For Cisco core and distributions switches (2960, 3850, etc.) use the switch command line interface for SPAN session configuration. For that, access the target switch via Ethernet or console port and open the switch management features. Then in configuration mode create a new monitoring session, choose the range of source interfaces for which you would like to have traffic mirrored and analyzed, set the destination interface, and save the configuration.

Example of required commands and actions is shown below:

conf t /  — Enter global configuration mode.
show monitor session all / — Check existing monitoring sessions
no monitor session X / — Remove existing monitoring session (optional)
monitor session 1 source interface 1/0 - 1/8 / — Specify new session ID and ports for source
monitor session 1 destination interface 1/24 encapsulation replicate / — Specify the session ID and the destination port
end / — Return to privileged EXEC mode.
show monitor / — Verify the configuration.
copy running-config startup-config / — Save the configuration in the configuration file to SPAN settings to be active after switch reboot (optional).

For detailed configuration instructions refer to official Cisco product documentation.

For Cisco Small Business switches (SG-200/300, etc.):

1. Connect to the switch and open the switch  web interface for Port Mirroring options.
2. Go to Administration → Diagnostics → Port and VLAN mirroring section.

3. Add source interfaces and choose the destination interface.
4. Apply the configuration.

For Hirschmann Industrial Ethernet Switches:

1. Connect to the switch, open the switch web interface and go to Diagnostics → Port Mirroring.
2. As a source, select all the necessary RX and TX ports for ingress and egress monitoring directions.
3. Select the destination port to which the Kaspersky Industrial CyberSecurity for Networks device must be connected.
4. To switch mirroring on, select On in the Operation section, and then select Set.
   These actions should apply changes to the volatile memory (RAM) of the device.
   To save the changes for permanent use, open the dialog and click Save.

For detailed configuration instructions, refer to official Hirschmann product documentation.

For Siemens SCALANCE Ethernet Switch configuration, connect to the switch web interface and go to Layer 2 → Mirroring.

In the General tab, create a Mirroring Session:

1. Enable Mirroring.
2. Click Create to create an entry in the table. The session ID is assigned automatically.
3. Select Port Based (port-based mirroring) for the Session Type.
4. Click Set Values.
5. Select Destination Port, e.g P0.8.
6. Click Set Values to save and apply the settings.

Switch to the Port tab to adjust detailed settings for the session ID.

In the Port tab, configure the Mirrored Port:

1. Select the session ID to make the table visible in the Port tab. In the Session ID drop-down list, select the session that you have created previously in the General tab.
2. To monitor all the data traffic of a port, select all the ports listed with both options (Ingress and Egress).
3. Click Set Values.

For detailed configuration instructions, please refer to official Siemens product documentation.

For Siemens Ruggedcom Ethernet Switch configuration, it is possible to use switch web interface. If it was not configured in a different way, the default IP address for the device is 192.168.0.1/24.

To configure port mirroring:

1. Navigate to Ethernet Ports → Configure Port Mirroring. The Port Mirroring form will appear.
2. Configure the following parameters as required:
   
   • Port Mirroring: Enabled
   • Source Port: Any combination of numbers valid for this parameter
   • Source Direction: Egress and Ingress
   • Target Port: 1 to maximum port number
3. Click Apply.

For detailed configuration instructions, please refer to official Siemens Ruggedcom product documentation, page 58.