Kaspersky Industrial CyberSecurity for Networks provides the capability to update the following databases and application modules:
System Intrusion Detection rules.
Rules for obtaining information about devices and communication protocols.
Event correlation rules for registering incidents.
Modules for processing application-layer protocols for Deep Packet Inspection.
Timely updates of databases and application modules ensure maximum protection of the industrial network using Kaspersky Industrial CyberSecurity for Networks. It is recommended to update databases and application modules immediately after installing components of Kaspersky Industrial CyberSecurity for Networks, and then configure the settings for automatic installation of updates.
You can use the following update sources:
Kaspersky update servers.
Local folder on the computer that performs functions of the Kaspersky Industrial CyberSecurity for Networks Server.
Kaspersky Security Center Administration Server.
Installation of updates may be started automatically according to a defined schedule, or manually.
You can use the Kaspersky Industrial CyberSecurity for Networks Console to manually configure the settings for installing updates. You can view information about installed updates in the Application Console (only general information) or when connected to the Kaspersky Industrial CyberSecurity for Networks Server through a web browser (general information, and additional information saved in application messages).
Updates of databases and application modules are subject to the following limitations and special considerations:
To download updates from Kaspersky update servers, you must have Internet access. When connected to update servers from a computer that performs functions of the Kaspersky Industrial CyberSecurity for Networks Server, the connection is established over the HTTPS protocol (connection through a proxy server is not supported).
To download updates from a local folder, the kics4net group must be granted access to this folder. Use the standard tools of the operating system to grant access to the folder.
There is no support for downloading updates from folders on other computers over remote access protocols (FTP, NFS, SMB, and others). To download updates over a remote access protocol, you can connect a network resource (folder containing updates to be downloaded) on the computer that performs functions of the Kaspersky Industrial CyberSecurity for Networks Server. The network resource can be connected using the standard tools for mounting network resources in the operating system. After connecting the network resource, you can select a local folder to be mounted as the source of updates.
To download updates from the Kaspersky Industrial CyberSecurity for Networks Administration Server to Kaspersky Industrial CyberSecurity for Networks, the capability for application interaction with Kaspersky Security Center must be added. You can specify the settings for relaying events and application state to Kaspersky Security Center when installing or reinstalling Kaspersky Industrial CyberSecurity for Networks. Updates are downloaded from the Administration Server repository, which obtains its updates through the corresponding task in Kaspersky Security Center.