Common deployment scenarios

Kaspersky Industrial CyberSecurity for Networks supports the following scenarios for installing components:

The Kaspersky Industrial CyberSecurity for Networks Server is installed together with the Console. Installation of the Server is accompanied by installation of a Web Server that facilitates connection to the Server through the web interface.

Regardless of the installation method, it is recommended to use a special dedicated network for connecting Kaspersky Industrial CyberSecurity components (Kaspersky Industrial CyberSecurity for Networks, Kaspersky Industrial CyberSecurity for Nodes, Kaspersky Security Center). The dedicated network's minimum bandwidth requirements for installation of the Kaspersky Industrial CyberSecurity for Networks Server and sensors are provided in the Hardware and software requirements section.

Installing a Server without sensors

When installing a Server without sensors, all industrial network traffic must be received by the computer that performs Server functions. You can apply this installation method if the computer has a sufficient number of network interfaces that will receive traffic from all segments of the industrial network. After the application is installed, you need to add monitoring points to these network interfaces. Monitoring points are added when connected to the Server through the web interface. You can use no more than 4 monitoring points on the Server.

The example in the figure below shows deployment of the Server without sensors. The network interfaces of the computer that performs Server functions are connected to the SPAN ports of network switches (SPAN ports and connections are marked in yellow) and receive a copy of traffic from three segments of the industrial network. The dedicated Kaspersky Industrial CyberSecurity network is designated by green lines.

Example deployment of a Server without sensors

Example deployment of a Server without sensors

Installing the Server and sensors

You can use from 2 to 33 computers for installing the Server and sensors. The Server is installed on one of the computers. The sensors are installed on the other computers. These sensors will receive traffic from their respective segments of the industrial network.

After the application is installed, you must add monitoring points on all computers that have sensors installed. If the computer hosting the Server has a network interface connected to the industrial network, you can also add a monitoring point to this network interface. Monitoring points are added when connected to the Server through the web interface.

If the computer has multiple network interfaces that receive traffic from different segments of the industrial network, you will have to add a monitoring point to each of these interfaces. However, you need to adhere to the limits on the maximum number of monitoring points:

The example in the figure below shows deployment of the Server and three sensors. The network interfaces of computers that perform sensor functions are connected to the SPAN ports of network switches (SPAN ports and connections are marked in yellow) and receive a copy of traffic from their respective segments of the industrial network. The dedicated Kaspersky Industrial CyberSecurity network is designated by green lines.

Example deployment of a Server and three sensors

Example deployment of a Server and three sensors

Page top