Jump to content
Americo Nery

Kaspersky Industrial CyberSecurity for Nodes 2.0 (En, Ru)

Recommended Posts

================================================================================

Kaspersky Industrial CyberSecurity for Nodes 2.0 (En, Ru)

================================================================================

 

Version 2.0.0.111 Release date: 12.01.2017

 

Kaspersky Industrial CyberSecurity for Nodes 2.0 is a solution for nodes protection inside a critical infrastructure.

The application provides a complex protection for servers and workstations included into an industrial system against known computer threats. The application is a part of the Kaspersky Industrial CyberSecurity solution.

A current application version possesses an improved functional capabilities of a previous version and is enhanced with a number of new components and features.

 

 

WHAT'S NEW

 

- Elevation of the application scalability index.

Kaspersky Industrial CyberSecurity for Nodes 2.0 is built on a dramatically new infrastructure that provides higher level of the scalability index when deploying the application inside a critical infrastructure.

 

- The Applications Launch Control functionality enhancement.

The SHA256 is added as a triggering criteria for the Applications Launch Control rules. The procedure of the rules list creation is broaden and simplified.

 

- Blocking untrusted hosts access to shared network file resources on a protected computer implementation (the Untrusted Host Blocking task).

The application allows you to block access to the network file resources in case any malicious activity from an untrusted host has been detected when running Real-Time File Protection or Anti-Cryptor tasks.

You can manage the list of untrusted hosts and configure the hosts blocking term.

 

- Anti-malware cryptors protection functionality implementation (the Anti-Cryptor task).

The application traces the malicious encrypting attempts targeted on data that are stored in the shared network folders, and lists hosts as untrusted, if they were detected as a source of malicious activity.

You can configure the settings of untrusted hosts blocking, and you can also configure the task protection scope - by excluding folders where data are normally encrypted.

 

- Blocking connections of the protected computer to the wireless networks implementation (the Wi-Fi Control task).

The application allows connections to those Wi-Fi networks that were added to the trusted list by the user. All attempts to connect to other Wi-Fi networks are to be denied by default.

You can form the trusted networks list by adding SSID for such networks manually or by selecting the networks from the list of the available for connection from a protected computer.

 

 

MIGRATION FROM KASPERSKY INDUSTRIAL CYBERSECURITY FOR NODES 1.0

 

Kaspersky Industrial CyberSecurity for Nodes 2.0 does not support migration from the version 1.0 of the application.

 

 

LIMITATIONS AND KNOWN ISSUES

 

- The Wi-Fi Control component is unavailable for the computers under Microsoft Windows OS without wlansvc service including Server 2003, Server 2003R2, XP SP2 x64.

 

- An enforced installation of the Wi-Fi Control component is available on the computers under Microsoft Windows OS without wlansvc service. An enforced installation might be performed in case the component is manually selected by user via Setup Wizard or using the command line key or via the Kaspersky Security Center intall package.

 

- The Anti-Cryptor and the Host Blocker components installation is unavailable for the computers under Microsoft Windows XP SP2 x86 OS.

 

- Both full and partial rights restriction for the built-in user SYSTEM is available via the application user access permissions settings. It is strongly unrecommended to restrict access permissions for the built-in user SYSTEM in order to avoid critical errors during the application work.

 

- When the application installed on a remote computer is controlled via the local Console together with the Firewall Management component usage, it is recommended to create and apply the port rule for 135/TCP.

 

- When the components that use Kaspersky Security Center network lists are controlled via the Kaspersky Security Center policy (such components include Quarantine, Backup, Wi-Fi Control, PLC Projects Control), the corresponded check-boxes of the "Inforn Administration Server" section are to be selected in the policy settings. Please consider that the check-box for the PLC project component is not selected by default.

 

- Scan on connection is unavailable for the MTP devices.

 

- When the Firewall rule scope consists of one IP-address only, the IPv6 format support is unavailable.

 

- On the Firewall Management task launch the following rules types are automatically erasen from the Windows Firewall rules list: 1) deny rules; 2) outbound rules.

 

- Archive objects scan implements SFX archives scan: when archive scan mode is enabled in the security settings, objects are scanned both in archives and in SFX archives. SFX archives scan without all archives scan is available.

 

- The Application Setup Wizard warns about too long path specified, if a full path to the Kaspersky Industrial CyberSecurity for Nodes installation folder contains more than 150 characters. The warning does not affect the application installation and further operations will be successful.

 

- Installing the SNMP Protocol Support component requires restarting the SNMP service if this service is running.

 

- Kaspersky Industrial CyberSecurity for Nodes cannot be activated with a key via the Application Setup Wizard in the following cases: if the key file is located on a drive created using the SUBST command; if a network path to the key file is specified. It is recommended to specify a local path to the key file or to postpone the activation untill performing via the local Console.

 

- When protection and scan scopes are configured using Kaspersky Industrial CyberSecurity for Nodes Console, it is possible to use only one mask in each path and only at the end of the path (for example: "C:\Temp\Temp*" or "C:\Temp\Temp???.doc" or "C:\Temp\Temp*.doc"). The limitation does not spread on the Trusted Zone component.

 

- When the command line utility is applied, special characters are displayed only if the regional settings of the operating system match the current Kaspersky Industrial CyberSecurity for Nodes localization.

 

- When basic authentication is used on a proxy server, authentication errors may occur when the user name or password are set using multi-byte encoding.

 

- When a file is restored from Quarantine or Backup, the encrypted value in the file attributes is not restored.

 

- After the critical software modules updates are installed, the Kaspersky Industrial CyberSecurity for Nodes icon is hidden by default.

 

- In Kaspersky Industrial CyberSecurity for Nodes Console, the filter is case-sensitive for the following nodes: Quarantine, Backup, System Audit Log, Task Logs.

 

- Installation of Kaspersky Industrial CyberSecurity for Nodes Security Administration Tools using Microsoft Active Directory group policies is not supported.

 

- If User Account Control is enabled in the operating system, the user account must be included into the KICS Administrators group to allow Kaspersky Industrial CyberSecurity for Nodes Console opening by double-clicking the application icon in the taskbar notification area. Otherwise, the About window opens.

 

- Kaspersky Security Center Administration Server checks the application database updates before its distribution on the computer network. The application module updates are not verified by the Administration Server.

 

- Windows Installer 3.1 is required for a proper Kaspersky Industrial CyberSecurity for Nodes installation and work on a computer under OS Microsoft Windows XP SP2. By default, the component is not included into a distribution kit of the OS Microsoft Windows XP SP2. You can download and install Windows Installer 3.1 component manually (https://www.microsoft.com/en-us/download/details.aspx?id=25).

 

- The Filter Manager component is required for a proper Kaspersky Industrial CyberSecurity for Nodes installation and work on a computer under embedded systems.

 

- Deinstallation of the application is unavailable via the "Programs and Features" window in the operation system if the User Account Control is applied.

 

- The application is unable to receive Windows Firewall events for the Firewall Management task log if installed on the computer under Microsoft Windows XP. Enabling of the audit process tracking in the Microsoft Windows local policy settings is required to activate the task log writing.

 

- Predefined rules for the Windows Firewall Management policy provide fulfillment for the basic interaction between local computers and Kaspersky Security Center Administration Server. For advanced functions usage you need to configure rules for ports manually. Full list of ports, protocols and their description is available in the Kaspersky Security Center Knowledge Base (article ID: 9297).

 

- The remote connection to the Kaspersky Industrial CyberSecurity for Nodes Console is unavailable if the application is installed on a computer, that works under OS Microsoft Windows XP SP2 with default configurations of a network access and is not connected to domain: by default, the mode "Guest only" is applied for an XP OS local accounts security model.

To enable the remote application management via the Console, configure the local policy security settings manually by setting up the "Classic" value.

 

- The Device Control task scope includes MTP-connected mass storages, if a protected computer works under OS Microsoft Windows 7 or higher. Kaspersky Industrial CyberSecurity for Nodes controls MTP-connected mass storages on a protected computer under OS Microsoft Windows XP and Microsoft Windows Vista, if the driver setups class GUID value for external devices that is identical to a standart Windows driver GUID value.

 

- The application does not control Windows Firewall rules and groups of rules changes during every minute polling by the Firewall Management task if these rules or groups of rules have been added while installing the Firewall Management component. For refreshing such rules state and availability the task restarting is required.

 

- For a proper work of the Firewall Management component, the Windows Firewall Service is to be started.

 

 

© 2017 AO Kaspersky Lab. All Rights Reserved.

 

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.