Last year, the government approved an action plan in the direction of "Information Security". This is part of the Digital Economy of the Russian Federation program. Included in the plan in case of disconnection from foreign servers. The documents were prepared by a group of deputies headed by Andrey Klishas, head of the committee of the Federation Council.
Why does Russia need an autonomous segment of the global network and what goals are pursued by the authors of the initiative - later in the material.
Why is such a bill needed at all?
In a TASS comment : "An opportunity is being created to minimize the transfer of data abroad that Russian users exchange with each other."
In the document on the purpose of creating an autonomous Runet : “In order to ensure the stable functioning of the Internet, a national system for obtaining information about domain names and (or network addresses) is being created as a set of interrelated software and hardware tools designed to store and obtain information about network addresses in relation to domain names, including those included in Russian national domain zone, as well as authorizations for resolving domain names.
The authors of the document began to prepare a bill “taking into account the aggressive nature of the US national cybersecurity strategy adopted in September 2018”, which proclaims the principle of “keeping peace by force”, and Russia, among other countries, “is directly and without evidence accused of committing hacker attacks.”
Who will manage everything if the law is passed?
The bill says that to establish rules for routing traffic and monitor the implementation of these rules . The department will also be responsible for minimizing the volume of Russian traffic that passes through foreign communication centers. The responsibility for managing the network infrastructure of the Runet in critical situations will be assigned to a special center. It has already been created in the radio frequency service subordinate to Roskomnadzor.
, according to the government, should be established in the coming months. It should be called the "Public Communications Network Control Center". The government has given a year for Roskomnadzor to develop software and hardware to monitor and manage the public communications network.
Who will pay for what and how much?
Even the authors of the bill find it difficult to say how much a fully autonomous Runet will cost the budget.
Initially, legislators said that we are talking about 2 billion rubles. This year the authors . Later there was information that .
Only the purchase of equipment that will ensure the security of the Russian segment will cost 21 billion rubles. Approximately 5 billion will be spent on collecting information about Internet addresses, numbers of autonomous systems and connections between them, traffic routes on the Internet, and another 5 billion on managing specialized software, plus developing software and hardware designed to collect and store information.
It is still not clear who will pay for everything: either all funds will come from the budget, or the new infrastructure will be created at the expense of telecom operators, who will have to install and maintain equipment on their own.
states that “the issues of operation and modernization of these facilities are not regulated, including in terms of financial support for these processes, as well as liability for damage caused by failures in the operation of communication networks caused by the operation of these facilities, including to third parties.”
Only in mid-March last year, the Federation Council proposed . Thus, another document was submitted for consideration by the legislators, with an amendment on compensation from the budget for the costs of operators for the maintenance of equipment for its execution. In addition, providers will be released from liability for network failures to subscribers if the cause of these failures is new equipment.
“Since the technical means that are planned to be installed will be purchased at the expense of the budget, the maintenance of these devices should also be compensated from the budget,” said Senator Lyudmila Bokova, co-author of the amendments.
The funds will be mainly used to install the DPI system (Deep Packet Inspection), which was developed by RDP.RU. Roskomnadzor chose the equipment of this particular company after testing seven different Russian manufacturers.
“According to the results of testing on the Rostelecom network last year, the DPI system from RDP.RU received, so to speak, a “test”. The regulators had some questions to it, but in general the system was successfully tested. Therefore, I am not surprised that they decided to make testing more extensive. And to deploy already on the networks of a larger number of operators, ”- .
Scheme of operation of the DPI filter ()
DPI-system is a software and hardware complex that analyzes a component of a data packet passing through the network. The components of the packet are the header, the destination and sender address, and the body. Here is the last part of the DPI system and will analyze. If earlier Roskomnadzor looked only at the destination address, now signature analysis will be important. The composition of the package body is compared with the standard - the well-known Telegram package, for example. If the match is close to one, the packet is dropped.
The simplest DPI traffic filtering system includes:
- Network cards with Bypass mode, which connects interfaces at the first level. Even if the server's power is suddenly cut off, the link between the ports continues to operate, passing traffic due to battery power.
- monitoring system. Remotely monitors network performance and displays them on the screen.
- Two power supplies that can replace each other if necessary.
- Two hard drives, one or two processors.
The cost of the RDP.RU system is unknown, but the regional-scale DPI complex consists of routers, hubs, servers, communication channels and some other elements. Such equipment cannot be cheap. And given that DPI needs to be installed by every provider (all types of communication) at every key communication point across the country, then 20 billion rubles may not be the limit.
How do telecom operators participate in the implementation of the bill?
Operators will install the equipment on their own. They are also responsible for operation and maintenance. They will have to:
- adjust the routing of telecommunication messages at the request of the federal authority;
- to resolve domain names, use servers operating on the territory of the Russian Federation;
- provide in electronic form information about the network addresses of subscribers and their interaction with other subscribers, as well as information about the routes of telecommunication messages to the federal executive body.
When is the start?
Very soon. At the end of March 2019, Roskomnadzor suggested that operators from the "Big Four" test Runet for "sovereignty". Mobile communications will become a kind of testing ground for testing the "autonomous Runet" in action. Testing will not be global, tests will be carried out in one of the regions of Russia.
During the tests, operators will test equipment for deep traffic filtering (DPI), developed by the Russian company RDP.RU. The purpose of testing is to test the performance of an idea. At the same time, telecom operators were asked to provide Roskomnadzor with information about the structure of their network. This is necessary in order to select a region for testing and find out . They will choose the region within a few weeks after receiving data from the operators.
DPI equipment will make it possible to check the quality of blocking resources and services banned in the Russian Federation, including Telegram. Plus, they will also test limiting the speed of access to individual resources (for example, Facebook and Google). Domestic legislators are not satisfied with the fact that both companies generate a very significant amount of traffic, while investing nothing in the development of the Russian network infrastructure. This method is called traffic prioritization.
“With DPI, you can quite successfully prioritize traffic and reduce the speed of access to YouTube or any other resource. In 2009-2010, when the popularity of torrent trackers flourished, many telecom operators set themselves DPI just to recognize p2p traffic and reduce the download speed on torrents, since communication channels could not withstand such a load. So operators already have experience of pessimizing some types of traffic,” says Diphost CEO Philip Kulin.
What are the difficulties and problems of the project?
In addition to the high cost of the project, there are several other problems. The main one is the lack of elaboration of the document itself on the “autonomous Runet”. Participants and experts of the market speak about it. Many points are unclear, and something is not indicated at all (such as, for example, the source of funds for the implementation of the provisions of the bill).
If, when the new system is put into operation, the operators have problems, that is, the work of the Internet is disrupted, then the state will have to compensate the operators for about 124 billion rubles a year. This is a huge amount of money for the Russian budget.
President of the Russian Union of Industrialists and Entrepreneurs (RSPP) Alexander Shokhin even sent a letter to State Duma Speaker Vyacheslav Volodin, in which he indicated that .
Source: habr.com