You can generate lists of subnets for address spaces while taking into account the specific addressing of devices within the network of your organization.
If Kaspersky Industrial CyberSecurity for Networks receives data from EPP applications, the application can use this data to automatically add subnets in the appropriate address spaces. The application automatically adds detected subnets if they are nested within a subnet for which automatic addition of subnets is enabled.
Only users with the Administrator role can generate a list of subnets.
You can use the following functions to generate a list of subnets:
Connect to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface using the Administrator account.
Select the Assets section.
On the Address spaces tab, expand the block containing information about the address space in which you want to add a subnet.
In the header of the Subnets block, click the icon.
The details area appears in the right part of the web interface window.
In the Subnet field, enter the subnet address in CIDR format: <base address of subnet>/<number of bits in mask>.
In the Type drop-down list, select the type of subnet according to its purpose.
Set the following toggle buttons to the necessary positions:
Ignore MAC addresses for NIC rules – enables and disables the mode for skipping detected MAC addresses when creating allow rules based on Network Integrity Control technology.
If this option is enabled, the MAC addresses detected together with IP addresses from the subnet will not be added to Network Integrity Control rules in learning mode.
Automatically add subnets – enables and disables automatic addition of nested subnets according to data received from EPP applications.
If this mode is enabled, the application adds nested subnets within this subnet based on data received from EPP applications. By default, the type selected for the current subnet is indicated for these nested subnets.
Click Save.
The list of subnets will show the new subnet at its corresponding level of the hierarchy within the tree.
Connect to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface using the Administrator account.
Select the Assets section.
On the Address spaces tab, expand the block containing information about the address space in which you want to edit the subnet settings.
Expand the Subnets block and select the relevant subnet.
The details area appears in the right part of the web interface window.
Click the Edit button.
Depending on the necessary result, perform the following actions:
In the Subnet field, enter the subnet address in CIDR format: <base address of subnet>/<number of bits in mask>.
The address of the root subnet cannot be edited.
In the Type drop-down list, select the type of subnet according to its purpose.
When changing the subnet type, keep in mind that a new type of subnet may affect the accessible operations that the application can perform with IP addresses from this subnet. For example, if you select the Public type, the network interactions map will no longer display links to devices that were assigned IP addresses from this subnet.
Set the following toggle buttons to the necessary positions:
Ignore MAC addresses for NIC rules – enables and disables the mode for skipping detected MAC addresses when creating allow rules based on Network Integrity Control technology.
If this option is enabled, the MAC addresses detected together with IP addresses from the subnet will not be added to Network Integrity Control rules in learning mode.
Automatically add subnets – enables and disables automatic addition of nested subnets according to data received from EPP applications.
If this mode is enabled, the application adds nested subnets within this subnet based on data received from EPP applications. By default, the type selected for the current subnet is indicated for these nested subnets.
Click Save.
If the Subnet parameter is changed, the tree hierarchy level may be changed for a subnet.
In the list of subnets of an address space, you can delete any subnet except the root subnet in the tree (subnet 0.0.0.0/0).
To delete subnets:
Connect to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface using the Administrator account.
Select the Assets section.
On the Address spaces tab, expand the block containing information about the address space from which you want to delete subnets.
Expand the Subnets block and select the subnets to delete.
The details area appears in the right part of the web interface window.
Click the Remove button.
A window with a confirmation prompt opens.
In the prompt window, confirm deletion of the subnets.
Deleted subnets will no longer be displayed in the list of subnets. If a deleted subnet contained nested subnets, these subnets will remain in the list (but the tree hierarchy level of these subnets will change).
icon.