Support

Support for business applications

Kaspersky Industrial CyberSecurity for Networks

Administration of Kaspersky Industrial CyberSecurity for Networks

Configuring address spaces

About address space subnets

Kaspersky Industrial CyberSecurity for Networks
Нет результатов
Online Help
FAQ Download Forum Contact support Recovery tools Product videos

About address space subnets

March 22, 2024

ID 209969

Get as PDF

The subnets of address spaces are displayed in the Subnets blocks within descriptions of address spaces.

The application checks the detected IP addresses against the list of subnets of address spaces, and can do the following depending on whether the IP addresses belong to specific types of subnets:

  • Add a device with its detected IP address to the devices table and monitor the activity of this device.
  • Display a device with its detected IP address on the network interactions map and the topology map as its corresponding type of node (known device, unknown device, or WAN node).
  • Display a network interactions map link in which one of the sides of interaction is a device with a detected IP address.
  • Verify the interaction of a device with a detected IP address based on defined rules (Interaction Control rules, Intrusion Detection rules, and correlation rules).
  • Ignore the activity of a device with a detected IP address.

The settings of address space subnets are displayed in the following columns of the table:

  • Subnet.

    Subnet address in Classless Inter-Domain Routing (CIDR) format: <base address of subnet>/<number of bits in mask>. The addresses of subnets are displayed as a tree that shows the nesting hierarchy of subnets.

  • Type.

    Subnet type that determines its purpose. The following types are provided:

    • Private, IT – subnet for devices serving as information technology (IT) resources, such as file servers.
    • Private, OT – subnet for devices related to operating technologies (OT), such as PLCs.
    • Private, DMZ – subnet for devices residing within a network segment of a demilitarized zone (DMZ), such as servers that handle requests from external networks.
    • Public – subnet that is considered to be an external (global) network for devices in other types of subnets. IP addresses from this subnet are represented by a WAN node on the network interactions map.
    • Link-local – subnet for network interactions within one segment of the local area network (not routed).
  • Range.

    Range of IP addresses in the subnet.

  • Ignore MAC addresses.

    Indicates whether detected MAC addresses are ignored when creating allow rules for network interactions involving IP addresses from the subnet. If this option is enabled, the MAC addresses detected together with IP addresses from the subnet will not be added to Network Integrity Control rules in learning mode.

  • Automatically add subnets.

    Indicates whether nested subnets are automatically added based on data received from EPP applications. If this mode is enabled, the application adds nested subnets based on data received from EPP applications.

When viewing the subnets table, you can use the configuration functions (by clicking the Customize tables link), and the filter, search, and sorting functions.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.