What's new

The new version of Kaspersky Industrial CyberSecurity for Nodes introduces the following new features and improvements:

• The default task mode that is displayed during installation of the application on a node or when creating a new Kaspersky Security Center policy for managing the application has been changed:
  • Network Threat Protection: the task mode has been changed to Notify only about detected attacks.
  • Exploit Prevention: operating mode changed to Notify only.
  • Real-time file protection: the user must choose the task run mode.
  • Application Integrity Control: the task is not created when installing the application on computers running the Windows XP and Windows Server 2003 operating systems.
• In PLC Project Integrity Check tasks, the list of supported types of devices and controllers has expanded:
  • devices based on CODESYS V3
  • OWEN PLC210
  • Fastwel CPM723-01
  • Prosoft-Systems Regul R500
  • Siemens SIMATIC S7-1500
  • Siemens SIMATIC S7-1200
  • Siemens SIPROTEC 4 series
• New capabilities have been added to the operating system firewall management task:
  • Set rules for outgoing connections.
  • Set the firewall mode for incoming and outgoing connections.
  • Set port ranges.
  • Indicate the type of rule (allowing or denying) in the parameters of the task rule.
  • Configure blocking of ICMP connections.
• In the Network Threat Protection task, protection against MAC spoofing attacks has been added.
• In the Applications Launch Control task, an option to filter by device group name has been added when creating rules based on events in the Kaspersky Security Center log.
• Improved protection of critical operating system processes.
• Improved protection of critical operating system files.
• The list of telemetry sent to Kaspersky has been expanded to improve the quality of customer service.
• Improved self-defense of application processes from external threats.
• Added support for workstation operating systems: Windows 10 22H2, Windows 11 22H2.
• Added support for embedded operating systems: Windows 10 (22H2) IoT Enterprise, Windows 11 (21H2) IoT Enterprise, Windows 11 (22H2) IoT Enterprise.
• Trusted process rules can now be applied to the Applications Launch Control task.
• For the File Integrity Monitor task, the ability to export rules to an external file and import rules from an external file has been added.
• For the Registry Access Monitor task, the ability to export rules to an external file and import rules from an external file has been added.
• Threat detection events in Pass-through mode for the Network Threat Protection task are now published with the Warning importance level instead of Critical.
• The settings for the applicability of trusted process rules in the File Integrity Monitor and Registry Access Monitor tasks are no longer available. Applicability settings for trusted process rules are now located in the trusted zone settings.
• In Kaspersky Security Center Web Console, in the rule settings of the Applications Launch Control task, you can now add allowing rules based on events in the Kaspersky Security Center log.
• When migrating a policy created in the old version of the Administration Plug-in, the data of not only the active policy profile, but also all other profiles is transferred to the new version.
• In the plug-in for managing the application via Kaspersky Security Center, the list of user information sources has been extended in the rule and task settings of Applications Launch Control, Device Control, File Integrity Monitor, and Registry Access Monitor tasks. Now the administrator can not only specify users from Active Directory lists, but also select users from lists of Kaspersky Security Center accounts or specify the user name or user group manually.
• The plug-in for managing the application via Kaspersky Security Center no longer supports creating a policy by exporting policy properties from a KLP file. However, this can still be done using the New Policy Wizard in the administration console of Kaspersky Security Center.