The new version of Kaspersky Industrial CyberSecurity for Nodes introduces the following new features and improvements:
Changes to the list of supported operating systems:
The following operating systems are supported:
Windows 10 version 21H2
Windows 10 LTSC 2021
Windows 11 version 21H2
Windows Server 2003 SP1
Windows Server 2022
Support for the following operating systems is terminated:
Windows 7 SP0
Windows 10 version 1507
Windows 10 version 1607 RS1
Windows 10 version 1703 RS2
Windows 10 version 1709 RS3
Kaspersky Industrial CyberSecurity Endpoint Detection and Response is supported. To learn more, see Help for Kaspersky Industrial CyberSecurity Endpoint Detection and Response.
Portable scanner is introduced in this release to examine the isolated devices and perform the security inspection. You can scan several devices in a row—Portable scanner generates an individual report for each scanned device. Scanner applies the default security level: Disinfect. Remove, if disinfection fails. You can create a Portable scanner on a removable USB drive using Compact Diagnostic Interface and start Portable scanner using the command line to apply the required mode: help, scan, and update.
Improvements to the System Inspection settings: in the Registry Access Monitor task, you can compile statistics or block changes for the registry keys and values in the selected monitoring area after you create a respective rule. Also, you can ApplyTrusted Zone to exclude trusted processes and trusted users from the monitoring area.
A component for scanning executable scripts using AMSI technology for Windows is added. With AMSI Scanner task, you can allow or block execution of a script that has been found to be dangerous or probably dangerous. If Kaspersky Industrial CyberSecurity for Nodes identifies a script as potentially dangerous, it blocks or allows execution of the script according to your selected action.
With new Application Launch Control task rules you can block processes started with the defined command line arguments.
Security audit can be performed in Kaspersky Endpoint Agent if you have both Kaspersky Industrial CyberSecurity for Nodes and Kaspersky Endpoint Agent installed on the same device and you have current Kaspersky Industrial CyberSecurity for Nodes license.
The following changes are implemented for integration with Kaspersky Industrial CyberSecurity for Networks using Kaspersky Endpoint Agent:
Added transfer of information about running applications and active system users to Kaspersky Industrial CyberSecurity for Networks server to extend the list of network integrity violation events.
Expanded list of types of Kaspersky Industrial CyberSecurity for Nodes events sent to Kaspersky Industrial CyberSecurity for Networks server.
Expanded the installed third-party anti-virus tools list transferred to Kaspersky Industrial CyberSecurity for Networks server.
It is now possible to install product components without mandatory installation of the anti-virus module and anti-virus databases. This mode allows using the product on devices with limited resources.
Out-of-office Kaspersky Security Center policies are supported.
The volume of obtained file operation statistics for trusted processes is optimized.
Quality of virus scan using Kaspersky Security Network has improved.
Product lifecycle information is added to the documentation.
The following prerequisite for the product installation is introduced: the operating system must support certificates with SHA-256 signatures. To learn more, see https://support.kaspersky.com/15728.
In this release, by default, the Scan at Operating System Startup task is set only to notify about probably infected objects detected at startup; it does not perform recommended actions.
Issues from the previous versions are resolved: the application release is cumulative and includes the resolved issues from earlier releases.