Managing connectors

This section contains information about managing connectors in Kaspersky Industrial CyberSecurity for Networks. Connectors are specialized application modules that facilitate the exchange of data between Kaspersky Industrial CyberSecurity for Networks and recipient systems, including Kaspersky Security Center.

You can use connectors to configure forwarding of events, application messages, or audit entries to a recipient system (for example, to a SIEM system). Connectors can also facilitate the receipt of various data from recipient systems (for example, register events based on External technology).

Maximum number of connectors in the application – no more than 20.

System types of connectors and custom types of connectors can be used in the application.

System types of connectors are embedded in the application. The following system types of connectors are provided:

If necessary, you can add custom types of connectors that will facilitate the exchange of data between the application and other recipient systems. To add custom connector types, use the types_manager.py script located on the Server machine in the /opt/kaspersky/kics4net-connectors/sbin/ folder.

A recipient system is connected through a connector on behalf of one of the application users. It is recommended to use a separate user account for each connector. This will make it more convenient to analyze the actions that are performed through connectors based on audit entries.

In Kaspersky Industrial CyberSecurity for Networks version 3.0.1, there is a limit on the number of simultaneously open Server connection sessions for the same application user. When connected through a connector, the user that established the connection will not be able to connect to the Server (and continue working) through the web interface.

The application also provides a specialized connector named the Kaspersky Security Center Connector. This connector facilitates interaction between the application and Kaspersky Security Center. The Kaspersky Security Center Connector is created in the application by default and cannot be removed. To ensure proper functioning of the connector, the capability for the application to interact with Kaspersky Security Center must be added to the Kaspersky Industrial CyberSecurity for Networks Server.

Only users with the Administrator role can manage connectors.

In this section:

About forwarding events, application messages and audit entries to recipient systems

Adding a connector

Viewing the connectors table

Enabling and disabling connectors

Editing connector settings

Creating a new communication data package for a connector

Deleting connectors

Page top