Kaspersky Industrial CyberSecurity for Networks

What's new

March 22, 2024

ID 137225

Kaspersky Industrial CyberSecurity for Networks 3.1 has the following new capabilities and refinements:

  • Added functionality for centralized monitoring of the security state of information systems running the application – the Kaspersky Industrial CyberSecurity for Networks Administration web plug-in in the Kaspersky Security Center 13.2 Web Console provides the capability to monitor systems and Servers by using specialized web widgets, search events and devices, and map application components on geographic, schematic, or other images.
  • Added support for Single Sign-On (SSO) technology for users who are allowed to work with the Kaspersky Security Center Web Console (including Active Directory users) – these users can proceed from the Kaspersky Security Center Web Console page to the web interface page of the Kaspersky Industrial CyberSecurity for Networks Server and connect to the Server using their own account credentials. For user authentication, Kaspersky Security Center and Kaspersky Industrial CyberSecurity for Networks must be preconfigured to use Single Sign-On technology.
  • Added capability for integration with an Endpoint Protection Platform (EPP) – Kaspersky Industrial CyberSecurity for Nodes. When configuring receipt of data from these applications, you must also install the Kaspersky Endpoint Agent application. When working in integration mode, Kaspersky Industrial CyberSecurity for Networks receives data from nodes that are protected by Kaspersky Industrial CyberSecurity for Nodes, and uses this data to update information about registered devices, security events, and network interactions. Data from EPP applications let you take inventory of the industrial network and track interactions between devices even if you are not using monitoring points on nodes that have application components installed (if integration servers for data acquisition were added to these nodes). Security events forwarded from Kaspersky Industrial CyberSecurity for Nodes expand the capabilities of Kaspersky Industrial CyberSecurity for Networks to detect incidents and help identify a larger number of attacks in all monitored segments of computer networks. System event types based on Endpoint Protection Platform and Asset Management are used to register events according to data from EPP applications. Data regarding EPP applications installed on devices is displayed in the devices table, on network map nodes, and on a widget in the Dashboard section.
  • Augmented database for monitoring device vulnerabilities – the table in the Vulnerabilities section indicates the sources of information about detected vulnerabilities uploaded to the database. To detect vulnerabilities of only specific sources, you can select the relevant sources by enabling and disabling the use of various sources.
  • Expanded functional capabilities of the application programming interface (API) – when working with events, you can change their statuses, add labels, and send requests to load traffic for events. When working with allow rules, you can send requests to receive a list of rules, and enable, disable, and delete rules. Added capabilities to receive data on the current states and operating modes of technologies. Added capability to receive information about an added license key.
  • Expanded list of supported types of external projects that can be imported – various types of projects containing configurations of process control settings for devices can be imported into the application.
  • Extended support for application layer protocols and devices for process control – there are now additional capabilities for analyzing traffic of supported protocols and devices, and new supported protocols and devices have been added.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.