About Unknown Tag Detection
Kaspersky Industrial CyberSecurity for Networks can analyze traffic to detect and save information about unknown tags. Unknown tags are tags that are absent from the tags table.
The application adds a detected tag to the tags table if the conditions for adding a tag are fulfilled. If one of the conditions is not fulfilled, the detected tag is ignored (for example, if the tag has no associated protocol specified for the device in the Process Control settings).
Information about unknown tags is obtained from traffic when the application is operating in Unknown Tag Detection mode. You can enable and disable this mode.
When the application is operating in Unknown Tag Detection mode, the performance of application-layer protocol processing modules may be slightly reduced. For this reason, Unknown Tag Detection is disabled by default after the application is installed. It is recommended to enable Unknown Tag Detection mode for a sufficient amount of time to detect all tags that may be associated with devices that have defined Process Control parameters. It is recommended to disable this mode after you have added detected tags to the table.
Unknown Tag Detection is supported for the following protocols:
- Allen-Bradley EtherNet/IP
- BACnet
- BSAP
- CODESYS V3 Gateway
- DMS for ABB AC 700F devices
- DNP3
- Emerson DeltaV
- IEC 60870: IEC 60870-5-101, IEC 60870-5-104
- IEC 61850: MMS
- Modbus TCP
- OPC DA
- OPC UA Binary
- Schneider Electric UMAS
- Siemens S7comm
- TASE.2
- Yokogawa Vnet/IP
- Protocol for interaction of Foxboro FCP270 and FCP280 devices
