Monitoring the ICS security state: Kaspersky Security Center and SCADA

Kaspersky Industrial CyberSecurity for Nodes 3.2 can transmit the security state (information about detected threats) of the industrial control system ("ICS”) to Kaspersky Security Center. If settings are configured to allow threat information to be sent to Kaspersky Security Center, then you can configure a SCADA system to receive information from Kaspersky Security Center about ICS threats.

Viewing the ICS security state in Kaspersky Security Center

To view the ICS security state in Kaspersky Security Center:

1. Open the Kaspersky Security Center Administration Console.
2. In the Administration Console tree, select the Managed devices node.
3. In the list of computers, select the computer on which Kaspersky Industrial CyberSecurity for Nodes 3.2 is installed.

Information about the security state is displayed in the details pane on the right.

The status of the computer with Kaspersky Industrial CyberSecurity for Nodes 3.2 displays the ICS security state. The color of the computer icon corresponds to one of two possible ICS states:

• Green: OK. The computer with Kaspersky Industrial CyberSecurity for Nodes 3.2 has no unconfirmed critical events (Kaspersky Security Center incidents).
• Red: Critical. The computer with Kaspersky Industrial CyberSecurity for Nodes 3.2 has unconfirmed critical events (Kaspersky Security Center incidents).

Viewing the ICS security state through a SCADA system

To configure the ICS security state to be received and displayed by a SCADA system:

1. Install Kaspersky Security Gateway.
2. Configure the connection to the SCADA system and the communication protocols usage for transmit and display the information received from Kaspersky Industrial CyberSecurity for Nodes about the protection status of industrial networks and network nodes.