Kaspersky IoT Secure Gateway Network Protector application management

Kaspersky IoT Secure Gateway Network Protector lets you block IP addresses whose internal and external traffic must be blocked, and unblock IP addresses whose traffic must be allowed.

Kaspersky IoT Secure Gateway Network Protector can block IP addresses according to industrial packet analysis rules that include command filtering rules and anomaly detection. You can define filtering rules in the application settings.

If a rule is triggered, Kaspersky IoT Secure Gateway Network Protector blocks suspicious network traffic and adds the source IP address to the denylist. You can manually delete an IP address from the denylist if you want to allow traffic from that IP address.

Kaspersky IoT Secure Gateway Network Protector can create up to 1000 rules in the list of blocked IP addresses.

Kaspersky IoT Secure Gateway Network Protector sends information about the blocked traffic and IP addresses to Kaspersky IoT Secure Gateway 1000. An appropriate event is added to the event log in Kaspersky Security Center and the firewall audit log in the Kaspersky IoT Secure Gateway 1000 web interface.

The IP address allowlist contains the internal network's and external network's IP addresses whose network traffic is not blocked by Kaspersky IoT Secure Gateway 1000. You can manually add IP addresses of the devices whose traffic should be allowed to the allowlist. Network traffic from IP addresses of the new devices that appear in the network is allowed by default; these IP addresses are not blocked by the system. If necessary, you can also remove IP addresses of devices from the allowlist.