What's new

Kaspersky Industrial CyberSecurity for Networks 3.0 has the following new capabilities and refinements:

• Optimized installation and removal of application components – initial configuration of the application is performed in a special section on the web interface page, there are new scripts for local installation and local removal of application components, and sensors can be added or removed when connected through the web interface without having to reinstall application components.
• Expanded functionality of the Server web interface – when connected to the Server through the web interface, the user can configure all application functions. New widgets with display configuration capabilities were added for system monitoring in online mode.
• Monitoring vulnerabilities of devices – the application can now detect vulnerabilities of devices based on the available device information.
• Expanded functionality for industrial process control – the application has new functions for automatically detecting Process Control settings and learning rules, and has an expanded list of tag values that can be monitored.
• Device Control functionality is now part of Asset Management functionality – and the limit on the maximum number of devices was increased, the list of supported device categories was augmented, and the capabilities for automatic detection of device information were expanded. Asset Management functionality now includes subnet processing, automatic grouping of devices by criteria, and new import and export functions using various formats.
• Expanded and improved network map functionality – the maximum number of nodes that can be displayed has been increased, there are newly added capabilities for displaying nodes and links on the network map based on information in selected events or incidents (you can navigate directly from the Events section to the Network Map section and objects will be filtered accordingly), and devices displayed on the network map can be automatically grouped based on specific criteria (subnet, device category and vendor) for all nodes or for nodes of a selected group.
• Common list of allow rules – allow rules for events were added to Interaction Control rules (formerly known as "Network Control rules"). There are new rule templates that define the initial values of parameters. Interaction Control takes into account the subnets known to the application.
• Improved implementation of the application programming interface (API) – the REST (Representational State Transfer) architectural style of interaction is used when handling requests through the Kaspersky Industrial CyberSecurity for Networks API. Interaction with the application is secured by encrypting connections over the HTTPS protocol.
• Implemented connector functionality – recipient systems can connect to Kaspersky Industrial CyberSecurity for Networks through connectors that ensure secure and controlled data exchange with the application using the Kaspersky Industrial CyberSecurity for Networks API. When forwarding events to recipient systems, connectors take the place of the recipients that were used in previous versions. The application can also use connectors to forward application messages and audit logs to recipient systems.
• Expanded set of data in a security policy – an application security policy contains data arranged into sections that can be selected when exporting or importing a policy.
• Extended support for application layer protocols and devices for process control – there are now additional capabilities for analyzing traffic of supported protocols and devices, and new supported protocols and devices have been added. The set of supported protocols and devices may be further expanded when updates are installed.
• Newly implemented detection of security issues in encryption protocols – the application registers events when it detects obsolete versions of encryption protocols, weak algorithms, or issues with certificates in use.

Kaspersky Industrial CyberSecurity for Networks version 3.0.1 has the following new capabilities and improvements:

• Implemented support for operations in the Astra Linux SE 1.6 operating system.
• Expanded functionality for processing Intrusion Detection rules – added support for internal IDs of rules, and the capability to apply individual rules from sets that contain errors in some of the rules.
• Added utility for exporting events to XML files – these files store data that can be used in GosSOPKA, which is the Russian government system for the detection, prevention, and mitigation of computer attacks.
• Added script for verifying the integrity of files installed from application distribution kit packages.
• Added script for changing the validity period for connection sessions with the Server through the web interface and for authentication tokens in the Kaspersky Industrial CyberSecurity for Networks API.

Page top