A security policy is a set of data that defines the following operational settings of the application:
The other application operation settings (including the settings of Asset Management, Network Control, and Intrusion Detection) are applied irrespective of the active security policy.
The application registers events and displays process parameter values according to the active security policy currently running on the Server. Only one security policy can be running on the Server at a time.
You can create, edit or open a security policy in the Console. For the Application Server to start operating based on a security policy, the security policy must be applied on the Server. You can create multiple security policies and save them to folders on the computer on which the Application Console is running.
The folder used to store a security policy contains the following set of files for the security policy:
Editing security policy files in any editor other than the Kaspersky Industrial CyberSecurity for Networks Console may lead to a disruption in the operation of Kaspersky Industrial CyberSecurity for Networks if the security policy is applied on the Server. The application may stop performing protection functions for the industrial network.
You can open from a folder on the computer and view a previously saved security policy in the Kaspersky Industrial CyberSecurity for Networks Console. When a security policy is opened, the current security policy is no longer displayed in the Console but continues to run on the Server until a new policy is applied.
In the current version of Kaspersky Industrial CyberSecurity for Networks Console, you cannot open security policies created in a previous version of the application. You can import security policies from the previous version of the application by using the security policy conversion utility.
A security policy can be opened from a folder regardless of the state of the Console's connection to the Kaspersky Industrial CyberSecurity for Networks Server. If there is no connection to the Server, the Process Control and Configure events tabs in the Application Console display the data of the opened policy. In addition, the window of the Application Console displays a notification stating that there is no connection to the Server.
If you want to view the active security policy in the Console, you can load the current security policy from the Server. The Console needs to be connected to the Server to load the security policy from the Server.
In the Security policy properties window, you can view general information about the security policy open in the Console and about the security policy running on the Server. This window displays the following information: