Rostelecom and Solar Group Strengthen Cybersecurity at Tomskaya Generatsiya Facilities

A Priority Focus

Protecting information from potential data leaks is widely viewed as one of the top priorities for participants in Russia’s telecommunications market. The issue is especially acute for critical infrastructure assets, where stable operations directly affect the safety and well-being of large numbers of people. As a result, cryptographic protection tools continue to evolve and improve.

This week it became known that Rostelecom, working together with the Solar Group of Companies, strengthened the security of communication channels at four facilities operated by Tomskaya Generatsiya. The sites were connected to the GOST VPN service, a software suite that relies on encryption tools that have received preliminary approval from the Federal Security Service. Modern hardware ensures the confidentiality and integrity of corporate data across all layers of the internal network.

“For Tomskaya Generatsiya, we deployed a fault-tolerant service with redundancy built into both communication channels and cryptographic gateways. At the same time, the solution is fully transparent for the client’s network – the customer continues to receive Layer 2 channels from the operator, but now with cryptographic protection,” said Alexander Veselov, head of the product portfolio at Solar Group of Companies.

Legal Requirements

The use of enhanced data protection systems is mandatory for government bodies, operators of critical information infrastructure, as well as organizations in healthcare, energy, and finance. These requirements are enshrined in federal laws on personal data and on the security of critical infrastructure. As a result, such organizations must use GOST-compliant encryption when exchanging data.

Under the service-based delivery model, Rostelecom assumes full responsibility for meeting the requirements of Russia’s security regulators. This approach allows customers to reduce capital expenditures and ensures secure interaction between geographically distributed facilities

Denis Kobzar

Acting Director of the Tomsk branch of Rostelecom

The GOST VPN service provides customers with confidentiality and integrity for information transmitted over public communication channels. Data is encrypted using algorithms developed by Russian specialists. Once the service is activated, customers gain access to a dedicated security dashboard that provides detailed information on connected offices and the current status of cryptographic protection tools. Operational data can be exported as reports, and customers can contact a personal account manager or technical support team at any time, around the clock.

Demand Is Set to Grow

The adoption of the GOST VPN service across Russian organizations and enterprises is expected to expand further. Growing demand for encryption solutions reflects steadily rising requirements for protection against interception and unauthorized interference. An important factor is that Russian specialists possess the necessary expertise to meet these challenges.

While the GOST VPN service is primarily designed to protect organizations within Russia, its operating model could also find demand abroad. Russian experts could offer international clients similar solutions tailored to local requirements, without directly replicating the full domestic implementation.

Automated Protection Against Bots

The provider of the GOST VPN service, the Solar Group of Companies, is among Russia’s leading cybersecurity organizations and continues to enhance its technology stack. At the end of last year, the group received a patent for a unique technology designed to identify malicious requests to web servers. The solution allows owners of online resources – including e-commerce platforms and other small and medium-sized business websites – to automatically detect and block bot activity, ensuring uninterrupted service for users without revenue losses.

The development is based on a mathematical model that analyzes statistical patterns of requests from real users and bots. By examining parameters of HTTPS connections, the system predicts the likelihood that a request was generated by automated software.

There is little doubt that the number of domestically developed security systems in Russia will continue to grow. Increased competition in the market will push service providers to continuously improve quality, ultimately helping to reduce data breaches and service disruptions.