Hardware and software requirements

Hardware requirements

Kaspersky Industrial CyberSecurity for Networks has the following minimum hardware requirements for computers on which application components will be installed:

The maximum speed of inbound traffic at all monitoring points of the Server must be no more than 500 Mbps. For stable performance and to prevent data loss from incoming traffic in a distributed network architecture, it is recommended to use the deployment scheme that involves the Server and external sensors. Sensors reduce the load on the Application Server thanks to traffic preprocessing and data storage.

The maximum speed of incoming traffic at all of a sensor's monitoring points must be no more than 250 Mbps. When using sensors in a network with a distributed network architecture, it is recommended to configure receiving all industrial network traffic at a sensor's monitoring points and not at the Server.

If the devices originating the traffic also send duplicate traffic to another network interface of the Server or sensor, the application automatically discards duplicate network packets. However, the application's actions when processing network packets in this way increase the load on the computer's hardware resources and in some cases may slow down traffic processing.

When using sensors, the bandwidth of the dedicated Kaspersky Industrial CyberSecurity network between the Server and each sensor must be at least 1 Mbps, excluding the speed of the traffic coming to the sensor monitoring points. Considering the speed of the traffic coming to the monitoring points, the bandwidth of the channel between the sensor and the Server must be increased by at least 50% of the total incoming traffic to the sensor (for all monitoring points of the sensor).

Example:

A sensor has two monitoring points. One monitoring point receives 100 Mbps of traffic, while the other receives 200 Mbps. In this case, the bandwidth of the channel between the sensor and the Server must be at least 151 Mbps (1+(200+100)/2=151).

Software requirements

Kaspersky Industrial CyberSecurity for Networks has the following software requirements for computers on which application components will be installed:

Expand all | Collapse all

For installation of application components, it is recommended to use separate computers on which only software from the operating system is installed. If third-party applications are installed on computers, the performance of components of Kaspersky Industrial CyberSecurity for Networks may be reduced.

You can use the following browsers to connect through the web interface:

Kaspersky Industrial CyberSecurity for Networks is compatible with Kaspersky Security Center 14.2 and Kaspersky Security Center 15 Linux.

Kaspersky Industrial CyberSecurity for Networks supports operation in the integration mode with the following applications: Kaspersky Industrial CyberSecurity for Nodes 3.1 and 3.2 and Kaspersky Industrial CyberSecurity for Linux Nodes version 1.3. In the integration mode, Kaspersky Industrial CyberSecurity for Networks interacts with Kaspersky Endpoint Agent installed on the devices. When interacting with Kaspersky Endpoint Agent, the following functionalities are available in Kaspersky Industrial CyberSecurity for Networks:

Receiving basic data (telemetry data) is available when using Kaspersky Endpoint Agent 3.14 or later. The capabilities of receiving extended data and performing actions on devices are available when using Kaspersky Endpoint Agent 3.15 or Kaspersky Endpoint Agent 3.16. However, to interact with Kaspersky Endpoint Agent 3.15, you must use version 3.15.0.279 with the patch installed, which activates the functionality of integration with Kaspersky Industrial CyberSecurity for Networks. You can request Kaspersky Endpoint Agent 3.15.0.279 and the patch for this version from your personal technical account manager (TAM).

See also:

Overview of Kaspersky Industrial CyberSecurity for Networks functionality

Application architecture

Page top