and dial-up communication channels using various ways connection to the Internet via technologies: Dial-UP, xDSL, leased line, Wi-Fi, GPRS, 3G, WiMAX, satellite channels connections.
- Integrated firewall
- IP addresses of the sender and recipient;
- application protocol type (POP3, HTTP, SMTP, etc.);
- the network interface through which the packet was received or will be sent;
- header fields and contents of IP packets.
- by type of transport protocol (TCP/UDP/ICMP/…);
- by TCP/UDP ports;
- by types and codes of the ICMP protocol.
- Ability to connect to the access server by DNS name.
- Now it is possible to tunnel traffic into an HTTP tunnel.
- Support for authorization on HTTP-PROXY.
- Implemented API interface for interacting with external applications.
- The ability to automatically establish a VPN connection on a workstation without the participation of an operator.
- Possibility of connection of CIPF "Continent-AP" for Windows and Linux with the server of access before registration of the user of OS.
Allows workstations belonging to a domain to work remotely.
Purpose
- Protecting connections with remote workstations
In cases where only 1-2 employees work at a remote office and for some reason the installation of the Continent APKSh is not practical, it is possible to securely connect the workstation to the resources of the enterprise automated system using the Continent-AP software VPN client. - Protection of connections with mobile clients
Ensuring the possibility of a secure connection to the information resources of the enterprise for mobile employees and company management. The software VPN client "Continent-AP" can be installed on laptops of mobile employees.
Possibilities
- Cryptographic data protection
Cryptographic protection of transmitted data is implemented on the basis of Russian cryptographic algorithms in accordance with GOST 28147-89 in the gamma mode with feedback. - Remote User Authentication / Identification
Identification and authentication of a remote user when establishing a connection between the subscriber station and the access server "Continent" is carried out on the basis of public key certificates. The scheme is implemented using X.509 certificates. There are 2 options for working with certificates: the trusted certification authority is the access server management program - the first option and the trusted authority is an external certification authority - the second option, in the second option, integration with the CryptoPro CA is possible. - Support for a variety of key media
Floppy disks, flash drives, eToken, ruToken, iKey electronic keys can serve as a carrier of key information for a VPN client for Windows or Linux, and it is also possible to use iButton identifiers if the PC allows you to install the Sobol PACK or TM Card.CIPF "Continent-AP" for Adnroid supports the ability to store key information on secure MicroSD-cards JaCarta company "Aladdin R.D."
- Remote user access to protected network resources via an encrypted channel.
- Remote access for mobile users.
- Communication with the access server "Continent" at a speed of up to 16 Mb / s * in encryption mode.
*For the VPN client for mobile devices, the connection speed is limited by the quality of the communication channel (3G, GPRS, Wi-Fi, etc.).
- Support for dynamically assigned IP addresses.
- Centralized management of filtering rules and user access rights to information resources of a secure network.
- Transparent traffic exchange with secure network segments for any application (including VoIP and video conferencing).
- Access both via dedicated and dial-up communication channels using various methods of connecting to the Internet using technologies: Dial-UP, xDSL, leased line, Wi-Fi, GPRS, 3G, WiMAX, satellite communication channels.
- Integrated firewall
The Continent-AP software for Windows OS includes a firewall (FW) designed to filter IP packets from the network traffic of the computer on which Continent-AP is installed. ITU provides filtering of incoming and outgoing IP packets according to the following features:- IP addresses of the sender and recipient;
- application protocol type (POP3, HTTP, SMTP, etc.);
- the network interface through which the packet was received or will be sent;
- header fields and contents of IP packets.
- by type of transport protocol (TCP/UDP/ICMP/…);
- by TCP/UDP ports;
- by types and codes of the ICMP protocol.
- Ability to connect to the access server viaDNS-name.
- Now you can tunnel traffic toHTTP-tunnel.
- Authorization support forHTTP- PROXY.
- ImplementedAPIinterface for interacting with external applications.
- Possibility of automatic installationVPN-connections to workstations without the participation of an operator.
- Possibility of connection of CIPF "Continent-AP" for Windows and Linux with the server of access before registration of the user of OS.
Allows workstations belonging to a domain to work remotely.
System requirements
CIPF "Continent-AP" for operating rooms Windows systems or Linux can be installed on computers equipped with or compatible with the Intel X86 family of processors.
| Element | Minimum | Recommended |
|---|---|---|
| CPU | Celeron 300 MHz | Pentium IV 1.8 GHz |
| RAM | 128 MB | 512 MB |
| HDD (free space) | 512 MB | 512 MB |
| operating room system | Windows:
linux:
|
|
CIPF "Continent-AP" for Android is installed on tablet computers and smartphones with Internet access.
| operating system | Android 4.x and above |
|---|---|
| Memory | Either an external memory card or any inner memory, available to applications(e.g. user section) |
| Internet Access Tools | Any of:
|
Documentation
The documents presented here are included with the product. All terms and conditions apply. license agreement. These documents or parts thereof, in printed or electronic form, may not be copied or distributed to third parties for commercial purposes without the express written permission of Code Security.
The information contained in these documents may be changed by the developer without special notice, which is not a violation of obligations towards the user on the part of the developer company.
User Documentation
Version 3.7 RU.88338853.501430.007
ReleaseNotesAP.pdf
| Admin Guide The manual contains the information necessary for the administrator to install and configure the components of the Complex on the Windows platform. Continent-AP_Windows_Admin_Guide.pdf |
|
| User guide The manual contains information necessary for the user to operate the software of the Complex on the Windows platform. Continent-AP_Windows_User_Guide.pdf |
CIPF "Continent-AP" for Android, version 3.7
ReleaseNotesAP.pdf - This document contains a description of the main features and limitations (Release Notes).
Certificates
| OFFICE | NUMBER | PRODUCT | DESCRIPTION | VALID |
|---|---|---|---|---|
| FSTEC of Russia | 3007 RU.88338853.501430.007 | CIPF "Continent-AP" version 3.7 | Confirms compliance with the requirements of guidance documents on the 3rd level of control for the absence of NDV and the 3rd class of security for firewalls. | Until 01.11.2016 |
Applications
APKSh "Continent" is a powerful and flexible tool for creating virtual private networks that allows you to build a VPN of any architecture. Below are typical schemes for building a VPN based on the complex:
Wireless security
Secure client connection wireless network to a dedicated segment with limited access rights.
Connecting Remote Users
Connecting remote clients to the network protected by APKSh "Continent" using a subscriber station. Working with dynamic IP addresses significantly increases the user's mobility.
Centralized AP connection
For small businesses or small enterprises, a centralized AP connection scheme is ideal.
AP connection according to the "tree" scheme
For organizations with an extensive network of branches and representative offices, it is possible to organize a VPN according to the scheme "tree". Such a scheme will streamline information flows within the organization.
Decentralized AP connection
When an organization has a complex distributed information system collecting and processing data or for solving complex problems, it is possible to organize access to VPN resources according to a decentralized scheme.
Continent-AP" for Android OS
Key features
| Cryptographic protection Traffic encryption in accordance with GOST 28147-89 with a modern key scheme provides guaranteed cryptographic strength of a secure connection | Work without superuser rights Installation and operation of the VPN client is carried out by the user using regular Android tools and does not require root rights, which ensures the safety of the mobile device |
||
| Strong Authentication Identification and authentication of a remote user when establishing a connection is based on public key certificates of the X.509 standard | Centralized Management All mobile user access policies are configured by the administrator of the organization's VPN network using the Continent SD management program |
Screenshots |
Documentation
Video instructions
To view the installation video and VPN setup-Client CIPF "Continent-AP" on a mobile device running Android OS, select the material you are interested in:
1. Installing CIPF "Continent-AP" for Android on a mobile device.
2. Creating a request for a certificate in the CIPF application "Continent-AP" for Android
3. Creating a connection profile in the CIPF "Continent-AP" for Android.
4. Connecting the user of CIPF "Continent-AP" for Android to the Access Server "Continent" 3.7.
Continent AP 3.7 is software that makes it possible to organize the protection of separately organized information networks from hacking from any other networks, including from global network Internet. It provides complete confidentiality of information over VPN channels, creates a secure VPN route for access to other public networks, and allows you to provide protection when interacting with various types of them.
Possibilities
The Continent complex allows you to combine the means of VPN networks and other firewalls. It is often used by various government agencies, including the Russian treasury. When using the program, user authentication occurs on the basis of public keys. All access policy and other parameters are adjusted by the network administrator using specialized NCC software from the Continent package. All data in this program is encrypted according to a special scheme, which was developed in accordance with GOST. Therefore, access to any transmitted data is not available to attackers.
Other possibilities:
- proxy authentication is supported;
- all traffic can be tunneled to HTTP;
- you can configure the program so that the client (program) can automatically connect to a secure network without the help of an operator;
- it is possible to join the network (access server) by DNS name;
- there is an API for working with external applications;
- workstations can participate in the work remotely (in a domain);
- the application also works on other operating systems, for example, on Linux;
- the ability to distribute IP packets by protocol type: ICMP, TCP, UDP;
- filtering by the following protocols: SMTP, POP3, HTTP.
Peculiarities
Data protection is implemented by means of crypto-resistant algorithms. The Continent program supports all kinds of key carriers. They can be flash disks, electronic keys iKey, eToken, ruToken, iButton. For computers, you can install TM Card or Sobol. It is possible to access from mobile devices (but data transfer may be limited in speed due to mobile data transfer standards). In encrypted mode, users can communicate with the server at a speed of 16 Mbps.
The software supports dynamic IP assignment. A single interface for managing and configuring rights and access filters to a single database. Access can be carried out through various communication channels (dedicated, dial-up), which use the methods of accessing the Internet via xDSL, Dial-UP, as well as GPRS, WiMAX, 3G, Wi-Fi and satellite signal. Built-in firewall.
Purpose
Initially, the developers wanted to create a highly specialized product that could only combine several enterprise networks into one secure one. After she grew additional features and capabilities and turned into a full-fledged complex for creating the most secure network with a large number of settings and its own access policy.
- powerful data encryption algorithm over the network;
- ample opportunities for working with VPN and its configuration;
- support for all data transfer protocols.
- limited set of tools and functions for Unix-like systems;
- V GUI there is no way to set the time;
- does not support CLI interface.
Download
Continent AP 3.7 is a software package for ensuring the security of work in corporate networks with a large set of options and settings.
| Language | Russian |
| OS | Windows 7, 8.1, 10 |
Operating systems are developing, Windows 8 appeared, followed by Windows 10, and finally the Federal Treasury has the Continent AP program that can be installed on these OS. Today I'll show you how to install this program on Windows 10. I'm not talking about the "eight", because it is updated via the Internet to the "ten".
But first, I would like to show that old version The AP Continent, namely 3.5.68.0, does not install on Windows 10. I tried to do this, and this is the message I got as a result:
On fig. 1 I circled this message with a bold red frame. Well, that means we need another version of the program, and we have it. So let's get started. First, an excerpt from the installation instructions for the program:
Before installing the complex, make sure that the computer meets all the requirements for hardware and software. Software The complex is installed in accordance with one of three options that provide the necessary level of security:
- low - corresponds to the class KS1;
- medium - corresponds to the class KS2;
- high - corresponds to the class KS3.
There are two options for installing the software of the complex:
- normal installation - used for low and medium security levels;
- advanced installation, which includes the installation of Secret Net software - is used for a high level of security.
In general, there is a lot more written there, instructions are in the archive with the program, you can read it. I understand that there is always no time to read manuals, so I will tell you how I understood it myself.
To install a program with medium and high level security, you must have a board and software PAK "Sobol". In addition, for installation with a high level of security, the Secret software is additionally required. Net version depending on the OS being used. But to install a program with a low security level, none of the above is needed. This is just right for us. We will install with a low level of security.
So, you have downloaded the archive with the program, unzipped it and after that go to the "Setup" folder. What do we see here? And we see two executable files "ts_setup" And "ts_sn_setup"(Fig. 2):
Which one should be run? One of the files is used to install the program with a low and medium security level, the second - with a high one. We are interested in the first file in the list "ts_setup". Run it, a window will open (Fig. 3):
Let's do as Fig. 3, 4 and 5. Everything is clear in the pictures and let's move on to "Next" (Fig. 5). A window will open (Fig. 6), where we will dwell in more detail.
Loading...