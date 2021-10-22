



Russian OS Astra Linux Special Edition has been updated to version 1.7. The update contains dozens of changes, including the transition to a new version of the Linux kernel, a modified interface and new information security tools. In addition, now Astra Linux Special Edition is distributed as a single distribution kit that has incorporated the functions of the Common Edition release.

Large-scale update

The Russian group of companies Astra Linux informed CNews about the release of the update of the Astra Linux Special Edition operating system to version 1.7. The platform is intended for use, including in companies working with restricted information. To do this, back in May 2019, she received a special-purpose certificate for information security requirements for operating systems of type “A” of the first class of protection in the FSTEC of Russia ISS certification system. Thanks to this, Astra Linux Special Edition became the first OS admitted in Russia to the state secret of the highest secrecy.

The updated Astra Linux Special Edition 1.7 is based on the Linux 5.4 LTS kernel (released in November 2019), which will soon be updated to version 5.10 (December 2020). The update will take place before the end of 2021. The system is also based on the Debian 10 distribution.

The changes in the system affected not only the kernel, but at the same time the software filling in addition to the innovations in the interface. In particular, virtualization functions and data management systems have appeared, as well as more relevant information security tools.

The update to version 1.7 turned out to be global

Many Russian government departments are gradually moving to Astra Linux Special Edition. In July 2021, CNews wrote that the Russian Ministry of Internal Affairs issued an order of the category “for official use”, which gave the Astra Linux OS a special priority in relation to other systems. With this, the department has significantly simplified for itself the procurement of this operating system in a protected version of the Special Edition. When asked by CNews if ordinary users can work in the Special Edition, the developers answered: “Yes, they can. But this is a commercial distribution and it will not be distributed free of charge. “

The most important change

One of the main innovations in Astra Linux Special Edition, which appeared in build 1.7, is the transition to a single distribution kit instead of several separate releases – it includes both the Special Edition and the Common Edition.

Customers wishing to abandon foreign software in favor of this OS will be offered a choice of three modes of operation of built-in information security tools (ISS).

Astra Linux Desktop

The basic operating mode in its capabilities is fully comparable to the Astra Linux Common Edition distribution kit, intended for ordinary consumers who do not work with the state secret. It will be enough to work with publicly available information in the networks of various organizations. As representatives of Astra Linux told CNews, the basic level will also be enough for “information protection in state information systems of the 3rd security class, personal data information systems of 3-4 security levels and important objects of critical information infrastructure.”

The second mode of CPB operation is called “Enhanced”. According to the developers, it is necessary for “processing and protecting restricted information that does not constitute a state secret.” This mode should be applied in state information systems, personal data information systems and significant objects of critical information infrastructure of any security class.

The third mode is a kind of evolution of the enhanced. In this case, the system provides protection of state secrets of any degree of secrecy.

“For the convenience of our customers, we have combined a number of releases into one distribution kit with the ability to choose exactly the level of security that is relevant for them. At the same time, the company will continue to provide support services to those customers who use Astra Linux Special and Common Edition, released earlier, “- the director of products of the Astra Linux Group of Companies told CNews Evgeny Vekshin…

“Now you can buy licenses for different modes of operation, so as not to overpay, depending on how much information is needed,” representatives of Astra Linux Group told CNews.

Development of information security tools

As the developers of Astra Linux Special Edition told CNews, in version 1.7, the basic data protection mechanisms have learned to work independently of each other. This applies to mandatory integrity control, closed software environment, as well as mandatory access control and guaranteed overwriting of deleted data.

The start menu will be convenient and understandable for everyone who switched to Astra Linux from WIndows

The transition to this mode of operation of the protection algorithms allows for more flexible configuration of the protection system. Now it will become easier to adjust them to the requirements of a specific information system.

In addition to this, the developers have added to the system filtering of network packets by classification marks in the IPv6 protocol. The standard Samba file server has also undergone modernization. It now has support for the mentioned mandatory access control on all versions of the SMB protocol.

Other innovations

In addition to the new kernel and enhanced information security, the Astra Linux Special Edition 1.7 OS also received an update to its standard applications. So, the main FreeIPA domain has been updated to version 4.8.5, and SambaDC (file server) – to 4.12.5. Not without an update of the pre-installed office suite LibreOffice – it is available in version 7.1.

The system has support for a dark theme

The list of standard programs of the new operating system is supplemented by the protected edition of the PostgreSQL 11.10 DBMS, along with the network monitoring tools Zabbix 5.0.4. Additionally, the OS supports container virtualization. The new version also supports an extended repository.

The system interface has also been updated – there are new color schemes, a login theme, plus the design of the taskbar and Start menu icons has changed. Another important change – the domestic font PT Astra Fact has appeared in the system. As CNews reported, it was developed to replace the Verdana font and is its full counterpart, corresponding to the concept of import substitution. The original American font Verdana was dropped from Russian GOSTs in March 2021. The development of PT Astra Fact was carried out by the domestic company “Paratype”.

When asked by CNews about the fate of the Verdana font as part of the Astra Linux Special Edition OS, the developers replied that it was not and was not in this system. “Our fonts PT Astra Sans, PT Serif are also available for users in the office suite,” they added.

The fonts PT Astra Serif and PT Astra Sans were developed by the same Paratype company. This is a complete metrically identical replacement for the Times New Roman font.

Certification passed

According to the developers, Astra Linux Special Edition 1.7 has been successfully tested in the FSTEC of Russia certification system according to the first (highest) level of trust. In other words, the system was found to be fully compliant with the “Requirements for information security, establishing levels of confidence in the means of technical protection of information and means of ensuring the security of information technologies”, as well as the “Requirements for the security of information for operating systems” and “Protection Profile of Type A operating systems of the first class protection. IT.OS.A1.PZ “.

“The solution can be applied in IT systems that process any information of limited access, including state secrets of“ special importance ”- this is evidenced by the certificate of conformity No. 2557, reissued on October 7, 2021. The reissued certificate specifies the availability of database management system functions in the product and virtualization environments. This additionally confirms the correctness of the use of built-in virtualization tools and DBMS in protected systems, as well as the implementation of security measures, ”the developers told CNews.