mardi 2 juin 2020
Kaspersky Industrial CyberSecurity for Networks uses the Deep Packet Inspection (DPI) mechanism to extract and analyze the payload of industrial Ethernet protocols. This feature helps extract real process values from industrial traffic and alert on changes and incorrect communications which can be dangerous for technological process and lead to unwanted outcome.
To successfully parse industrial protocols, Kaspersky Industrial CyberSecurity for Networks may need configuration information containing PLC models, their IP-addresses, industrial protocols, variables, their addresses and types. To avoid possible mistakes in the security system configuration caused by manual entering of process-specific data, it is recommended to have SCADA configuration preliminarily exported from the process control system.
To provide IEC61850 protocol coverage, SCL configuration files from corresponding intellectual electronic devices (IEDs) are required.
Examples of SCADA configuration export approach are given below. For detailed configuration export procedure, refer to corresponding process control system documentation.
Knowledge Base :
Kaspersky Industrial CyberSecurity for Networks uses the Deep Packet Inspection (DPI) mechanism to extract and analyze the payload of industrial Ethernet protocols. This feature helps extract real process values from industrial traffic and alert on changes and incorrect communications which can be dangerous for technological process and lead to unwanted outcome.
To successfully parse industrial protocols, Kaspersky Industrial CyberSecurity for Networks may need configuration information containing PLC models, their IP-addresses, industrial protocols, variables, their addresses and types. To avoid possible mistakes in the security system configuration caused by manual entering of process-specific data, it is recommended to have SCADA configuration preliminarily exported from the process control system.
To provide IEC61850 protocol coverage, SCL configuration files from corresponding intellectual electronic devices (IEDs) are required.
Examples of SCADA configuration export approach are given below. For detailed configuration export procedure, refer to corresponding process control system documentation.
Knowledge Base :
Kaspersky Industrial CyberSecurity for Networks uses the Deep Packet Inspection (DPI) mechanism to extract and analyze the payload of industrial Ethernet protocols. This feature helps extract real process values from industrial traffic and alert on changes and incorrect communications which can be dangerous for technological process and lead to unwanted outcome.
To successfully parse industrial protocols, Kaspersky Industrial CyberSecurity for Networks may need configuration information containing PLC models, their IP-addresses, industrial protocols, variables, their addresses and types. To avoid possible mistakes in the security system configuration caused by manual entering of process-specific data, it is recommended to have SCADA configuration preliminarily exported from the process control system.
To provide IEC61850 protocol coverage, SCL configuration files from corresponding intellectual electronic devices (IEDs) are required.
Examples of SCADA configuration export approach are given below. For detailed configuration export procedure, refer to corresponding process control system documentation.
Knowledge Base :