Kaspersky Lab Industrial Cybersecurity Subscription 3 Year(S)

Description :

Kaspersky Industrial CyberSecurity, Subscription license (3 years), 1 additional sensor, volume, level Y (5000+), English, Canada, United States

Kaspersky Lab Industrial CyberSecurity. License term in years: 3 year(s), Software type: Subscription

Kaspersky Industrial CyberSecurity for Networks is an application designed to protect the infrastructure of industrial enterprises from information security threats, and to ensure uninterrupted process flows. Kaspersky Industrial CyberSecurity for Networks analyzes industrial network traffic to monitor the activity of devices in the industrial network, detect prohibited system commands transmitted or received by devices, and detect attempts to set incorrect process parameter values. The application is part of the solution known as Kaspersky Industrial CyberSecurity.
Kaspersky Industrial CyberSecurity for Networks performs the following functions:
- Scans communications between industrial network devices to check their compliance with defined Network Control rules.
- Monitors industrial network devices and detects the activity of devices previously unknown to the application, as well as the activity of devices that must not be used in the industrial network or that have not shown any activity in a long time. When monitoring devices, the application can automatically refresh information about devices based on data received in network packets.
- Displays the network interactions between industrial network devices depicted as a network map.
- Displayed objects are visually distinguished based on various attributes (for example, objects requiring attention).
- Extracts the parameter values of the technological process controlled by the Industrial Control System (hereinafter referred to as the "ICS") from network packets and checks the acceptability of those values based on the defined Process Control rules.
- Analyzes industrial network traffic to see if network packets contain system commands transmitted or received by devices involved in automating an enterprise's processes (hereinafter referred to as "process control devices"). Monitors traffic to detect system commands or situations that could be signs of industrial network security violations.
- Monitors project read and write operations for programmable logic controllers, saves the obtained information about projects, and compares this information to previously obtained information.
- Analyzes industrial network traffic for signs of attacks without affecting the industrial network or drawing the attention of a potential attacker. Uses defined Intrusion Detection rules and preset network packet scan algorithms to detect signs of attacks.
- Registers events and relays information about them to recipient systems and to Kaspersky Security Center.
- Analyzes registered events and, upon detecting certain sequences of events, registers incidents based on embedded correlation rules. Incidents group events that have certain common traits or that are associated with the same process. Correlation rules may be updated when updates are installed.
- Saves traffic associated with registered events in the database. Traffic may be saved automatically if the saving of traffic is enabled for event types, or can be saved by requesting to load traffic.
- Can be used to work with both the GUI and API.