Kaspersky Industrial CyberSecurity for Networks
- About Kaspersky Industrial CyberSecurity for Networks
- What's new
- Application architecture
- Common deployment scenarios
- Installing and removing the application
- Preparing for application installation
- Ports used for installation and operation of components
- Using a script for centralized installation of application components
- Centralized installation of application components
- Centralized installation menu commands
- Reconfiguration and centralized reinstallation of application components
- Centralized installation of application components in non-interactive mode
- Reinforcing the security of computers with application components installed
- Upgrading from a previous version of the application
- Centralized removal of application components
- Using a script for local installation of application components
- Using a script for local removal of application components
- Installing the Kaspersky Industrial CyberSecurity for Networks Administration Plug-in for Kaspersky Security Center
- Getting started
- Initial configuration of the application after Server installation
- Starting and stopping the application
- Application interface
- Licensing the application
- About the End User License Agreement
- About the Privacy Policy
- About the license
- About the license certificate
- About the license key used for activating update functionality
- About the license key file used for activating update functionality
- Adding a license key when connected to the Server through the web interface
- Viewing information about an added license key
- Removing a license key
- Data provision
- Administration of Kaspersky Industrial CyberSecurity for Networks
- Managing nodes that have application components installed
- Managing monitoring points on nodes
- Monitoring the state of Kaspersky Industrial CyberSecurity for Networks
- Monitoring the application state when connected through the web interface
- Viewing application messages
- Viewing user activity audit entries
- Viewing information about nodes with application components installed and about network interfaces on nodes
- Viewing the status of services supporting operation of application components
- Restarting a computer that has application components installed
- Using a test network packet to verify event registration
- Synchronizing the time on nodes of Kaspersky Industrial CyberSecurity for Networks with the time source used for industrial network devices
- Updating SSL connection certificates
- Updating databases and application modules
- Distributing access to application functions
- About application user accounts
- Application functions that are available when connected to the Server through the web interface
- Viewing information about application user accounts
- Creating an application user account
- Changing the role of an application user account
- Deleting an application user account
- Changing a user account password
- Configuring Asset Management
- Asset Management methods and modes
- Selecting the applied methods and changing the Asset Management mode
- Manually adding devices
- Merging devices
- Deleting devices
- Manually changing the statuses of devices
- Generating a list of subnets for asset management
- Viewing information about devices with IP addresses from the selected subnets
- About arranging devices into groups
- Automatic grouping of devices based on a specific criterion
- Manually arranging devices into groups
- Moving nodes and groups to other groups on the network map
- Manually creating a device group tree
- Adding and removing labels for devices
- Editing device information
- Adding, editing and deleting custom fields for a device
- Configuring Process Control
- Supported devices and protocols
- Process Control devices
- Process Control settings for devices
- About automatic detection of Process Control settings for devices
- Enabling and disabling automatic detection of Process Control settings for devices
- Manually adding Process Control settings for a device
- Editing Process Control settings for a device
- Selecting the monitored system commands
- Clearing Process Control settings defined for a device
- Importing configurations of devices and tags from external projects
- Tags
- Process Control rules
- Rules with defined conditions for tag values
- Rules with Lua scripts
- Process Control rules learning mode
- Enabling and disabling rule-based Process Control
- Viewing the table of Process Control rules
- Selecting Process Control rules
- Creating a Process Control rule with settings of conditions
- Creating a Process Control rule with a Lua script
- Editing Process Control rule settings
- Creating, viewing and editing a global Lua script
- Deleting Process Control rules
- Viewing information about devices associated with Process Control rules
- Viewing tags associated with Process Control rules
- Configuring Interaction Control
- Learning mode for Interaction Control technologies
- Monitoring mode for Interaction Control technologies
- Selecting the technologies applied for Interaction Control
- Automatic generation of Interaction Control rules in learning mode
- Viewing Interaction Control rules in the table of allow rules
- Selecting Interaction Control rules in the table of allow rules
- Manually creating Interaction Control rules
- Editing Interaction Control rule settings
- Enabling and disabling Interaction Control rules
- Deleting Interaction Control rules
- Configuring Intrusion Detection
- Intrusion Detection rules
- Additional Intrusion Detection methods
- Enabling and disabling rule-based Intrusion Detection
- Enabling and disabling additional Intrusion Detection methods
- Viewing the table containing sets of Intrusion Detection rules
- Selecting sets of Intrusion Detection rules
- Enabling and disabling sets of Intrusion Detection rules
- Loading and replacing custom sets of Intrusion Detection rules
- Removing custom sets of Intrusion Detection rules
- Managing logs
- Managing technologies
- Managing connectors
- Configuring event types
- Viewing the table of event types
- Selecting event types in the table
- Editing the settings of a system event type
- Configuring automatic saving of traffic for system event types
- Configuring forwarding of events via connectors
- Common variables for substituting values in Kaspersky Industrial CyberSecurity for Networks
- Managing a security policy
- Using the Kaspersky Industrial CyberSecurity for Networks API
- Performing common tasks
- System monitoring in online mode
- Asset Management
- Devices table
- Viewing the devices table
- Viewing subnets for asset management
- Selecting devices in the devices table
- Selecting subnets in the subnets table
- Viewing device information
- Automatically adding and updating devices
- Automatically changing the statuses of devices
- Device group tree
- Monitoring read and write of PLC projects
- Viewing events associated with devices
- Exporting devices to a file
- Exporting subnets to a file
- Working with the network map
- Nodes on the network map
- Groups of devices on the network map
- Links on the network map
- Viewing details about objects
- Changing the network map scale
- Positioning the network map
- Pinning and unpinning nodes and groups
- Manually changing the location of nodes and groups
- Automatic arrangement of nodes and groups
- Filtering objects on the network map
- Saving and loading network map display settings
- Searching nodes on the network map
- Viewing events associated with nodes of known devices
- Viewing events associated with a link
- Viewing information in the devices table for selected nodes
- Viewing information in the devices table for a selected link
- Monitoring events and incidents
- Event severity levels
- Event registration technologies
- Event statuses
- Table of registered events
- Selecting events in the events table
- Viewing events included in an incident
- Filtering events
- Searching events
- Resetting the defined filter and search settings in the events table
- Sorting events
- Configuring the table of registered events
- Viewing event details
- Viewing information about devices associated with events
- Switching to the network map to display event information
- Changing the statuses of events
- Creating allow rules for events
- Setting markers
- Copying events to a text editor
- Exporting events to a file
- Loading traffic for events
- Creating a folder for exporting events to a network resource
- Monitoring vulnerabilities of devices
- Scenario for implementing the continuous vulnerability management process
- Device information used to check for vulnerabilities
- Viewing devices with detected vulnerabilities
- Viewing the vulnerabilities table
- Choosing vulnerabilities in the vulnerabilities table
- Viewing vulnerability information
- Automatically changing the states of vulnerabilities
- Manually changing the states of vulnerabilities
- Viewing information about devices with a detected vulnerability
- Viewing events associated with a vulnerability
- Exporting vulnerabilities to a file
- Deep Packet Inspection
- Detecting security issues in encryption protocols
- Application interaction with Kaspersky Security Center
- Connecting to the Server computer from Kaspersky Security Center
- Adding a license key to Kaspersky Industrial CyberSecurity for Networks from Kaspersky Security Center
- Using the Kaspersky Security Center Administration Server as the source of updates
- Monitoring events via Kaspersky Security Center
- Monitoring the ICS security state: Kaspersky Security Center and SCADA
- Troubleshooting
- The application cannot be installed due to an unavailable repository for DNF
- An application component cannot be installed on a selected node
- Application problems detected
- New application message
- Not enough free space on hard drive
- An error occurs when enabling a monitoring point
- No traffic at monitoring point
- Traffic is not being loaded for events or incidents
- Preventative maintenance and adjustment operations on the ICS
- Unexpected system restart
- After the Kaspersky Security Center Administration Server is reinstalled, Network Agent cannot be synchronized
- Unable to connect to the Server through the web interface
- When connecting to the Server, the browser displays a certificate warning
- Contacting Technical Support
- Sources of information about the application
- Appendices
- Steps to fix the CVE-2024-23836 vulnerability in the Intrusion Detection System
- Configuring time synchronization via the NTP and PTP protocols
- Supported ASDU types identification in protocols of the IEC 60870-5-104 and IEC 60870-5-101 standards
- Sending Kaspersky Industrial CyberSecurity for Networks events to SIEM systems
- Changing the validity period of connection sessions and authentication tokens by using a script
- Files for importing a universal project
- File with descriptions of devices: devices.csv
- File with descriptions of connections and protocols: connections.csv
- File with descriptions of tags and variables: variables.csv
- File with descriptions of enumerations: enums.csv
- File with descriptions of data sets (tag sets): datasets.csv
- File with descriptions of MMS protocol reports: iec61850_mms_reports.csv
- System event types in Kaspersky Industrial CyberSecurity for Networks
- System event types based on Deep Packet Inspection technology
- System event types based on Command Control technology
- System event types based on Network Integrity Control technology
- System event types based on Intrusion Detection technology
- System event types based on Asset Management technology
- System event types based on External technology
- Glossary
- Account role
- ARP spoofing
- Asset Management
- Command Control
- CVE
- Dedicated Kaspersky Industrial CyberSecurity network
- Deep Packet Inspection
- Device
- Device vulnerability
- Event
- Event correlation rule
- Event type
- External
- ICS
- Incident
- Industrial network
- Intelligent electronic device (IED)
- Interaction Control rule
- Intrusion Detection
- Intrusion Detection rule
- Kaspersky Industrial CyberSecurity for Networks Sensor
- Kaspersky Industrial CyberSecurity for Networks Server
- Link on the network map
- Monitoring point
- Network Integrity Control
- Network map
- Node
- Notification
- PLC project
- Process Control rule
- Programmable Logic Controller (PLC)
- SCADA
- Security policy
- SIEM
- System command
- Tag
- Information about third-party code
- Trademark notices
Administration of Kaspersky Industrial CyberSecurity for Networks > Updating databases and application modules > Manually starting an update
Manually starting an update
Manually starting an update
You can run an update at any time. The capability to run an update is available after a license key is added.
Only users with the Administrator role can manually start an update.
To manually start an update:
- Connect to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface using the Administrator account.
- Select Settings → Update.
- In the Source for manual update settings block, select one of the following options for update sources:
- Local update source – lets you download updates from files via a specific local path. You can use the Browse button to specify the local path to files.
- Kaspersky update servers – for downloading updates from Kaspersky update servers.
- Kaspersky Security Center Administration Server – for downloading updates from the Kaspersky Security Center Administration Server (this option is available if the capability for application interaction with Kaspersky Security Center has been added).
- Click the Update now button.
Article ID: 167548, Last review: Dec 5, 2024