Hardware requirements
Kaspersky Industrial CyberSecurity for Networks has the following minimum hardware requirements for computers on which application components will be installed:
We recommend a distributed deployment with a Server and external sensors. Configure industrial network traffic to be sent to sensor monitoring points. Sensors reduce the load on the Application Server thanks to traffic preprocessing and data storage.
All industrial network traffic must be load-balanced across Servers and sensors for stable performance. The recommended maximum incoming traffic rates are 500 Mbit/s for a Server node and 250 Mbit/s for a Sensor node.
Avoid sending duplicate traffic to the Server or sensor node and correctly configure the network equipment to transmit a copy of the traffic (for examples of configuring port mirroring for some switch models, see the Appendix). When duplicate traffic is detected, the application automatically drops the duplicate network packets, which increases the load on the computer hardware resources and in some cases may slow down the traffic processing.
When using sensors, the bandwidth of the dedicated Kaspersky Industrial CyberSecurity network between the Server and each sensor must be at least 1 Mbps, excluding the speed of the traffic coming to the sensor monitoring points. Considering the speed of the traffic coming to the monitoring points, the bandwidth of the channel between the sensor and the Server must be increased by at least 50% of the total incoming traffic to the sensor (for all monitoring points of the sensor).
Example: Two sensor monitoring points are being used, one of these receiving 100 Mbit/s, and the other, 200 Mbit/s. The bandwidth between the sensor and the Server in that case must be at least 151 Mbit/s (1+(200+100)/2=151). |
Software requirements
Kaspersky Industrial CyberSecurity for Networks has the following software requirements for computers on which application components will be installed:
When installing the operating system, it is recommended to allocate the entire hard drive (minus the minimum space required for the boot and swap partitions) to the system (root) partition. To improve the performance of software, you can also mount the /var/ folder to a high-speed hard drive (if you have an additional drive, such as an SSD drive). If you choose to do so, the /var/ folder must be completely mounted to the other drive. Subfolders within the /var/ folder (such as /var/opt/) cannot be mounted to different drives.
You can install the Chrony time synchronization package by using the following commands in the operating system console:
sudo dnf install chrony
sudo systemctl enable chronyd
sudo systemctl start chronyd
sudo mcedit /etc/selinux/config
SELINUX=disabled
You can install the dnf-utils package by using the following command in the operating system console:
sudo dnf install dnf-utils
You can install the compat-openssl package by running the following command in the operating system console:
sudo dnf install compat-openssl11
In CentOS Stream 9 operating system, you can install the lttng-ust package with the required version of the LTTng library using the following command in the operating system console:
sudo dnf install lttng-ust.x86_64
You can install packages for connectors and data conversion scripts by carrying out the following commands in the operating system console:
sudo dnf install epel-release
sudo dnf install python3-psycopg2 python3-cryptography python3-paramiko
You can install a Postfix mail server by using the following commands in the operating system console:
sudo dnf -y install postfix
sudo systemctl start postfix
sudo systemctl enable postfix
For installation of application components, it is recommended to use separate computers on which only software from the operating system is installed. If third-party applications are installed on computers, the performance of components of Kaspersky Industrial CyberSecurity for Networks may be reduced.
You can use the following browsers to connect through the web interface:
Supported Kaspersky Security Center versions
Kaspersky Industrial CyberSecurity for Networks is compatible with Kaspersky Security Center 14.2 and Kaspersky Security Center Linux version 15 and 15.1.
Integration with EPP applications
Kaspersky Industrial CyberSecurity for Networks supports operation in the integration mode with the following applications that perform functions to protect workstations and servers (EPP applications):
Interaction between Kaspersky Industrial CyberSecurity for Networks and this application is facilitated by the Kaspersky Endpoint Agent installed on the devices. Supported versions of Kaspersky Endpoint Agent: 3.15, 3.16, and 4.0.
Interaction between Kaspersky Industrial CyberSecurity for Networks and this application is facilitated by the software modules that are built into Kaspersky Industrial CyberSecurity for Linux Nodes.
All capabilities of integration mode are available when using Kaspersky Industrial CyberSecurity for Nodes version 4.0 with Kaspersky Endpoint Agent version 4.0. When using other versions of the specified software, the following functions of Kaspersky Industrial CyberSecurity for Networks cannot receive data from EPP applications:
Integration with Kaspersky SD-WAN
Kaspersky Industrial CyberSecurity for Networks supports integration with Kaspersky SD-WAN version 2.2 or later.