Support

Support for business applications

Kaspersky Industrial CyberSecurity for Networks

Administration of Kaspersky Industrial CyberSecurity for Networks

Managing monitoring points on nodes

Kaspersky Industrial CyberSecurity for Networks
Нет результатов
Online Help
FAQ Download Forum Contact support Recovery tools Product videos

Managing monitoring points on nodes

March 22, 2024

ID 129425

Get as PDF

Monitoring points are used for receiving and processing industrial network traffic in Kaspersky Industrial CyberSecurity for Networks. Monitoring points can be added or removed on any node that has application components installed (including on a node that performs Server functions). When adding or removing them, you do not need to restart the computer on which the application components are installed or reinstall components on the computer.

Each monitoring point must be associated with a network interface that receives a copy of traffic from a specific industrial network segment. To add monitoring points, you can use network interfaces that meet the following conditions:

  • Type of network interface: Ethernet.
  • MAC address: different from 00:00:00:00:00:00.
  • The network interface is intended for receiving a copy of industrial network traffic, and this network interface is not used for other purposes (for example, to connect nodes that have application components installed).

You can add monitoring points to not only physical network interfaces but also to logical interfaces that combine multiple physical interfaces (bonded interfaces). However, you cannot add a monitoring point to a physical network interface that is one of the interfaces of a logical bonded interface.

Monitoring points can be enabled and disabled. You can disable a monitoring point to temporarily stop monitoring an industrial network segment relaying a copy of traffic to a network interface. When you need to resume monitoring of the industrial network segment, you can enable the monitoring point.

After disabling or removing a monitoring point, the application may still register events associated with this monitoring point for some time. This is due to a possible delay in processing incoming traffic when the Server is experiencing high loads.

You can manage monitoring points and view information about monitoring points, network interfaces, and nodes in the Settings → Deployment section of the Kaspersky Industrial CyberSecurity for Networks web interface.

In this section:

Adding a monitoring point

Enabling monitoring points

Disabling monitoring points

Renaming a monitoring point

Deleting a monitoring point

Identifying the Ethernet port associated with a network interface

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.