You can configure and enable integration of Kaspersky Industrial CyberSecurity for Linux Nodes with Kaspersky Industrial CyberSecurity for Networks. Integration enhances capabilities to investigate and respond to threats in industrial networks. If integration with Kaspersky Industrial CyberSecurity for Networks is enabled, data about events on the device received by Kaspersky Industrial CyberSecurity for Linux Nodes is sent to Kaspersky Industrial CyberSecurity for Networks integration server.
You can get information about successfully connecting to the integration server from Kaspersky Industrial CyberSecurity for Networks. A successful connection is indicated by events arriving from Kaspersky Industrial CyberSecurity for Linux Nodes to the integration server. Kaspersky Industrial CyberSecurity for Linux Nodes does not provide custom information about successfully connecting to the integration server to Kaspersky Industrial CyberSecurity for Networks.
An integration server certificate is used to protect the connection with the Kaspersky Industrial CyberSecurity for Networks integration server. Add a server certificate before enabling integration.
Additionally, to secure the connection, you can use a client certificate to authenticate the integration server clients, which are computers running Kaspersky Industrial CyberSecurity for Linux Nodes. By default, the integration server does not validate client certificates, but validation can be enabled on the integration server side. In this case, enable the client certificate usage in the integration settings and add the client certificate.
The Kaspersky Industrial CyberSecurity for Networks administrator provides the certificates for securing the connection with the integration server.
A proxy server is used to connect to Kaspersky Industrial CyberSecurity for Networks if the use of a proxy server is configured in the Kaspersky Industrial CyberSecurity for Linux Nodes general settings.
For details about Kaspersky Industrial CyberSecurity for Networks, refer to Kaspersky Industrial CyberSecurity for Networks documentation.
Kaspersky Industrial CyberSecurity for Networks integration settings
Setting |
Description |
|---|---|
Enable integration with KICS for Networks |
Enables or disables integration of Kaspersky Industrial CyberSecurity for Linux Nodes with Kaspersky Industrial CyberSecurity for Networks. The integration server is disabled by default. After selecting the check box, the integration settings become configurable. |
Address |
Kaspersky Industrial CyberSecurity for Networks integration server address. IP address or fully qualified domain name (FQDN) of the integration server can be specified. |
Port |
Port for connecting to Kaspersky Industrial CyberSecurity for Networks integration server. The default value is |
Use a server certificate |
Enables or disables server certificate usage to secure the connection to Kaspersky Industrial CyberSecurity for Networks integration server. The check box is selected by default. Using a server certificate is required for secure connection to the Integration Server. |
Add a server certificate |
Opens a window where you can add or change the Kaspersky Industrial CyberSecurity for Networks integration server certificate. |
Certificate information |
Information about the Kaspersky Industrial CyberSecurity for Networks integration server certificate you added:
|
Add a client certificate |
Opens a window where you can add or change a client certificate for additional protection of the connection to the Kaspersky Industrial CyberSecurity for Networks integration server. If a client certificate validation is enabled on the integration server side, enable the client certificate usage in the integration settings and add the client certificate. |
Maximum time to wait for a response from the server (sec) |
Maximum time to wait for a response from the integration server in seconds. The default value is |
Maximum number of events in one packet |
Maximum number of events in one packet. The default value is |
Interval for sending the event packet (sec). |
Period for sending the event packet in seconds. The default value is |