About Kaspersky Security Gateway
August 3, 2023
ID 165915
Kaspersky Security Gateway is designed to transmit from Kaspersky Security Center to the SCADA system the diagnostic information received from Kaspersky Industrial CyberSecurity for Nodes and Kaspersky Industrial CyberSecurity for Networks, including the information about PLC firmware alterations and potentially dangerous registered commands for PLCs. The information about the protection status of industrial networks and network nodes is displayed on the screens of the SCADA system, enabling the SCADA system operator to respond promptly to industrial network protection problems.
Kaspersky Security Gateway uses the following communication protocols to interact with the SCADA system:
- IEC 60870-5-104. Unified open protocol for automation systems.
- OPC DA. Device interoperation specification for industrial networks.
You can configure data transfer setting either using the Kaspersky Security Gateway graphical user interface or standard Microsoft Windows tools. You can assign tags and tag values for events signifying technological process interruptions.
Kaspersky Security Gateway transmits the following information to the SCADA system:
- Availability status of the Kaspersky Security Center Administration Server:
- 1. This status signifies that Kaspersky Security Gateway has successfully connected to the Kaspersky Security Center Administration Server.
- 0. This status signifies that Kaspersky Security Gateway could not be connected to the Kaspersky Security Center Administration Server.
- Availability status of all protected nodes of the network:
- 0. This status signifies that all network nodes managed by the Kaspersky Security Center Administration Server and selected for monitoring in Kaspersky Security Gateway settings are available at the time of status determination.
- 1. This status signifies that at least one network node managed by the Kaspersky Security Center Administration Server and selected for monitoring in Kaspersky Security Gateway settings is unavailable when the status is determined.
- Protection status of each node on the Kaspersky Security Center network:
- 0. This status signifies that no critical incidents or incidents that require processing have occurred on a network node managed by the Kaspersky Security Center Administration Server and selected for monitoring in Kaspersky Security Gateway settings.
- 1. This status signifies that at least one critical incident has occurred on a network node managed by the Kaspersky Security Center Administration Server and selected for monitoring in Kaspersky Security Gateway settings.
- 2. This status signifies that at least one incident that requires processing has occurred on a network node managed by the Kaspersky Security Center Administration Server and selected for monitoring in Kaspersky Security Gateway settings.
Protection status of each node is determined according to Kaspersky Security Center for managed computers or administration groups.
Kaspersky Security Gateway sends status information only for those network nodes that have been selected in the Kaspersky Security Gateway settings to be displayed in the SCADA system.
- Network protection status (see Protection status of each node on the Kaspersky Security Center network):
- 0. This means that all network nodes have 0 status in Kaspersky Security Center.
- 1. This means that at least one network node has 1 status in Kaspersky Security Center.
- 2. This means that at least one computer on the network has 2 status in Kaspersky Security Center.
When determining the network protection status, the Kaspersky Security Gateway uses status information only for those network nodes that have been selected in the Kaspersky Security Gateway settings to be displayed in the SCADA system.
