Kaspersky Industrial CyberSecurity for Networks registers events based on one of the following technologies:
This technology is used to register events associated with process violations (for example, an event where the specified temperature was exceeded).
This technology is used to register events associated with industrial network integrity or the security of communications (for example, an event for the detection of communications between devices in the industrial network over a protocol that is new for those devices).
This technology is used to register events associated with the detection of traffic anomalies that are signs of an attack (for example, an event for the detection of signs of ARP spoofing).
This technology is used to register events associated with the detection of system commands for devices in traffic (for example, an event for the detection of an unauthorized system command).
This technology is used for incidents and events that are received by Kaspersky Industrial CyberSecurity for Networks from external systems using Kaspersky Industrial CyberSecurity for Networks API methods.
This technology is used to register events associated with detection of device information in traffic (for example, an event for the detection of a new IP address for a device).
You can assign the Deep Packet Inspection or External technology for custom event types. The application automatically assigns technologies for system event types.
Page top