Configuring delivery of MQTT notifications

Kaspersky IoT Secure Gateway 1000 can send notifications about security events and audit events over the MQTT protocol.

To configure delivery of MQTT notifications:

  1. In the menu in the left part of the web interface page, select SettingsUtilities.
  2. Select the MQTT notifications tab.
  3. Enable forwarding of MQTT notifications by setting the Use MQTT to send events toggle button to the enabled position.
  4. Configure the settings for forwarding MQTT notifications:
    1. In the IP address field, enter the IP address of the MQTT broker you are using.
    2. In the Port field, enter the port number of the MQTT broker you are using.

      You can use ports 1883 and 8883 to connect Kaspersky IoT Secure Gateway 1000 to an MQTT broker residing in an internal network.

      You can use port 8883 to connect Kaspersky IoT Secure Gateway 1000 to an MQTT broker residing in an external network.

    3. In the MQTT topic name field, specify the name of the MQTT-topic for sending notifications about audit events.
    4. If you need to send notifications about audit events from a specific user, set the Use authentication toggle button to the enabled position and provide the following data:
      • In the User name field, enter the user login name for authorization on the server.
      • In the Password field, enter the password of the user login for authorization on the server.

        You can obtain the user account credentials from the system administrator. Sending notifications from a specific user is disabled by default.

    5. If you need to use a secure SSL connection, set the Use secure SSL connection toggle button to the enabled position and do the following:
      1. Upload a certificate issued by a Certificate Authority. To do so, click the Upload certificate button and select a certificate file on the local device.

        Information about the uploaded certificate from a Certificate Authority will be displayed on the page.

        Loading widely known Certification Authority certificates is not recommended, as all servers that use certificates signed by these Certification Authority certificates will be trusted. This situation will lead to Kaspersky IoT Secure Gateway 1000 being compromised.

      2. Upload the client certificate. To do so, click the Upload client certificate button and select a certificate file on the local device.

        Information about the uploaded client certificate will be displayed on the page.

      3. Upload a key for the client certificate. To do so, click the Upload key button and select a key file on the local device.

      Use of a secure SSL connection is disabled by default.

  5. Click Save in the lower part of the page to save the changes.
Page top