Kaspersky Industrial CyberSecurity for Networks can receive and process data received from Kaspersky applications that perform functions to protect workstations and servers. These applications are included in the Endpoint Protection Platform (EPP) and are installed to endpoint devices within the enterprise IT infrastructure.
Data transfer from EPP applications is performed by computers that have Kaspersky Endpoint Agent installed. Kaspersky Endpoint Agent is installed to workstations and servers in the enterprise IT infrastructure as a supplement to EPP applications.
The current version of Kaspersky Industrial CyberSecurity for Networks can receive and process data from the Kaspersky Endpoint Agent application included in the distribution kit of Kaspersky Industrial CyberSecurity for Nodes. Installation of Kaspersky Endpoint Agent can be performed separately or together with Kaspersky Industrial CyberSecurity for Nodes.
The maximum number of computers from which data from EPP applications can be received and processed is 1,000.
Data from Kaspersky Endpoint Agent is forwarded to Kaspersky Industrial CyberSecurity for Networks through integration servers. Integration server functions can be performed by any node that has a Kaspersky Industrial CyberSecurity for Networks component installed (Server or sensor). For integration with Kaspersky Endpoint Agent, you need to add integration servers to the nodes that will receive data from Kaspersky Endpoint Agent.
On a Kaspersky Industrial CyberSecurity for Networks node, integration server functions are implemented by the service named kics4net-epp-proxy that facilitates integration with EPP applications. The installation package for this service is included in the distribution kit of Kaspersky Industrial CyberSecurity for Networks.
When an integration server receives data from Kaspersky Endpoint Agent, the application may do the following:
Computers hosting Kaspersky Endpoint Agent establish secure connections with integration servers over the HTTPS protocol. Connections are secured by using certificates issued by the Kaspersky Industrial CyberSecurity for Networks Server. The following certificates can be used in connections:
Kaspersky Security Center is used to deliver certificates and public keys to computers with Kaspersky Endpoint Agent. This data is uploaded to Kaspersky Security Center using a communication data package, which needs to be created in Kaspersky Industrial CyberSecurity for Networks after an integration server is added.
Only users with the Administrator role can configure receipt of data from EPP applications.