HARDWARE AND SOFTWARE REQUIREMENTS

Hardware requirements

Kaspersky Industrial CyberSecurity for Networks has the following minimum hardware requirements for computers where application components will be installed:

• Computer that will perform Server functions:
  • CPU: Intel Core i7 or equivalent (highest single-core frequency configurations are recommended)
  • RAM: 32 GB
  • Free space on the hard drive: 500 GB (SSD is recommended)
• Computer that will perform sensor functions:
  • CPU: Intel Core i5 / i7 or equivalent (maximum core configurations are recommended)
  • RAM: 8 GB, and an additional 4 GB when using monitoring points on this computer (for any number of monitoring points)
  • Free space on the hard drive: 250 GB (SSD is recommended)

We recommend a distributed deployment with a Server and external sensors. Configure industrial network traffic to be sent to sensor monitoring points. Sensors reduce the load on the Application Server thanks to traffic preprocessing and data storage.

All industrial network traffic must be load-balanced across Servers and sensors for stable performance. The recommended maximum incoming traffic rates are 500 Mbit/s for a Server node and 250 Mbit/s for a Sensor node.

When using sensors, the bandwidth of the dedicated Kaspersky Industrial CyberSecurity network between the Server and each sensor must be at least 1 Mbps, excluding the speed of the traffic coming to the sensor monitoring points. Considering the speed of the traffic coming to the monitoring points, the bandwidth of the channel between the sensor and the Server must be increased by at least 50% of the total incoming traffic to the sensor (for all monitoring points of the sensor).

Software requirements

Kaspersky Industrial CyberSecurity for Networks has the following software requirements for computers on which application components will be installed:

• Astra Linux Special Edition RUSB.10015-01 (scheduled update 1.8).
• The same version of operating system must be installed on all computers where application components are installed.
• To install application components in the Astra Linux Special Edition operating system, the following conditions must be fulfilled:
  • UEFI or BIOS software settings allow operating system-level control of CPU performance. This enables the application to automatically set the CPU to maximum performance mode during installation or after a reboot.
  • The standard operating system components "Internet tools" and "Network services" are installed (in addition to the standard components that are installed by default in the operating system).
  • The operating system has an active firewall implemented by the UFW network security configuration application (for automatic configuration of network filtering).
  • Repositories containing up-to-date stable versions of installation packages are connected in the operating system (for example, connected repositories on discs containing an update of the installation disc for the operating system and an update of the disc containing development tools).
  • Chrony time synchronization package version 4.3 or later is installed.
  • The rsync package is installed.
  • The libcap2-bin package is installed.
  • The python3-apt package is installed.
  • The SSH server package is installed (for centralized installation of application components).
  • The en_US.utf8 locale is enabled (on the computer from which the centralized installation of application components will be performed).
• To ensure proper functioning of application components on all computers that will perform Server and sensor functions, the following conditions must be fulfilled in the Astra Linux Special Edition operating system:
  • Information streams are allowed without limitations from the capability-based access restriction mechanism (a null capability marker is set for all access objects).
  • The closed software environment mechanism is disabled in the operating system.
• To ensure proper functioning of application components on the computer that will perform Server functions, the following conditions must also be fulfilled in the Astra Linux Special Edition operating system:
  • Python interpreter 3.11 or later is installed, as well as packages for operation of connectors and data conversion scripts (if the connectors are planned to work on other computers, the packages must also be installed on these computers).
  • PostgreSQL secure database management system, part of the operating system distribution (installation package postgresql-15), is installed. The DBMS must use at least four physical or virtual CPU cores. Using a secure DBMS may require an additional vendor license depending on the operating system version and other factors.
  • Mail Transfer Agent (MTA) is installed and configured to send email through an email connector and to send reports via email. For example, you can configure an Exim 4 mail server.
  • Perl interpreter version 5.10 or later is installed (if Kaspersky Security Center Network Agent is being installed).

You can use the following browsers to connect through the web interface:

• Google Chrome version 115.
• Mozilla Firefox version 115.
• Microsoft Edge version 115.
• Chromium for Astra Linux version 115.

Supported Kaspersky Security Center versions

Kaspersky Industrial CyberSecurity for Networks is compatible with Kaspersky Security Center 15.1 (version 15.1.0.20748) and Kaspersky Security Center Linux 15.1 (version 15.1.0.12199). Supported Kaspersky Security Center Network Agent version: 15.1.0-20748.

Integration with EPP applications

Kaspersky Industrial CyberSecurity for Networks supports operation in the integration mode with the following applications that perform functions to protect workstations and servers (EPP applications):

• Kaspersky Industrial CyberSecurity for Nodes 4.0.
  • Interaction between Kaspersky Industrial CyberSecurity for Networks and this application is facilitated by the Kaspersky Endpoint Agent installed on the devices. Supported Kaspersky Endpoint Agent version: 4.0.
• Kaspersky Industrial CyberSecurity for Linux Nodes 1.5.
  • Interaction between Kaspersky Industrial CyberSecurity for Networks and this application is facilitated by the software modules that are built into Kaspersky Industrial CyberSecurity for Linux Nodes.

All capabilities of integration mode are available when using Kaspersky Industrial CyberSecurity for Nodes version 4.0 with Kaspersky Endpoint Agent version 4.0. When using other versions of the specified software, the following functions of Kaspersky Industrial CyberSecurity for Networks cannot receive data from EPP applications:

• Retrieving threat development chain details for EDR incidents when using Kaspersky Industrial CyberSecurity for Linux Nodes.
• Management of response actions when using Kaspersky Industrial CyberSecurity for Linux Nodes.
• Patch management on devices when using Kaspersky Industrial CyberSecurity for Linux Nodes.

Integration with Kaspersky SD-WAN

Kaspersky Industrial CyberSecurity for Networks supports integration with Kaspersky SD-WAN version 2.2 or later.

Page top