If the Application Console has been installed on any device in the network, other than a protected device, perform the following actions to allow users to manage Kaspersky Industrial CyberSecurity for Nodes remotely:
The Application Console on the remote device uses the DCOM protocol to receive information about Kaspersky Industrial CyberSecurity for Nodes events (such as objects scanned, tasks completed, etc.) from the Kaspersky Security Management Service on the protected device. You need to allow network connections for the Application Console in the Windows Firewall settings in order to establish connections between the Application Console and the Kaspersky Security Management Service.
On the remote device, where the Application Console is installed, do the following:
The device where the Application Console is installed uses TCP port 135 to access the protected device and to receive a response.
Unlike the traditional TCP/IP and UDP/IP services where a single protocol has a fixed port, DCOM dynamically assigns ports to remote COM objects. If a firewall exists between the client (where the Application Console is installed) and the DCOM endpoint (the protected device), a large range of ports must be opened.
The same steps should be applied to configure any other software or hardware firewall.
If the Application Console is open while you configure the connection between the protected device and the device on which the Application Console is installed:
The new connection settings will be applied.