Monitoring device equipment

Kaspersky Industrial CyberSecurity for Networks can monitor the equipment of the devices known to the application. While monitoring equipment, the application automatically receives information about the device equipment and registers events when the equipment or its characteristics change.

Equipment monitoring is performed based on the data received from EPP applications. Therefore, to use the equipment monitoring functionality, prepare the application to receive data from EPP applications. For this purpose, the Device Information Detection method must be enabled on the integration server nodes.

The device equipment information is updated once a day. The information for which automatic update is disabled upon adding a device or changing the device information is not updated. The capability to disable automatic update is not available for some equipment details.

The equipment monitoring functionality allows the application to get information listed in the table below.

Information received during equipment monitoring

When monitoring equipment, the application registers events based on the Asset Management technology. Events are registered with system event types that are assigned the following codes:

• 4000005015 – for an event of adding, changing, or deleting any of the following types of information:
  • Processors
  • BIOS
  • RAM
  • Local drives
  • Optical drives
  • USB devices
• 4000005008 – for the event of receiving new information about the network interface.
• 4000005004 – for the event of receiving new information about the vendor, model, or hardware version.

You can configure the available parameters for event types under Settings → Event types.

You can view information about registered events when connected to the Server through the web interface.