An assets table is created for the purpose of asset management in the application. All assets in the table are considered to be known to the application.
The assets table has the following limitations on the number of elements:
The total number of assets with the Authorized and Unauthorized statuses can be no more than 1000.
If the maximum number of assets with the Authorized and Unauthorized statuses is reached, new assets with these statuses are not added to the table. If this is the case, to add a new asset to the table you need to remove one of the previously added assets.
The number of assets with the Archived status can be no more than 1000.
If the maximum number of assets with the Archived status is reached, new assets with this status are added to the table in place of assets that have went the longest without showing any activity.
When the assets table is overfilled, the application displays the appropriate message.
The assets table contains the following information:
Name – name used to represent an asset in the application.
Asset ID – asset ID assigned in Kaspersky Industrial CyberSecurity for Networks.
Status – asset status that determines whether activity of the asset is allowed in the industrial network. An asset can have one of the following statuses:
Authorized. This status is assigned to an asset for which activity is allowed in the industrial network.
Unauthorized. This status is assigned to an asset for which activity is not allowed in the industrial network.
Archived. This status is assigned to an asset if it is no longer being used or must not be used in the industrial network, or if the asset has shown no activity and the asset information has not changed in a long time (30 days or more).
Address information – MAC- and/or IP addresses of the asset. If an asset has multiple network interfaces, you can specify the MAC- and/or IP addresses for the network interfaces of the asset. Up to 64 network interfaces can be assigned for an asset.
Category – name of the category that determines the functional purpose of the asset. Kaspersky Industrial CyberSecurity for Networks supports the following categories of assets:
PLC – programmable logic controllers.
IED – intelligent electronic devices.
HMI / SCADA – computers with installed software for human-machine interface (HMI) systems or SCADA systems.
Engineering workstation – computers with installed software to be used by ICS engineers.
Server – devices with server software installed:
Network device – network equipment (for example, routers, switches).
Workstation – desktop personal computers or operator workstations.
Mobile device – portable electronic devices with computer functionality.
Other – devices that do not fall into the categories described above.
Group – name of the group containing the asset in the asset group tree (contains the name of the group and the names of all its parent groups).
Security state – indicator of whether there are events associated with the asset. Depending on the severity levels of events, the following states are available:
Critical events. There are unprocessed events with the Critical severity level.
Warnings. There are unprocessed events with the Warning severity level but there are no unprocessed events with the Critical severity level.
OK. There are no unprocessed events or there are only events with the Informational severity level.
Last seen – date and time when the last activity of the asset was registered.
Last modified – date and time when information about the asset was last modified.
Creation date – date and time when the asset was added to the assets table.
OS – name of the operating system installed on the asset.
Vendor – name of the vendor.
Model – information about the model.
Network name – name used to represent the asset in the network.