Hardware and software requirements
Hardware requirements
Kaspersky Industrial CyberSecurity for Networks has the following minimum hardware requirements for computers on which application components will be installed:
- Computer that will perform Server functions:
- CPU: Intel Core i7.
- RAM: 32 GB.
- Free space on the hard drive: 750 GB and an additional 250 GB for each monitoring point on this computer.
- Computer that will perform sensor functions:
- CPU: Intel Core i5 / i7.
- RAM: 4 GB, and an additional 2 GB for each monitoring point on this computer.
- Free space on the hard drive: 50 GB and 250 GB for each monitoring point on this computer.
It is recommended to use high-speed hard drives (for example, SSD drives).
When using sensors, the bandwidth of the dedicated Kaspersky Industrial CyberSecurity network between the Server and each sensor must be at least 50% of the cumulative incoming traffic at the sensor (for all monitoring points of the sensor).
Example: A sensor has two monitoring points. One monitoring point receives 100 Mbit/s of traffic, while the other receives 200 Mbit/s. In this case, the bandwidth of the channel between the sensor and the Server must be at least 150 Mbit/s ((200+100)/2=150). |
Software requirements
Kaspersky Industrial CyberSecurity for Networks has the following software requirements for computers on which application components will be installed:
- CentOS Linux version 8.3 or CentOS Stream 8 (you can migrate CentOS Linux version 8.3 to CentOS Stream 8 after Kaspersky Industrial CyberSecurity for Networks is already installed).
When installing the operating system, it is recommended to allocate the entire hard drive (minus the minimum space required for the boot and swap partitions) to the system (root) partition. To improve the performance of software, you can also mount the /var/ folder to a high-speed hard drive (if you have an additional drive, such as an SSD drive). If you choose to do so, the /var/ folder must be completely mounted to the other drive. Subfolders within the /var/ folder (such as /var/opt/) cannot be mounted to different drives.
- The same version of operating system must be installed on all computers where application components are installed.
- To install application components in the CentOS operating system, the following conditions must be fulfilled:
- Chrony time synchronization package version 3.1 or later is installed.
- The SELinux access control enforcement system is disabled.
- The dnf-utils package is installed.
- Python interpreter version 2.7 is installed.
- A symbolic link to the installed version of the python2 package is configured.
- The python2-pyyaml package is installed.
- To ensure proper functioning of application components on the computer that will perform Server functions, the following conditions must also be fulfilled in the CentOS operating system:
- Python interpreter version 3.6 or later is installed, as well as the following packages supporting the operation of connectors and data conversion scripts: python3-tqdm, python3-certifi, python3-dateutil, python3-pyyaml, python3-pytz, python3-urllib3, python3-psycopg2, python3-cffi (if connectors will also operate on other computers, the listed packages must also be installed on those computers).
- A Postfix mail server (Mail Transfer Agent – MTA) for sending emails through the email connector is installed.
- Perl interpreter version 5.10 or later is installed (if Kaspersky Security Center Network Agent is being installed).
For installation of application components, it is recommended to use separate computers on which only software from the operating system is installed. If third-party applications are installed on computers, the performance of components of Kaspersky Industrial CyberSecurity for Networks may be reduced.
To install the Kaspersky Industrial CyberSecurity for Networks Administration Plug-in for Kaspersky Security Center, the Windows update KB2999226 must be installed on the computer hosting the Kaspersky Security Center Administration Server. Installation of this update is required if the problems fixed by this update are relevant for the installed version of the operating system and configuration of the installed software on the computer hosting the Administration Server (please refer to the description of the specific update).
You can use the following browsers to connect through the web interface:
- Google Chrome version 91 or later.
- Mozilla Firefox version 89 or later.
- Microsoft Edge version 91 or later.
Kaspersky Industrial CyberSecurity for Networks is compatible with Kaspersky Security Center version 12 and 13.2. The Kaspersky Industrial CyberSecurity for Networks web management plug-in becomes available to use after you install Kaspersky Security Center Web Console version 13.2.571 and a patch for this application, which enables interaction with the Kaspersky Industrial CyberSecurity for Networks web management plug-in (patch version: 13.2.571.1). You can request the indicated versions of these programs from your technical account manager (TAM).
Kaspersky Industrial CyberSecurity for Networks supports joint operation with Kaspersky Industrial CyberSecurity for Nodes version 2.6 or later. It supports integration with Kaspersky Industrial CyberSecurity for Nodes version 3.0 (when integrated, Kaspersky Industrial CyberSecurity for Networks receives data from Kaspersky Industrial CyberSecurity for Nodes).