Solution architecture

Kaspersky

Online Help

Kaspersky Industrial CyberSecurity Endpoint Detection and Response

Support Send link

About Kaspersky Industrial CyberSecurity Endpoint Detection and Response > Solution architecture

Solution architecture

Kaspersky Industrial CyberSecurity Endpoint Detection and Response includes the following components:

An EPP application
An application included in a protection system for endpoint devices
(Endpoint Protection Platform, EPP).
An integrated system of comprehensive endpoint protection (for example, mobile devices, computers or laptops) using various security technologies. An example of an Endpoint Protection Platform is Kaspersky Endpoint Security for Business.

EPP applications are installed on endpoint devices within the IT infrastructure of an organization (for example, mobile devices, computers, or laptops). An example of an EPP application is Kaspersky Industrial CyberSecurity for Nodes included in Kaspersky Endpoint Detection and Response EPP solution.

(Kaspersky Industrial CyberSecurity for Nodes and Kaspersky Industrial CyberSecurity for Linux Nodes) that supports Kaspersky Industrial CyberSecurity Endpoint Detection and Response functionality and is installed on separate devices in the organization IT infrastructure. This application continuously monitors processes running on protected devices, open network connections, and file changes.
Kaspersky Endpoint Agent is an application that continuously monitors and sends information about processes, open network connections, and modified files on the device to Kaspersky Industrial CyberSecurity for Nodes.
A solution for centralized network security management (Kaspersky Security Center).
Threat Intelligence Tools:
- Kaspersky Security Network (KSN) infrastructure of cloud services that provides access to the online Kaspersky Knowledge Base, which contains information about the reputation of files, web resources, and software. Using data from the Kaspersky Security Network ensures the rapid response of Kaspersky applications to threats, improves the performance of various security components, and reduces the likelihood of false positives.
- Integration with Kaspersky Private Security Network (KPSN) that allows the users to access KSN reputation databases, as well as other statistics without submitting data to KSN from their devices.
- Integration with Kaspersky Threat Intelligence Portal, which contains and displays information about the reputation of files and URLs.
- Kaspersky Threats database.

Article ID: 231281, Last review: Aug 19, 2024

Page top