Kaspersky Industrial CyberSecurity for Networks (hereinafter referred to as "KICS for Networks") is an application designed to protect the industrial enterprise infrastructure from information security threats, and to ensure uninterrupted operation. The application analyzes industrial network traffic to identify deviations in the values of process parameters, detect signs of network attacks, and monitor the operation and current state of network devices.
Kaspersky Anti Targeted Attack (hereinafter referred to as KATA) is an application designed for protection of corporate IT infrastructure and early detection of threats such as zero-day attacks, targeted attacks, and advanced persistent threats.
KICS for Networks or KATA can be integrated with KUMA. After configuring integration, you can perform the following tasks in KUMA:
Import of asset information from KATA version 7.1 is available only in KUMA version 4.0 and later.
Unlike KUMA, KICS for Networks and KATA refers to assets as devices.
The integration of KICS for Networks or KATA and KUMA must be configured in both applications:
You can configure the integration on the side of KICS for Networks 4.0 or later as well as on the side of KATA 7.0 and later versions. Configuring the integration on either side allows correctly transmitting asset and event information to KUMA.
The integration described in this section applies to importing asset information. KICS for Networks or KATA can also be configured to send events to KUMA. To do so, you need to create a SIEM/Syslog connector in KICS for Networks or KATA, and configure a collector on the KUMA side.