A methodology for development for distributed computer network (DCN) information security system (IS) for an informatization object (OBI) was proposed. It was proposed to use mathematical modeling at the first stage of the methodology. In particular, a mathematical model was presented based on the use of the apparatus of probability theory to calculate the vulnerability coefficient. This coefficient allows one to assess the level of information security of the OBI network. Criteria for assessing the acceptable and critical level of risks for information security were proposed as well. At the second stage of the methodology development of the IS DCN system, methods of simulation and virtualization of the components of the IS DCN were used. In the course of experimental studies, a model of a protected DCN has been built. In the experimental model, network devices and DCN IS components were emulated on virtual machines (VMs). The DCN resources were reproduced using the Proxmox VE virtualization system. IPS Suricata was deployed on RCS hosts running PVE. Splunk was used as SIEM. It has been shown that the proposed methodology for the formation of the IS system for DCN and the model of the vulnerability coefficient makes it possible to obtain a quantitative assessment of the levels of vulnerability of DCN OBI.

An article herein presents an optimization model, designated for computational core of decision-taking support system (DTSS). DTSS is necessary for system analysis and search of optimal versions for cyber security facilities placement and information protection of an enterprise or organization distributed computational network (DCN). DTSS and a model allow automize the analysis of information protection and cyber security systems in different versions. It is possible to consider, how separate elements, influence at DCN protection factors and their combinations. Offered model, in distinction from existing, has allowed implementing both the principles of information protection equivalency to a concrete threat and a system complex approach to forming a highly effective protection system for DCN. Hereby we have presented the outcomes of computational experiments on selecting the rational program algorithm of implementing the developed optimization model. It has been offered to use genetic algorithm modification (GAM). Based on the offered model, there has been implemented the module for adaptive DTSS. DTSS module might be applied upon designing protected DCN, based on preset architecture and available sets of information protection and cyber security systems in the network.