Adding a secret

You can add secrets to the application secrets storage.

To add a secret:

1. Connect to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface using the Administrator account.
2. Select Settings → Secrets.
3. Open the details area by clicking Add secret.
4. Enter the secret name.

   The secret name must be unique (must not match the names of other secrets) and must contain up to 256 characters. You can use letters, numerals, a space, and the following special characters: ! @ # № $ % ^ & ( ) [ ] { } / \ : ; , . - _. The secret name must begin and end with any permitted character except space.

5. Select the type of secret and configure its settings.

   You can select the following types of secrets:

   • Password only: this type of secret is used if only the password of a user with the relevant permissions is required for the access to device configuration data.
   • User name and password: this type of secret is used if a user name and password are required to receive data from the device.
   • User name and password, root password: this type of secret is used if a user name and password are required to receive data from the device, and the root password or the password for an account that processes requests with administrator privileges is additionally required for a connection with administrator (root) privileges.
   • User name and password, encryption password: this type of secret is used if a user name and password are required to receive data from the device, and an encryption password is additionally required to establish encrypted connections.
   • Mixed: this type of secret is used for the Remote connection device polling method in vulnerability and compliance audit jobs or in configuration control jobs. You can specify the following settings for this type of secret:
     • User name to be used for remote connections to devices.

       A user name can contain Latin characters, numbers, periods, and the following special characters: _ and -. The name must begin with a letter, and end with any supported character except a period.

     • User password: if the user password will be used for authentication.

       The password must contain up to 256 ASCII characters.

     • Private key: if the private key of the certificate will be used for authentication.

       You can manually enter the sequence of characters comprising the key or upload the key from the certificate file by clicking Copy from file. Files in the CRT, PEM, CER formats are supported for uploading private keys. If the private key file is protected by a password phrase, enter the password phrase in the Passphrase field before uploading the key.

       To use the certificate private key, copy the certificate public key to all devices to which the remote connections using the secret are established. Copying the public key to devices is performed without the participation of Kaspersky Industrial CyberSecurity for Networks.

       Root user password: if an additional password is required for connections to network equipment with administrator (root) privileges. In such cases, access is requested on behalf of the root account or on behalf of the account that is set on the network equipment to process requests with administrator privileges.

6. Click Created.

See also: Vulnerability and compliance audit jobs Configuration control jobs Active device polling jobs

Page top