Using the Kaspersky Industrial CyberSecurity for Networks API
Kaspersky Industrial CyberSecurity for Networks has an application programming interface (API) that provides access to application functions for external applications (hereinafter referred to as "recipient apps").
The Kaspersky Industrial CyberSecurity for Networks distribution kit includes a package containing descriptions of specifications for representing data in requests sent to the REST API server. The REST API server runs on the Kaspersky Industrial CyberSecurity for Networks Server computer and processes requests by using the architectural style of interaction known as REST (Representational State Transfer). Queries to the REST API server are sent over the HTTPS protocol. You can configure the REST API server settings under Settings → Connection Servers (including to replace the default self-signed certificate with a trusted certificate).
The JSON format is used to represent data in requests and responses.
The documentation containing descriptions of requests based on the REST architectural style is published as an Online Help Guide on the Kaspersky Online Help page. This documentation serves as the Developer's Guide. The Developer's Guide also provides sample code and detailed descriptions of called elements that are available in requests sent to the REST API server.
OPEN THE DOCUMENTATION DESCRIBING REQUESTS TO THE REST API SERVER
Recipient apps can use the Kaspersky Industrial CyberSecurity for Networks API to do the following:
- Receive data on devices known to the application.
- Add, modify, and delete devices.
- Receive data on registered events.
- Send events to Kaspersky Industrial CyberSecurity for Networks (the system event type with code 4000005400 is used for registering the events).
- Receive data on tags and tag parameters.
- Subscribe to notifications about received tag values.
- Receive data on detected vulnerabilities.
- Receive application messages and audit entries.
- Receive data on allow rules.
- Enable, disable, and delete allow rules.
- Receive the following application data:
- List of monitoring points and their parameters
- List of supported protocol stacks and their parameters
- List of event types and their parameters
- Current state and operating mode of technologies
- Application version and release dates of the installed updates
- Information about an added license key
- Application localization language
Recipient apps that utilize the Kaspersky Industrial CyberSecurity for Networks API can connect to the Application Server through connectors. Connectors use certificates for a secure connection. For each recipient app that will send requests to the REST API server, you need to create a separate connector in Kaspersky Industrial CyberSecurity for Networks.
A recipient app must use an authentication token for a connection with Kaspersky Industrial CyberSecurity for Networks. The application issues an authentication token upon request by the recipient app, and for this token it uses certificates of the connector that was created for this recipient app. An authentication token is valid for 10 hours. The recipient app can renew the authentication token by special request.
Documentation containing a description of queries for authentication token operations is published as an Online Help Guide on the Kaspersky Online Help page. This documentation serves as the Developer's Guide.
OPEN THE DOCUMENTATION DESCRIBING QUERIES FOR AUTHENTICATION TOKEN OPERATIONS
The Kaspersky Industrial CyberSecurity for Networks API provides the following options for working with recipient apps:
- Interaction based on the REST architectural style
- Interaction over the WebSocket protocol
Recipient apps can use the WebSocket protocol for interaction in the Kaspersky Industrial CyberSecurity for Networks API to create subscriptions to modified values received by the application. For example, this method of interaction lets you subscribe to notifications about the received values of a specific tag.