Kaspersky Security Gateway is designed to transmit information about the protection status of industrial networks and network nodes from Kaspersky Security Center to the SCADA system. This information is displayed on the screens of the SCADA system, enabling the SCADA system operator to respond promptly to industrial network protection problems.
Kaspersky Security Gateway lets you manage the following communication services:
IEC 60870-5-104. Unified open protocol for automation systems.
OPC DA. Device interoperation specification for industrial networks.
Communication services can be managed either using the Kaspersky Security Gateway graphical user interface or standard Microsoft® Windows® tools.
In order to monitor the state of PLCs, Kaspersky Security Gateway requires Kaspersky Industrial CyberSecurity Solution to be installed and activated.
Kaspersky Industrial CyberSecurity for Networks sends information about PLC firmware alterations and all potentially dangerous registered commands for PLCs. You can assign tags and tag values for events signifying technological process interruptions.
Kaspersky Security Gateway transmits the following information to the SCADA system:
Availability status of the Kaspersky Security Center Administration Server (SecurityServerAvailable):
1. This status signifies that Kaspersky Security Gateway has successfully connected to the Kaspersky Security Center Administration Server.
0. This status signifies that Kaspersky Security Gateway could not be connected to the Kaspersky Security Center Administration Server.
Availability status of all protected nodes of the network (AllSecuredHostsAvailable):
0. This status signifies that all network nodes managed by the Kaspersky Security Center Administration Server and selected for monitoring in Kaspersky Security Gateway settings are available at the time of status determination.
1. This status signifies that at least one network node managed by the Kaspersky Security Center Administration Server and selected for monitoring in Kaspersky Security Gateway settings is unavailable when the status is determined.
Protection status of each node on the Kaspersky Security Center network:
0. This status signifies that no critical incidents or incidents that require processing have occurred on a network node managed by the Kaspersky Security Center Administration Server and selected for monitoring in Kaspersky Security Gateway settings.
1. This status signifies that at least one critical incident has occurred on a network node managed by the Kaspersky Security Center Administration Server and selected for monitoring in Kaspersky Security Gateway settings.
2. This status signifies that at least one incident that requires processing has occurred on a network node managed by the Kaspersky Security Center Administration Server and selected for monitoring in Kaspersky Security Gateway settings.
Status is determined according to Kaspersky Security Center for managed computers or administration groups.
The application sends status information only for those network nodes that have been selected in the Kaspersky Security Gateway settings to be displayed in the SCADA system.
Network protection status (GeneralizedThreatOccurred):
0. This means that all network nodes have 0 status in Kaspersky Security Center.
1. This means that at least one network node has 1 status in Kaspersky Security Center.
2. This means that at least one computer on the network has 2 status in Kaspersky Security Center.
When determining the network protection status, the application uses status information only for those network nodes that have been selected in the Kaspersky Security Gateway settings to be displayed in the SCADA system. For a full description of the network protection status of each node, see Kaspersky Security Center Help.
Instructions on installing and activating Kaspersky Industrial CyberSecurity for Nodes or Kaspersky Industrial CyberSecurity for Networks are provided in the documentation for these programs.