V.I. Korolev1, A.D. Abkhazi2

1 Federal Research Center «Computer Science» of the Russian Academy Sciences (Moscow, Russia)
1 Gubkin Russian State University of Oil and Gas (Moscow, Russia)
2 Federal State Budgetary Educational Institution of Higher Education «Moscow State Linguistic University»
(Moscow, Russia)
1 vkorolev@ipiran.ru, 2 artem.abkhazi@gmail.com

This article addresses the issue of ensuring security in information systems with network-based IT infrastructure. This class of systems includes data-intensive systems (DIS) – automated information systems (AIS) designed to support data analysis and management, information processing, and the execution of research and applied tasks across various data-intensive domains.

The functioning of DIS in the Big Data environment, along with the diversity of solutions in the network landscape of their IT infrastructure, results in the emergence of new vulnerabilities and network attacks, which significantly complicates the task of ensuring information security. This situation necessitates a targeted analysis of the functionality and applicability of modern network security tools and technical systems, with the goal of their systematic integration during the development of integrated information security systems and identifying potential directions for further development.

The analysis of integration capabilities of network security tools in information systems with network-based IT infrastructure is conducted with reference to advanced international and domestic practices in securing network architectures. One of the goals of this analysis is to determine key factors influencing the integration of protection tools into integrated security architectures under the conditions of import substitution.

As a result of the analysis, the main frameworks and system-level technologies of the established methodological approach to building comprehensive integrated solutions in the field of network security in international practice were identified, using the suite of products and system solutions by the U.S. vendor McAfee as an example. Baseline comparative characteristics of network security systems developed by leading domestic vendors-Ideco, UserGate, and Positive Technologies – are provided. Key factors affecting the integration of security tools and software products into comprehensive security systems are formulated.

The obtained results can serve as a methodological foundation for designing integrated information security systems in specific cases involving network-based IT infrastructures, as well as for setting development objectives for system-level software products as components of such comprehensive solutions.

Korolev V.I., Abkhazi A.D. Analysis of the integration capabilities of network attack protection tools for data-intensive systems. Highly Available Systems. 2025. V. 21. № 3. P. 5−17. DOI: https://doi.org/ 10.18127/j20729472-202503-01 (in Russian)

1. Budzko V.I., Korolev V.I., Belenkov V.G. Osobennosti ispol'zovaniâ markerov konfidencial'nosti v sistemah intensivnogo ispol'zovaniâ dannyh. Sistemy vysokoj dostupnosti. 2019. T. 15. № 2. S. 57–66. ISSN 2072-9472. https://elibrary.ru/item.asp?id=39323502. DOI: 10.18127/j20729472-201902-06
2. Kak razrabatyvat prilozheniâ s intensivnym ispol'zovaniem dannyh: primery i praktika. https://esk-solutions.com/ru/information/345-kak-razrabatyvat-prilozenia-s-intensivnym-ispolzovaniem-dannyh-primery-i-praktika.html
3. Èffektivnye rešeniâ dlâ zaŝity seti: obzor rossijskih IDS/IPS. 28 avgusta 2024. https://www.securitylab.ru/blog/personal/ paragraph/354144.php
4. Čto takoe rossijskie NGFW? https://ideco.ru/rossikie_ngfw_sovremennye_resheniya_dlya_setevoj_bezopasnosti
5. Korolëv V.I., Abhazi A.D. Èvoliuciâ i sovremennye tendencii zaŝity avtomatizirovannyh informacionnyh sistem s setevoj IT-infra­strukturoj. Vestnik RGGU. Seriâ «Informatika. Informacionnaâ bezopasnost’. Matematika». 2024. № 4. S. 58–80. ISSN 2686-679X. DOI: 10.28995/2686-679X-2024-4-58-80
6. GOST R ISO/MÈK 27033-1-2011. Metody i sredstva obespečeniâ bezopasnosti. Bezopasnost’ setej. Čast’ 1. Obzor i konceptcii.
7. McAfee Network Security Platform: ob’’edinenie bezopasnosti seti i bezopasnosti sistemy. https://msmax.kz/doc/ru/1094.pdf
8. McAfee Network Security Platform. https://partners.trellix.com/enterprise/en-us/assets/data-sheets/ds-network-security-platform-ns-series.pdf
9. Shlomi Lavi. McAfee Foundstone Review, Pros and Cons (Oct 2024) | ITQlick. https://www.itqlick.com/mcafee-foundstone
10. McAfee ePolicy Orchestrator. https://www.tadviser.ru/index.php/Produkt:McAfee_ePolicy_Orchestrator_(ePO)
11. McAfee Network Access Control Client. https://reviewpoint.org/blog/mcafee-network-access-control-client
12. Kompaniâ McAfee Rossiâ. https://www.tadviser.ru/index.php
13. McAfee v Rossii: Delaem stavku na platformennyj podhod. https://safe.cnews.ru/articles/mcafee_v_rossii_delaem_stavku_na_platformennyj
14. Ahrameeva K.A., Vistunov S.S. Sravnitel'nyj analiz rynka ekosistem informacionnoj bezopasnosti. Ekonomika i kachestvo sistem svyazi. 2024. № 3(33). S. 119–126.
15. Sarychev D. Ekosistemy kiberbezopasnosti i ih rol' v razvitii rossijskogo rynka. 29 noyabrya 2022 goda. https://www.anti-malware.ru/ analytics/Technology_Analysis/Cyber-Security-Ecosystems#:~:text=Экосистемы%20кибербезопасности%20и%20их%20роль%20в%20раз%25
16. Sarychev D. Sravnenie ekosistem informacionnoj bezopasnosti. 18 maya 2023 goda. https://www.anti-malware.ru/compare/InfoSec-e­cosystems
17. Gazprombank Mobajl usilivaet kiberbezopasnost’ vmeste s Cross Technologies na baze rešenij Positive Technologies. https://ptsecurity.com/ru-ru/about/news/gazprombank-mobail-usilivaet-kiberbezopasnost-na-baze-reshenii-positive-technologies/
18. Kejs: UserGate na zaŝite otečestvennyh platežnyh sistem i èlektronnoj kommercii. https://tssolution.ru/blog/kejs-2
19. Za kulisami kiberzaŝity: Kejs perehoda na Ideco NGFW ot SberRešenij. https://ideco.ru/sberexperience
20. «SpecSnabTrans» postroil nadežnuû zaŝitu: NGFW, antispam, zaŝita rabočih mest. https://cisoclub.ru/specsnabtrans-postroil-nadezhnuju-zashhitu-ngfw-antispam-zashhita-rabochih-mest/
21. Kontejnery dlâ prilozhenij: riski bezopasnosti i ključevye rešeniâ po zaŝite. https://malware1283.rssing.com/chan-59483195/ all_p11.html
22. 27-j Bol’šoj Nacional’nyj forum informacionnoj bezopasnosti (5–6 fevralâ, Moskva, 2025 g.). Tematičeskaâ sessiâ 4 «Kak prijti k ideal’nomu NGFW?». https://infoforum.ru/programma-infoforuma-2025
23. Sekrety èffektivnogo vzaimodejstviâ NGFW i SOC. https://www.itsec.ru/articles/sekrety-effektivnogo-vzaimodejstviya-ngfw-i-soc
24. Sistemnaâ integraciâ: techničeskij aspekt. https://www.kholodkov.ru/it/?p=630
25. Internet-istочник AppMaster – «Tipy sistemnoj integracii». https://appmaster.io/ru/blog/tipy-sistemnoi-integratsii
26. Bouramdane A.-A. Cyberattacks in Smart Grids: Challenges and Solving the Multi-Criteria Decision-Making for Cybersecurity Options. Including Ones That Incorporate Artificial Intelligence, Using an Analytical Hierarchy Process. J. Cybersecur. Priv. 2023, 3, 662–705. https://doi.org/10.3390/jcp3040031
27. Fuhr J., Wang F., Tang Y. MOCA: A Network Intrusion Monitoringand Classification System. J. Cybersecur. Priv. 2022, 2, 629–639. https://doi.org/10.3390/jcp2030032
28. Hamza Nachan, Dristi Poddar, Sambhaji Sarode, Pratik Kumhar, Simran Birla. Intrusion Detection System: A Survey. International Journal of Engineering Research & Technology (IJERT). V. 10 Issue 05, May-2021. ISSN: 2278-0181. http://www.ijert.org
29. Efstratios Chatzoglou, Vasileios Kouliaridis, Georgios Karopoulos, Georgios Kambourakis. Revisiting QUIC attacks: a comprehensive review on QUIC security and a hands-on study. International Journal of Information Security (2023) 22:347–365. https://doi.org/ 10.1007/s10207-022-00630-6
30. Ghosh T., Bagui S., Bagui S., Kadzis M., Bare J. Anomaly Detection for Modbus over TCP in Control Systems Using Entropy and Classification-Based Analysis. J. Cybersecur. Priv. 2023, 3, 895–913. https://doi.org/10.3390/jcp3040041