Kaspersky Security Center management tools comparison and limitations
The set of features available in Kaspersky Industrial CyberSecurity for Nodes depends on the management tools (see the table below).
You can manage the application by using the following consoles of Kaspersky Security Center:
- Administration Console. Microsoft Management Console (MMC) snap-in installed on the administrator's workstation.
- Web Console. Component of Kaspersky Security Center that is installed on the Administration Server. You can work in the Web Console through a browser on any computer that has access to the Administration Server.
You can also manage the application by using the Kaspersky Security Center Cloud Console. The Kaspersky Security Center Cloud Console is the cloud version of Kaspersky Security Center. This means that the Administration Server and other components of Kaspersky Security Center are installed in the cloud infrastructure of Kaspersky. For details on managing the application through the Kaspersky Security Center Cloud Console, please refer to the Kaspersky Security Center Cloud Console Online Help.
Comparison of Kaspersky Industrial CyberSecurity for Nodes features depending on the management tools
Feature |
Kaspersky Security Center |
Kaspersky Security Center Cloud Console |
|
Administration Console |
Web Console |
||
Real-time server protection |
|
|
|
Real-Time File Protection |
|
|
|
KSN Usage |
|
|
|
Traffic Security |
|
|
(no External Proxy mode) |
Exploit Prevention |
|
|
|
Network Threat Protection |
|
|
|
AMSI Scanner |
|
|
|
Local activity control |
|
|
|
Applications Launch Control |
|
|
|
Device Control |
|
|
|
Network attached storage protection |
|
|
|
RPC Network Storage Protection |
|
|
|
ICAP Network Storage Protection |
|
|
|
Anti-Cryptor for NetApp |
|
|
|
Network activity control |
|
|
|
Firewall Management |
|
|
|
Anti-Cryptor |
|
|
|
System Inspection |
|
|
|
File Integrity Monitor |
|
|
|
Log Inspection |
|
|
|
Logs and notifications |
|
|
|
Logs |
|
|
|
Notifications |
|
|
|
Storages |
|
|
|
Quarantine |
|
|
|
Backup |
|
|
|
Blocked network sessions |
|
|
|
Supplementary |
|
|
|
Hierarchical storage management |
|
|
|
Trusted Zone |
|
|
|
Removable Drives Scan |
|
|
|
Kaspersky Endpoint Agent |
|
|
|
Tasks |
|
|
|
Activation of Application |
|
|
|
Application Integrity Control |
|
|
|
Baseline File Integrity Monitor |
|
|
|
Copying Updates |
|
|
|
Database Update |
|
|
|
On-Demand Scan |
|
|
|
Rollback of Database Update |
|
|
|
Rule Generator for Applications Launch Control |
|
|
|
Rule Generator for Device Control |
|
|
|
Software Modules Update |
|
|
|
.png)
Web Plug-in limitations
Kaspersky Industrial CyberSecurity for Nodes Web Plug-in has the following limitations compared to Kaspersky Industrial CyberSecurity for Nodes Administration Plug-in:
- To add users or user groups, you need to specify the security descriptor strings using the security descriptor definition language (SDDL).
- Predefined security level cannot be changed for the Real-Time File Protection task.
- Application Launch Control task rules cannot be created using digital certificate or Kaspersky Security Center events.
- Device Control task rules cannot be generated based on connected devices or on system data.