Support

Support for business applications

Kaspersky Industrial CyberSecurity for Networks

Performing common tasks

Asset Management

Automatically assigning the statuses of devices

Kaspersky Industrial CyberSecurity for Networks
Нет результатов
Online Help
FAQ Download Forum Contact support Recovery tools Product videos

Automatically assigning the statuses of devices

March 22, 2024

ID 175710

Get as PDF

When monitoring the activity of devices in the industrial network, the application can automatically assign statuses to detected devices based on the obtained MAC- and/or IP addresses of devices. Statuses are assigned depending on the current asset management mode.

In learning mode, the application assigns the Authorized status to all detected devices (this includes new devices as well as devices that were previously added to the devices table). The status of a detected device is not changed if the Unauthorized status was previously assigned to the device.

In monitoring mode, the assigned status depends on whether the device that showed activity is known or unknown to the application. In this mode, statuses are assigned according to the following rules:

  • If a device is new (not present in the devices table when it is detected), the Unauthorized status is assigned to this device.
  • If the device is in the devices table and has the Authorized or Unauthorized status, the status is not changed.
  • If the device is in the devices table with the Archived status, the Unauthorized status is assigned to this device.

By default, if a device with the Authorized status has not shown any activity in over 30 days and the device information has not changed during this time, the Archived status is assigned to this device. You can disable automatic device status change to Archived when manually changing the status of a device (for example, to prevent the Authorized status from automatically changing to the Archived status for rarely connected devices).

When devices with the Unauthorized status appear in the devices table, you need to determine whether all of these devices are required for industrial process support. After making this determination, it is recommended to manually assign one of the following statuses to each device:

  • Authorized – if the device is required for industrial process support.
  • Archived – if the device should not be used in the industrial network.

    Instead of assigning the Archived status, you can delete the device. However, all information specified for the device will also be deleted. If a deleted device is detected again, the application will provide only the information that has been received since the device was re-added to the devices table (the date and time of the first detection of the device is also updated).

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.