The scenario for preparing to receive data from EPP applications consists of the following phases:
During this phase, you need to install Kaspersky applications that perform functions for protecting workstations and servers (EPP applications). EPP applications need to be installed on all computers whose data you want to receive in Kaspersky Industrial CyberSecurity for Networks. These computers must either reside outside of the industrial network (whose traffic is monitored through monitoring points) or have an additional connection to another network that includes one of the nodes that has a Kaspersky Industrial CyberSecurity for Networks component installed (for example, a connection to the Kaspersky Industrial CyberSecurity dedicated network). Kaspersky Endpoint Agent must be installed together with EPP applications.
The current version of Kaspersky Industrial CyberSecurity for Networks can receive and process data only from Kaspersky Industrial CyberSecurity for Nodes version 3.0 or later. You can use Kaspersky Endpoint Agent version 3.11 or later to transfer data from Kaspersky Industrial CyberSecurity for Nodes to Kaspersky Industrial CyberSecurity for Networks. For information on installing these applications, please refer to the Help Guide for the specific application.
This phase involves the completion of procedures for adding integration servers to nodes that computers with Kaspersky Endpoint Agent will connect to. Network interactions between nodes and these computers are possible only through network interfaces that are not being used as monitoring points. Specific network interfaces and IP addresses are not configured for integration servers because any available network interface and IP address of a computer can be used for an external connection to the integration server.
At this phase, you need to create and download communication data packages in which the application saves certificates and keys for connections between clients and integration servers. Each communication data package is an archive containing the following data:
This phase is implemented by using the Kaspersky Security Center Administration Console and the Kaspersky Endpoint Agent administration plug-in. Computers with Kaspersky Endpoint Agent installed serve as clients for Kaspersky Industrial CyberSecurity for Networks integration servers. During this phase, you need to upload certificates and/or keys from communication data packages to the Kaspersky Security Center Administration Server by using the Kaspersky Endpoint Agent administration plug-in. Then, in the Kaspersky Security Center Administration Console, you need to create policies for uploading data to computers with Kaspersky Endpoint Agent. For information about working with data and creating policies, please refer to the Kaspersky Endpoint Agent documentation.
For each integration server, you must create at least one policy containing the following data to be uploaded to the computers of clients:
This phase is completed after applying policies and uploading data to computers with Kaspersky Endpoint Agent. During this phase, you need to enable all integration servers that will receive data from EPP applications. When an integration server is enabled on a node, the kics4net-epp-proxy service is activated.
When this scenario is fulfilled, Kaspersky Industrial CyberSecurity for Networks will begin to receive and process data from EPP applications.
Page top