Support

Support for business applications

Kaspersky Industrial CyberSecurity for Networks

Administration of Kaspersky Industrial CyberSecurity for Networks

Configuring Interaction Control

Viewing Interaction Control rules in the table of allow rules

Kaspersky Industrial CyberSecurity for Networks
Нет результатов
Online Help
FAQ Download Forum Contact support Recovery tools Product videos

Viewing Interaction Control rules in the table of allow rules

March 22, 2024

ID 150876

Get as PDF

Interaction Control rules are displayed in the allow rules table in the Allow rules section of the application web interface. Interaction Control rules include the following types:

  • NIC rules based on Network Integrity Control technology.
  • CC rules based on Command Control technology.

The settings of Interaction Control rules are displayed in the following columns of the table:

  • Rule ID

    Unique ID of the rule.

  • Status (icon Icon in the form of a half-filled circle.)

    Current status of the rule (Enabled or Disabled).

  • Rule type

    For Interaction Control rules, this indicates the technology of the rule (NIC or CC). The EVT type is indicated for rules that disable event registration.

  • Protocols/Commands

    For rules related to Network Integrity Control technology (NIC type) or rules that disable event registration (EVT type), this is the set of utilized protocols. For rules related to Command Control technology (CC type), this is the protocol and system commands. The protocols that are determined by the application based on the contents of network packets are italicized.

  • Side 1

    Device name/address information of one of the sides of network interaction. You can enable or disable the display of addresses and ports of address information by using the following settings: MAC address, IP address, Port number. If additional address spaces were added to the application, you can enable or disable the display of names of address spaces by using the following settings:

    • AS for MAC addresses – address spaces containing the MAC addresses in the Interaction Control rule. This setting can contain the names of only those address spaces that have address space rules with the selected layer of the OSI model (Data Link (L2)).
    • AS for IP addresses – address spaces containing the IP addresses in the Interaction Control rule. This setting can contain the names of only those address spaces that have address space rules with the selected layer of the OSI model (Network (L3)).
  • Side 2

    Device name/address information of the other side of network interaction. The display of address information can be configured the same way as the Side 1 column.

  • Comment

    Additional information about the rule.

  • Created

    The date and time when the rule was created.

  • Changed

    The date and time when the rule was last modified.

  • Rule in event

    The name of the Process Control rule or Intrusion Detection rule that must be indicated in the event (for EVT rules).

  • Monitoring point

    The name of the monitoring point that must be indicated in the event (for EVT rules).

  • Event type

    ID and title of the event type (for EVT rules).

  • Origin

    Information about the origin of the rule.

When viewing the rules table, you can use the configuration, filter, search, and sorting functions.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.