Managing monitoring points

Monitoring points are used for receiving and processing industrial network traffic in Kaspersky Industrial CyberSecurity for Networks. Monitoring points can be added or removed on any node that has application components installed (including on a node that performs Server functions). When adding or removing them, you do not need to restart the computer on which the application components are installed or reinstall components on the computer.

Each monitoring point must be associated with a network interface that receives a copy of traffic from a specific industrial network segment. To add monitoring points, you can use network interfaces that meet the following conditions:

You can add monitoring points to not only physical network interfaces but also to logical interfaces that combine multiple physical interfaces (bonded interfaces). However, you cannot add a monitoring point to a physical network interface that is one of the interfaces of a logical bonded interface.

Monitoring points can be enabled and disabled. You can disable a monitoring point to temporarily stop monitoring an industrial network segment relaying a copy of traffic to a network interface. When you need to resume monitoring of the industrial network segment, you can enable the monitoring point.

After disabling or removing a monitoring point, the application may still register events associated with this monitoring point for some time. This is due to a possible delay in processing incoming traffic when the Server is experiencing high loads.

You can manage monitoring points and view information about monitoring points, network interfaces and nodes on the Deployment tab in the Settings section of the web interface of Kaspersky Industrial CyberSecurity for Networks.

In this section:

Adding a monitoring point

Enabling monitoring points

Disabling monitoring points

Renaming a monitoring point

Deleting a monitoring point

Identifying the Ethernet port associated with a network interface

Page top