Continent ap version 3.7 on windows 10. Protecting wireless networks


CIPF "Continent-AP"- is a software VPN client for connecting a remote workstation or mobile device to the resources of an enterprise automated system. Helps solve the following problems:

  • Identification and authentication of the remote user when establishing a connection is based on public key certificates of the X.509 standard
  • All access policies for remote employees are configured by the administrator of the organization’s VPN network using the Continent NCC management program
  • The personal firewall in Continent-AP for MS Windows OS ensures a secure connection to public networks and restricts access to network resources of the workstation.
  • Traffic encryption in accordance with GOST 28147–89 with a modern key scheme ensures guaranteed cryptographic strength of a secure connection

The certificate of the FSB of Russia confirms compliance with the requirements of the governing documents for level 3 control for the absence of non-intrusive substances and class 3 security for firewalls.

When ordering CIPF “Continent-AP” it is necessary to purchase it for each geographically distributed office.

Available only for legal entities.

Manufacturer: Security Code LLC

RUB 8,200.00

The invoice will be generated automatically. Indicate the payer type "legal entity" and fill in the details.

Possibilities

  • Cryptographic data protection- Cryptographic protection of transmitted data is implemented on the basis of Russian cryptographic algorithms in accordance with GOST 28147-89 in gamma mode with feedback.
  • Authentication/identification of remote users - Identification and authentication of a remote user when establishing a connection between the subscriber station and the Continent access server is carried out on the basis of public key certificates. The scheme is implemented using X.509 standard certificates. There are 2 options for working with certificates: a trusted certification authority is the access server management program - the first option and a trusted authority is an external certification authority - the second option, in the second option integration with CA CryptoPro is possible.
  • Support for a variety of key media - The key information carrier for a VPN client for Windows or Linux can be floppy disks, flash drives, electronic keys eToken, ruToken, iKey, and it is also possible to use iButton identifiers if the PC allows you to install the Sobol PAK or TM Card.

CIPF "Continent-AP" for Adnroid supports the ability to store key information on secure JaCarta MicroSD cards from Aladdin R.D.

  • Remote user access to protected network resources via an encrypted channel.
  • Remote access for mobile users.
  • Communication with the Continent access server at speeds up to 16 Mb/s* in encryption mode.
    *For a VPN client for mobile devices, the connection speed is limited by the quality of the communication channel (3G, GPRS, Wi-Fi, etc.).
  • Support for dynamically assigned IP addresses.
  • Centralized management of filtering rules and user access rights to information resources of a secure network.
  • Transparent traffic exchange with protected network segments for any application (including VoIP and video conferencing).
  • Access via both dedicated and dial-up communication channels using various methods of connecting to the Internet through technologies: Dial-UP, xDSL, leased line, Wi-Fi, GPRS, 3G, WiMAX, satellite communication channels.
  • Integrated firewall
The Continent-AP software for Windows OS includes a firewall (FWE) designed to filter IP packets from the network traffic of the computer on which Continent-AP is installed. ITU provides filtering of incoming and outgoing IP packets based on the following criteria:
  • IP addresses of the sender and recipient;
  • application protocol type (POP3, HTTP, SMTP, etc.);
  • the network interface through which the packet was received or will be sent;
  • header fields and contents of IP packets.
In addition, IP packets are filtered:
  • by transport protocol type (TCP/UDP/ICMP/…);
  • via TCP/UDP ports;
  • by types and codes of the ICMP protocol.
Incoming and outgoing IP packets are scanned according to filtering rules and in accordance with a specified schedule. Events that occur while filtering network traffic are recorded and stored in the Terminal Station log.
  • Ability to connect to an access server using a DNS name.
  • It is now possible to tunnel traffic into an HTTP tunnel.
  • Support for authorization on HTTP-PROXY.
  • An API interface has been implemented for interaction with external applications.
  • The ability to automatically establish a VPN connection on the workstation without operator participation.
  • Possibility of establishing a connection between CIPF “Continent-AP” for Windows and Linux with the access server before registering the OS user.
    Allows workstations belonging to a domain to work remotely.

Purpose

  • Securing connections to remote workstations
    In cases where only 1-2 employees work in a remote office and for some reason installing the Continent APKSH is impractical, it is possible to securely connect the workstation to the resources of the enterprise automated system using the Continent-AP VPN software client.
  • Securing connections to mobile clients
    Providing the ability to securely connect to enterprise information resources for mobile employees and company management. The Continent-AP VPN software client can be installed on the laptops of mobile employees.

Possibilities

  • Cryptographic data protection
    Cryptographic protection of transmitted data is implemented on the basis of Russian cryptographic algorithms in accordance with GOST 28147-89 in gamma mode with feedback.
  • Authentication/identification of remote users
    Identification and authentication of a remote user when establishing a connection between the subscriber station and the Continent access server is carried out on the basis of public key certificates. The scheme is implemented using X.509 standard certificates. There are 2 options for working with certificates: the trusted certification authority is the access server management program - the first option and the trusted authority is an external certification authority - the second option, in the second option integration with CA CryptoPro is possible.
  • Supports a variety of key media
    The key information carrier for a VPN client for Windows or Linux can be floppy disks, flash drives, electronic keys eToken, ruToken, iKey, and it is also possible to use iButton identifiers if the PC allows you to install the Sobol PAK or TM Card.

    CIPF "Continent-AP" for Adnroid supports the ability to store key information on secure JaCarta MicroSD cards from Aladdin R.D.

  • Remote user access to protected network resources via an encrypted channel.
  • Remote access for mobile users.
  • Communication with the Continent access server at speeds up to 16 Mb/s* in encryption mode.

    *For a VPN client for mobile devices, the connection speed is limited by the quality of the communication channel (3G, GPRS, Wi-Fi, etc.).

  • Support for dynamically assigned IP addresses.
  • Centralized management of filtering rules and user access rights to information resources of a secure network.
  • Transparent traffic exchange with protected network segments for any application (including VoIP and video conferencing).
  • Access via both dedicated and dial-up communication channels using various methods of connecting to the Internet through technologies: Dial-UP, xDSL, leased line, Wi-Fi, GPRS, 3G, WiMAX, satellite communication channels.
  • Integrated firewall
    The Continent-AP software for Windows OS includes a firewall (FWE) designed to filter IP packets from the network traffic of the computer on which Continent-AP is installed. ITU provides filtering of incoming and outgoing IP packets based on the following criteria:
    • IP addresses of the sender and recipient;
    • application protocol type (POP3, HTTP, SMTP, etc.);
    • the network interface through which the packet was received or will be sent;
    • header fields and contents of IP packets.
    In addition, IP packets are filtered:
    • by transport protocol type (TCP/UDP/ICMP/…);
    • via TCP/UDP ports;
    • by types and codes of the ICMP protocol.
    Incoming and outgoing IP packets are scanned according to filtering rules and in accordance with a specified schedule. Events that occur while filtering network traffic are recorded and stored in the Terminal Station log.
    • Ability to connect to the access server viaDNS-name.
    • It is now possible to tunnel traffic toHTTP-tunnel.
    • Authorization support forHTTP- PROXY.
    • ImplementedAPIinterface for interaction with external applications.
    • Possibility of automatic installationVPN- connections to workstations without operator participation.
    • Possibility of establishing a connection between CIPF “Continent-AP” for Windows and Linux with the access server before registering the OS user.
      Allows workstations belonging to a domain to work remotely.

System requirements

CIPF "Continent-AP" for Windows or Linux operating systems can be installed on computers equipped with processors of the Intel X86 family or compatible with them.

ElementMinimumRecommended
CPU Celeron 300 MHzPentium IV 1.8 GHz
RAM 128 MB512 MB
HDD
(free space) 		512 MB512 MB
operating room
system

Windows:

  • Windows XP Professional SP3 x86;
  • Windows 2003 Server SP2 x86/x64;
  • Windows 2003 Server R2 SP2 x64/x32;
  • Windows Vista SP2 x86/x64 (except all Starter and Home editions
    Edition);
  • Windows 2008 Server SP2 x86/x64;
  • Windows 2008 Server R2 SP1 x64;
  • Windows 7 SP1 x86/x64 (except all Starter and Home editions
    Edition);
  • Windows 8/8.1 x86/x64.

Linux:

  • Alt Linux SPT 6.0 Workstation x86/x64. Alt Linux SPT 6.0 Server x86/x64;
  • Mandriva Spring 2008.1 x86

CIPF "Continent-AP" for Android is installed on tablet computers and smartphones with Internet access.

operating systemAndroid 4.x and higher
Memory Either an external memory card, or any internal memory accessible by applications (for example, the user partition)
Means of Internet access Any of:
  • Built-in 3G/4G module;
  • Built-in Wi-Fi module;
  • USB-On-The-Go port for connecting an external network adapter.

Documentation

The documents presented here are included with the product. They are subject to all terms of the license agreement. Without the special written permission of the Security Code company, these documents or parts thereof in printed or electronic form cannot be copied or transferred to third parties for commercial purposes.

The information contained in these documents may be changed by the developer without special notice, which does not constitute a violation of the obligations towards the user on the part of the developer company.

User documentation

Version 3.7 RU.88338853.501430.007

ReleaseNotesAP.pdf

Administrator's Guide

The manual contains the information necessary for the administrator to install and configure the Complex components on the Windows platform.

Continent-AP_Windows_Admin_Guide.pdf
User guide

The manual contains the information necessary for the user to operate the Complex software on the Windows platform.

Continent-AP_Windows_User_Guide.pdf

CIPF "Continent-AP" for Android, version 3.7

ReleaseNotesAP.pdf - This document contains a description of the main features and limitations (Release Notes).

Certificates

DEPARTMENTNUMBERPRODUCTDESCRIPTIONVALID
FSTEC of Russia3007 RU.88338853.501430.007CIPF "Continent-AP" version 3.7Confirms compliance with the requirements of the guidelines for level 3 control for the absence of non-intrusive substances and class 3 security for firewalls.Until 01.11.2016

Application options

APKSH "Continent" is a powerful and flexible tool for creating virtual private networks, allowing you to build a VPN of any architecture. Below are typical schemes for constructing a VPN based on the complex:

Wireless Security

Secure connection of wireless network clients to a dedicated segment with differentiated access rights.

Connecting remote users

Connecting remote clients to a network protected by APKSH "Continent" using a subscriber point. Working with dynamic IP addresses significantly increases user mobility.

Centralized AP connection

For small businesses or small enterprises, a centralized AP connection scheme is ideal.

Connecting the AP according to the “tree” diagram

For organizations with an extensive network of branches and representative offices, it is possible to organize a VPN according to the following scheme: "tree". This scheme will streamline information flows within the organization.

Decentralized AP connection

If an organization has a complex distributed information system for collecting and processing data or for solving complex problems, it is possible to organize access to VPN resources in a decentralized manner.

Continent-AP" for Android OS

Key Features

Cryptographic protection
Traffic encryption in accordance with GOST 28147-89 with a modern key scheme ensures guaranteed cryptographic strength of a secure connection		 Working without superuser rights
Installation and operation of the VPN client is carried out by the user using standard Android tools and does not require root rights, which ensures the safety of the mobile device.
Strengthened Authentication
Identification and authentication of the remote user when establishing a connection is based on public key certificates of the X.509 standard		 Centralized management
All access policies for mobile users are configured by the administrator of the organization’s VPN network using the Continent SD management program

Screenshots

Documentation

Video instructions

To view video instructions for installing and configuring the Continent-AP CIPF VPN client on a mobile device running Android OS, select the material you are interested in:

1. Installation of CIPF “Continent-AP” for Android on a mobile device.

2. Creating a request for a certificate in the CIPF application “Continent-AP” for Android

3. Creating a connection profile in the Continent-AP CIPF for Android.

4. Connecting the user of the CIPF "Continent-AP" for Android to the Access Server "Continent" 3.7.

Ensuring the confidentiality and security of received and transmitted data is an important condition for working on the Internet. This is especially true in relation to state and municipal entities, legal entities that regularly exchange various types of reports, send and receive various payments. To ensure the protected activities of the listed entities, the Russian company Security Code has developed a number of hardware and software products. Allowing you to ensure the protection and safety of transmitted data, avoiding leakage or hacking. One of these products is Continent-AP software 3.7, and below we will look at what Continent AP 3.7 is and whether it is possible to download Continent AP 3.7 from the official website.

What is Continent AP 3.7?

The Continent-AP software is designed to ensure secure data transmission through public networks by building a secure VPN network. The protection of transmitted data is ensured by cryptographic encryption, which prevents data leakage in favor of third parties.

The reliability of Continent-AP is confirmed by various certificates of the FSB of Russia. It recommends the functionality of Continent AP 3.7 for working with the treasury service and various state and municipal bodies.

The operation of the Continent-AP software is based on the client-server principle. The Continent-AP software package is installed on the client’s computer, which connects to the required server. The latter checks the client's authority to access network resources, and if the decision is positive, grants the specified access.

Before installing the latest version of Continent-AP (currently version 3.7.7 and higher), the cryptographic information protection tool (CIPF) CryptoPro CSP version 4.0 and higher must be installed on the client PC.

APKSH "Continent" - hardware encryption module

How to get Continent AP 3.7

The official procedure for obtaining Continent-AP software 3.7 boils down to approximately the following:

  • An official application is submitted to the appropriate department (for example, to the federal treasury department of your region) for the provision of the cryptographic protection tool for the CIPF “CryptoPro”;
  • A letter is often attached to this application, in which the head of the federal (municipal) structure indicates the name and position of the person who is entrusted with receiving the disk with the appropriate software;
  • Upon receipt, the responsible person must have with him a blank CD (DVD) disk on which the software is recorded;
  • The responsible person installs the specified software on the appropriate PC in his structure. To do this, you need to insert the recorded disc into the CD (DVD) drive of your PC, run the setup.exe file, and go through the installation procedure;
  • Then you will need to run Setup\ts_setup.exe and install the Continent AP 3.7 software on your PC.

How to download Continent AP 3.7 from the official website

As you can see, the procedure for obtaining this software product does not involve directly downloading Continent AP 3.7. from the developer's official website at securitycode.ru. Nevertheless, there are online resources that offer to download Continent AP 3.7 from the network. For example, you can download a version of the product from the resource kontinent-ap.ru or use a direct link to the archive

To install the new version of Continent-AP 3.6, you must first remove the old version of Continent-AP 3.3; version Continent-AP 3.6 is available for download at http://www. *****/cont/install/Cont_Client_3.6.83.0.zip

and install CIPF "Continent-AP"

1 2

basically a normal setup...

3https://pandia.ru/text/78/111/images/image004_17.jpg" width="307" height="246">

When installing, disable the "firewall" item

(more details about the built-in firewall in the Continent-AP-Windows - Admin Guide. pdf page 5)

5https://pandia.ru/text/78/111/images/image006_12.jpg" width="323" height="247 src=">

IPspecify the Access Server address 91.242.171.57 After completing the installation, be sure to restart the PC.

7 https://pandia.ru/text/78/111/images/image008_9.jpg" width="316" height="242 src=">

After rebooting the PC, the “Security Code” will appear in the “Programs” menu.

The file is located at http://www. *****/cont/install/request. xsl copy to the folder C:\Program Files\Security Code\Continent Client, replacing the installed one. If request. xsl is saved as request. xml, delete the installed one, and change the extension of the newly copied one to *.xsl.

An icon will also appear in the taskbar, click RMB (right mouse button)

9

Please look carefully at the following request form

10Employee name" should be entered" organization", possibly an abbreviated name (user names or names of your PCs are not acceptable). When creating a request, do not specify quotation marks.

In the "Description" field - the full name of the organization;

In the "Organization" field - abbreviated name;

All fields are required.

An official email address must be specified (if there is none, create one), the exchange of messages, requests and certificates will be used only via the e-mail specified in the electronic request with the application.

Print the request form and fill it out. There is no need to edit the displayed form (*.html).

The proposed electronic request form, which contains the name of the current Windows user (you can edit at your discretion), leave the current time and date unchanged.

Click the "Details>>" button and select the crypto provider on which your key will be created. To create an exported key, when creating a certificate request, select in the crypto provider field CryptoPRO CSP. After clicking the "OK" button, the formation of the secret part of the key will begin.

11 CryptoPro CSP" (3.5” floppy disk, USB Flash drives, registry, eToken, ruToken, etc.).

12 13

you need to move the mouse and press keyboard keys.

14 https://pandia.ru/text/78/111/images/image016_1.jpg" width="258" height="145 src=">13

Electronic (<имя запроса>.req) and paper (<имя запроса>.html) send forms to *****@***ru 1 (pp.6-7). When filling out a paper form, you must write the full name of the organization (filling it out manually is encouraged). Waiting for a response message with certificates. If necessary, the user can copy the container using CryptoPro to another medium and install it on another workstation.

Installation of public key certificates for CIPF "Continent-AP" https://pandia.ru/text/78/111/images/image018_2.gif" width="587" height="303">

select the received certificate

17

specify the secret container

18

agree to import the root certificate (Yes, automatically)

19

establish and agree with what is proposed,

20

21

perform the action "Connect Continent-AP"

22

The colored icon indicates a successful connection to the Access Server.

Check the availability of the URM server using the ping 10.12.16.16 command.

Obtaining a Continent-AP key certificate:

1) To non-resident clients, when sending all documents by e-mail, the attached files must be scanned in color with a resolution that allows you to read all the characters on the organization’s seal. The sending organization must be indicated in the body of the letter. Original documents on paper with a signature and seal should be sent by mail or other accessible means within 3 (three) working days to the Department of Finance of the Yamal-Nenets Autonomous Okrug. This option is convenient for remote users who are unable to personally bring the required documents. It is recommended to pack sent documents using the Zip packer built into Windows. If everything is filled out correctly, the response message will include a user certificate, a root certificate and 1 (one) CryptoPro CSP 3.6 CIPF license for 1 (one) workstation.

23

2) Documents are delivered on paper with the signature and seal of the organization to the Department of Finance of the Yamal-Nenets Autonomous Okrug at the address Salekhard, pr-kt. Youth, 3rd floor, room 311.

If a representative of an organization receives a certificate, he must have the following documents with him:

Power of attorney signed by the head of the organization with a seal,

available for download at (http://www. *****/cont/install/warrant. doc);

Storage medium for certificates;

Identity document.

Briefly about creating a request:

1.Install the necessary software, replace the request template. xsl;

2.Print and fill out without editing the html file;

3. Scan the completed form, signed with the organization’s seal;

- for users who are unable to personally deliver a stamped request form:

4.Pack in zip (req, html) and send to mailbox *****@***ru;

5.Wait to receive certificates and a license in the response letter;

6.And only after receiving the certificates, send the original by mail in an envelope;

- for users who have the opportunity to personally bring a request *.req and paper form *.html personally:

7.Bring the originals personally to the Department of Finance of the Yamal-Nenets Autonomous Okrug

Have a medium for recording certificates with you

identity document

completed power of attorney http://www. *****/cont/install/warrant. doc


2024 gtavrl.ru.