If you do not respond, we will write ... to Sportloto
For two weeks, the territorial offices of Roskomnadzor have sent an extremely interesting letter to telecom operators throughout Russia . The supervisor requires information about the traffic exchange points, as well as the wiring diagram of the equipment with which the agency is going to manage the Runet.
This information is necessary for Roskomnadzor to create an information system for the Center for Monitoring and Management of a Public Communication Network (to implement the provisions of the Law No. 90- “On Sustainable Runet” dated May 1, 2017).
a source
Let us leave the terms “flapping” and “device on a stick” to the conscience of Roskomnadzor specialists. Decoding of some terms can be found here .
')
Provider "MART" in an accessible language explains the essence of the requirements of the ILO :
By the way, Roskomnadzor does not insist on the installation before NAT, but claims that it is “desirable”:
Roskomnadzor refers to the "law on sovereign / sustainable Runet", which provides for the procedure for providing such information. However, it has not yet entered into force and will take effect only from November 1, 2019 (with the exception of certain subparagraphs that enter into force from January 1, 2021). Standards are not developed, some have slowed down for procedural reasons .
Roskomnadzor and Mintsifra are compelled to run ahead of the locomotive, since they have fallen into a desperate situation, having fallen for what they fought for. For the standard they need information, the order of which is currently not available. And this information can be obtained only after the creation of this very standard.
The territorial directorates of Roskomnadzor reacted differently to the requirements of operators to clarify this recursion.
Yes, reader, sight does not deceive you. The duty did not come, but the requirement is legal, because ... well, it is very necessary, and if you cannot in our logic, then we will fine you. I also want this grass.
exactly so ( in the opinion of the RKN ) it is necessary to publish obscene language
But the deputy head of Roskomnadzor does not use substances, so he understands that the issue of responsibility is not raised.
I do not know where he found such. According to my observations, the majority of operators first of all had the question “How can I do this so as not to give out this information?”.
They also confirm from places that the regional branches of the RKN insist on a “brotherly” response and ask to send at least something as soon as possible , because the bosses demand a report.
Register (or log in through the state services) on the federal portal of draft regulatory legal acts, familiarize yourself with the normative acts on the “sovereign Runet” , make comments and / or put a like / dislike. Putting dizlike not like a project almost does not take time, and the psychological pressure created by this is also important. Periodically check the texts correct, then you need to re-post the old review or write a new one. Phil monitors the fate of the PPA and constantly puts up updates of their status .
November is getting closer, and the time of the supervisory authority is less and less. To be continued…
Update 1: ILV changed tactics and tries to refer to clause 6.1 of the Roskomnadzor Regulation :
It seems to me that Roskomnadzor is frankly disingenuous. There is not a word about the duty of the operator to provide this information. This "established procedure" comes into force only from November.
This information is necessary for Roskomnadzor to create an information system for the Center for Monitoring and Management of a Public Communication Network (to implement the provisions of the Law No. 90- “On Sustainable Runet” dated May 1, 2017).
a source
Applications
Let us leave the terms “flapping” and “device on a stick” to the conscience of Roskomnadzor specialists. Decoding of some terms can be found here .
')
Provider "MART" in an accessible language explains the essence of the requirements of the ILO :
Circled in red are the so-called TSPU (Technical Means for Countering Threats), the very “Black Boxes” of RKN. They are supposed to be put in places marked with red, i.e. exit BRAS. BRAS is the piece of hardware where the subscriber session actually runs and is processed. Most subscribers get a "gray" IP address here. Such an address is not routed to the Network, it must necessarily be stranded on the NAT (Network Address Translation) server into a “white” IP address. So attacking “gray” addresses from the Internet is difficult (we will not go into technical details, those who are interested in asking or pogglyat) how much easier it is to attack the “white” addresses of NAT servers or even border routers.
Now attention! Question: “Why is the TSPU installation point chosen? Who is our main threat to anyone? ”
And yet, only on our network of such BRAS 6 (Six) pieces are installed with a bandwidth of 2 ports of 10Gb / s on each. And we are not a very big operator. Thus, the ILV will have to supply us with at least 6 TSPUs, and more correctly, in order not to violate the reservation scheme, TSPUs should be 12.
By law, these glands are supplied at the expense of the RKN, i.e. for budget money. For it to work, you need to install equipment with decent performance. This costs from 300 tr per unit in opt. Hence, the ILV must install its hardware on our network in the amount of 3,600,000 rubles or more. Plus, you can add uninterruptible power systems from 500 thousand to 1 million. Well, and an important question, who will pay for electricity? This is somewhere 15 KVA.
There is another, the traffic of our subscribers is constantly growing, so the node is being upgraded, the number of BRAS and / or throughput of their ports increases. After a year or two, we will switch to equipment with ports of 40Gb / s or even 100. So the TSPU will have to be changed ...
You see, this is not about security at all. Such a scheme does not provide protection against external attacks, it will not solve other tasks that are declared. It will increase the risk of failures to which the operator will not be able to respond. Well, it will allow you to spend your money on unnecessary.
Oh yeah ... it will allow at any time to put any network from a certain center!
By the way, Roskomnadzor does not insist on the installation before NAT, but claims that it is “desirable”:
A typical TSPU installation point is after (closer to the trunk) BRAS / BNG or, less preferably, after NAT.
Installation to NAT is desirable. If in some cases the inclusion of pre-NAT is difficult, you can consider the option of inclusion after NAT. Please attach a network diagram so that the RKN staff can work out a solution for inclusion that is acceptable considering the characteristics of the network.
Vicious circle
Roskomnadzor refers to the "law on sovereign / sustainable Runet", which provides for the procedure for providing such information. However, it has not yet entered into force and will take effect only from November 1, 2019 (with the exception of certain subparagraphs that enter into force from January 1, 2021). Standards are not developed, some have slowed down for procedural reasons .
Roskomnadzor and Mintsifra are compelled to run ahead of the locomotive, since they have fallen into a desperate situation, having fallen for what they fought for. For the standard they need information, the order of which is currently not available. And this information can be obtained only after the creation of this very standard.
The territorial directorates of Roskomnadzor reacted differently to the requirements of operators to clarify this recursion.
The Yenisei Department of Roskomnadzor, for example, gave birth to a stunning response with its mutually exclusive paragraphs
Yes, reader, sight does not deceive you. The duty did not come, but the requirement is legal, because ... well, it is very necessary, and if you cannot in our logic, then we will fine you. I also want this grass.
exactly so ( in the opinion of the RKN ) it is necessary to publish obscene language
But the deputy head of Roskomnadzor does not use substances, so he understands that the issue of responsibility is not raised.
Although he imagines the operators, who with understanding met this circus
I do not know where he found such. According to my observations, the majority of operators first of all had the question “How can I do this so as not to give out this information?”.
They also confirm from places that the regional branches of the RKN insist on a “brotherly” response and ask to send at least something as soon as possible , because the bosses demand a report.
What can a telecom operator do in this situation?
- The worst option is to provide the requested information. It is not in your interest. And not in the interests of customers. This is only necessary for Roskomnadzor, because their terms are on fire.
- Do not answer at all (especially if there was no paper letter). There will be no legal consequences. But the local branch of the RKN may harbor a grievance, because you will throw them at the mercy of your superiors, not throwing even the stray paper to hide behind.
- Reply formally, based on legislation. The best way. It is quite realistic to delay the introduction of a “sovereign Runet”. If Roskomnadzor needs these data until the cut, let him take it from where he wants. Though in the "Sportloto" writes. Not a single person, sincerely cheering for the connection, will help them cut off their country from the global network.
Irrepressible Phil ( schors ) has prepared for you a response pattern ( mirror ). In case this does not satisfy the RKN and they will send a repeated request, there is one more template ( mirror ). Phil is well done. Be like Phil.
What can any citizen do?
Register (or log in through the state services) on the federal portal of draft regulatory legal acts, familiarize yourself with the normative acts on the “sovereign Runet” , make comments and / or put a like / dislike. Putting dizlike not like a project almost does not take time, and the psychological pressure created by this is also important. Periodically check the texts correct, then you need to re-post the old review or write a new one. Phil monitors the fate of the PPA and constantly puts up updates of their status .
November is getting closer, and the time of the supervisory authority is less and less. To be continued…
Update 1: ILV changed tactics and tries to refer to clause 6.1 of the Roskomnadzor Regulation :
6. The Federal Service for Supervision in the Sphere of Telecommunications, Information Technologies and Mass Communications has the right to exercise powers in the established sphere of competence:
6.1. request and receive in the prescribed manner the information necessary for making decisions on matters within the competence of the Service
It seems to me that Roskomnadzor is frankly disingenuous. There is not a word about the duty of the operator to provide this information. This "established procedure" comes into force only from November.
Source: https://habr.com/ru/post/459894/
All Articles