When working with Kaspersky Industrial CyberSecurity for Networks, you can conduct active polling of devices to receive the most accurate and complete information about devices and their configurations directly from the devices. Active polls are performed by using connectors. To conduct active polling of devices, one or more Active poll connectors must be added to the application.
Connectors provide various methods for conducting active polling. The available active polling methods depend on the utilized protocols and the commands and functions of these protocols. The application's built-in Active poll connector type contains a set of methods that support active polls over application-layer protocols and common protocols.
The methods are distinguished by the specific device information that they obtain. You can select the relevant information you need and the methods you want to use when configuring the active polling settings.
When using these methods, the application can automatically update the following device information based on the active polling results:
Name used to represent a device in the application.
Name used to represent the device in the network (network name).
Name of the device hardware vendor.
Device model name.
Device hardware version number.
Name of the device software vendor.
Device software name.
Device software version number.
Address information for network interfaces of the device.
Name of the operating system installed on the device (only for devices running Windows and Linux operating systems).
Configuration of Process Control settings and tags.
The application does not update data for which the automatic update function was disabled using the Autoupdate toggle button when the device was added or when device information was edited. The application also evaluates the authenticity of received device information and in some cases may reject unreliable updates of previously received information.
Some active polling methods support the capability to detect risks and to make changes to the topology map based on obtained device information.
Only users with the Administrator role can run active polling of devices.
To utilize active polling functionality, you need to take into account the following special considerations and limitations:
This functionality is available after a license key is added.
Application modules of the connectors used to conduct active polling of devices must have network access to the devices so that they can send requests and receive data from the devices. If application modules are running on a node that has application components installed, to ensure network access to devices this computer must have a network interface with a connection to the network of these devices. Network interfaces of monitoring points cannot be used for this purpose if these network interfaces receive mirrored industrial network traffic (for example, from SPAN ports of network switches).
Active polling may result in some unforeseen issues with devices due to the possibility that these devices may incorrectly interpret the incoming active polling commands. These issues may be caused by an inappropriate or highly specialized configuration of devices. Issues may also arise due to latent errors in the network configuration that are not apparent during normal interactions between the devices. Consequently, active polling poses the following risks of potential impact on devices:
Device shutdown
Loss of connectivity with the device
Impaired performance of the device
Other potential malfunctions in the network and equipment