Kaspersky Industrial CyberSecurity for Networks Integration
February 8, 2024
ID 197294
You can configure and enable integration of Kaspersky Industrial CyberSecurity for Linux Nodes with Kaspersky Industrial CyberSecurity for Networks. Integration enhances capabilities to investigate and respond to threats in industrial networks. If integration with Kaspersky Industrial CyberSecurity for Networks is enabled, data about events on the device received by Kaspersky Industrial CyberSecurity for Linux Nodes is sent to Kaspersky Industrial CyberSecurity for Networks integration server.
You can get information about successfully connecting to the integration server from Kaspersky Industrial CyberSecurity for Networks. A successful connection is indicated by events arriving from Kaspersky Industrial CyberSecurity for Linux Nodes to the integration server. Kaspersky Industrial CyberSecurity for Linux Nodes does not provide custom information about successfully connecting to the integration server to Kaspersky Industrial CyberSecurity for Networks.
An integration server certificate is used to protect the connection with the Kaspersky Industrial CyberSecurity for Networks integration server. Add a server certificate before enabling integration.
Additionally, to secure the connection, you can use a client certificate to authenticate the integration server clients, which are computers running Kaspersky Industrial CyberSecurity for Linux Nodes. By default, the integration server does not validate client certificates, but validation can be enabled on the integration server side. In this case, enable the client certificate usage in the integration settings and add the client certificate.
The Kaspersky Industrial CyberSecurity for Networks administrator provides the certificates for securing the connection with the integration server.
A proxy server is used to connect to Kaspersky Industrial CyberSecurity for Networks if the use of a proxy server is configured in the Kaspersky Industrial CyberSecurity for Linux Nodes general settings.
For details about Kaspersky Industrial CyberSecurity for Networks, refer to Kaspersky Industrial CyberSecurity for Networks documentation.
Kaspersky Industrial CyberSecurity for Networks integration settings
Setting | Description |
|---|---|
Enable integration with KICS for Networks | Enables or disables integration of Kaspersky Industrial CyberSecurity for Linux Nodes with Kaspersky Industrial CyberSecurity for Networks. The integration server is disabled by default. After selecting the check box, the integration settings become configurable. |
Integration server address | Kaspersky Industrial CyberSecurity for Networks integration server address. IP address or fully qualified domain name (FQDN) of the integration server can be specified. |
Port | Port for connecting to Kaspersky Industrial CyberSecurity for Networks integration server. The default value is |
Use integration server certificate | Enables or disables server certificate usage to secure the connection to Kaspersky Industrial CyberSecurity for Networks integration server. The check box is selected by default. The server certificate usage is required for secure connection to the integration server. |
Add a server certificate | The link opens a window where you can add or change the Kaspersky Industrial CyberSecurity for Networks integration server certificate. The link is available if the Use server certificate check box is selected. |
Certificate information | Information about the Kaspersky Industrial CyberSecurity for Networks integration server certificate you added:
|
Protect connection using a client certificate | Enables or disables client certificate usage for additional protection of the connection to Kaspersky Industrial CyberSecurity for Networks integration server. If a client certificate validation is enabled on the integration server side, enable the client certificate usage in the integration settings and add the client certificate. You can add or change a client certificate in the window that opens using the Add a client certificate link. The link is available only if the Protect connection using a client certificate check box is selected. |
Maximum time to wait for a response from the server (sec) | Maximum time to wait for a response from the integration server in seconds. The default value is |
Maximum number of events in one packet | Maximum number of events in one packet. The default value is |
Interval for sending the event packet (sec). | Period for sending the event packet in seconds. The default value is |
