Scenario: Quick Start for administrators

This section describes the sequence of steps that must be performed by the administrator to install and configure Kaspersky IoT Secure Gateway 1000 and Kaspersky Security Center, and to establish a connection between them.

The scenario for installing Kaspersky IoT Secure Gateway 1000 and Kaspersky Security Center and configuring a connection between them consists of the following steps:

1. Installing Kaspersky Security Center

   Download the Kaspersky Security Center 14.2 distribution package and install the full version of Kaspersky Security Center on the server. The distribution package of the full version of Kaspersky Security Center 14.2 includes the Kaspersky Security Center 14.2 Web Console. You are advised to select the standard installation. For detailed information on installing Kaspersky Security Center, please refer to the Main installation scenario section of the Kaspersky Security Center 14.2 Online Help Guide.

2. Configuring firewall rules

   For the operating system firewall of the server where Kaspersky Security Center is installed, configure rules that allow Kaspersky IoT Secure Gateway 1000 to connect to the Kaspersky Security Center server over the TCP protocol via port 13294. For detailed information on configuring firewall rules, please refer to the relevant documentation on the operating system you are using.

3. Installing the Kaspersky IoT Secure Gateway 1000 administration web plug-in

   In the Kaspersky Security Center 14.2 Web Console interface, install the Kaspersky IoT Secure Gateway 1000 administration web plug-in. A ZIP archive containing the distribution package for the Kaspersky IoT Secure Gateway 1000 web plug-in is included in the distribution kit.

4. Configuring connection of UEFI protection devices

   On the Kaspersky Security Center Administration Server, enable use of port 13294 for the TCP protocol to configure the connection between Kaspersky IoT Secure Gateway 1000 and Kaspersky Security Center. For detailed information on enabling port 13294 on the Kaspersky Security Center Administration Server, please refer to the UEFI protection devices section of the Kaspersky Security Center 14.2 Online Help Guide.

5. Turning on the Kraftway Rubezh-N device

   Turn on the Kraftway Rubezh-N device.

6. Connecting to the Kaspersky IoT Secure Gateway 1000 web interface

   Connect to the Kaspersky IoT Secure Gateway 1000 web interface with the default name and password, and the administrator certificate.

7. Configuring Kaspersky IoT Secure Gateway 1000 settings

   After connecting to the Kaspersky IoT Secure Gateway 1000 web interface, configure the following settings:

   • Connection to the external network and internal network
   • Modem profile
8. Creating and uploading a KSC server certificate

   Create a new KSC server certificate and save it on the local device. In the Kaspersky IoT Secure Gateway 1000 web interface, upload the KSC server certificate for configuring a connection to the Kaspersky Security Center 14.2 Web Console.

9. Configuring a connection between Kaspersky IoT Secure Gateway 1000 and Kaspersky Security Center

   In the Kaspersky IoT Secure Gateway 1000 web interface, configure the connection to Kaspersky Security Center.

10. Updating the Kaspersky IoT Secure Gateway 1000 root and user certificates

    Update the root and user certificates.

11. Adding Kaspersky IoT Secure Gateway 1000 to the list of managed devices

    Connect to the Kaspersky Security Center 14.2 Web Console and add Kaspersky IoT Secure Gateway 1000 to the list of managed devices in Kaspersky Security Center.

12. Configuring traffic filtering in Kaspersky IoT Secure Gateway Network Protector

    If you have Kaspersky IoT Secure Gateway Network Protector installed, configure traffic filtering rules for industrial protocols and start the application. Until you configure and run Kaspersky IoT Secure Gateway Network Protector, transit traffic on the device will be blocked to ensure the security of connected devices.

    You can also configure traffic filtering rules and start the application through Kaspersky Security Center 14.2 Web Console if you have connected Kaspersky IoT Secure Gateway 1000 to Kaspersky Security Center.

After these actions are completed, Kaspersky IoT Secure Gateway 1000 is ready to use. You can manage Kaspersky IoT Secure Gateway 1000 in the web interface or Kaspersky Security Center 14.2 Web Console, and also monitor audit events.