The internet of things (IoT) is an important tool in the digitalization and successful transition of enterprises to Industry 4.0. Connecting IoT equipment to cloud platforms allows you to build end-to-end digital services, improving your ability to analyze data and monitor device operation and condition. All of this helps save resources, improve management of digital infrastructure and boost business efficiency (including compliance with ESG standards).
To ensure end-to-end services are reliable and deliver maximum value to a company, you need to protect the IoT and its data from cyberthreats.
The internet of things needs a special approach to security. It is a complex environment consisting of a large number of disparate elements. Installing protection tools that need regular updates on each of them is a time-consuming and resource-intensive process. You can ensure the security of infrastructure and its data at the gateway level – the one link between equipment and a cloud platform.
Kaspersky IoT Infrastructure Security is a range of Cyber Immune gateways – Kaspersky IoT Secure Gateway (KISG) – based on KasperskyOS for building reliable and functional IoT systems. These gateways play a key role in creating end-to-end services for enterprise digital transformation.
The commercial development of KISGs and the creation of end-to-end digital services based on them is carried out by Adaptive Production Technologies LLC (Aprotech), Kaspersky’s subsidiary which took part in the development of the gateways. Solution delivery options:
Kaspersky IoT Secure Gateway 100 is a Cyber Immune data gateway for industry based on the Siemens SIMATIC IOT2040 hardware platform.
Kaspersky IoT Secure Gateway 1000 is a universal Cyber Immune gateway with monitoring functions and protection from cyberattacks, built on the Advantech UTX-3117 hardware platform. It works in tandem with Kaspersky Security Center, a platform for the centralized management of all gateway events.
The Kaspersky IoT Infrastructure Security range will be expanded in the future.
Gateway functions in an industrial network
Infrastructure and data protection on the gateway level
Assistance with digital transformation and building end-to-end services for on-premises and cloud analytics
Support for proven cloud storage and processing platforms
One-way data transmission through KISG 100 and centralized monitoring of all KISG 1000 events
The main source of threats is the internet of things itself. This is due to its infrastructure and technological complexity coupled with its rapid development. Here are just a few of the potential risks:
If there are devices on the IoT network with public addresses or access to "the outside", they can become targets for network attacks
All IoT devices connected to the network are also at risk. Hacking can lead to data leaks or spoofing, or allow attackers to change the software configuration
New unauthorized connections to the system can disrupt its structural integrity and prevent it from operating correctly
By gaining access to the cloud platform, attackers can compromise the data stored on it and alter configurations, putting the entire infrastructure at risk
Kaspersky IoT Secure Gateway 100, based on KasperskyOS, quickly and securely connects operational technology (OT) devices with the world of corporate IT systems. It is the first industrial internet of things (IIoT) gateway in the world to have Kaspersky Cyber Immunity – innate resistance to most types of cyberattacks.
KISG 100 collects and securely transmits data directly from industrial equipment via the OPC UA protocol to the Siemens MindSphere industrial cloud. At the same time, the gateway acts as a data diode – it only transmits information in one direction (from the field level to the cloud), which protects the equipment from external access by intruders.
Trusted data can be used to build reliable end-to-end digital services with cloud-based analytic apps. They help provide better analysis of production activities and, as a result, increase their efficiency.
The gateway operates on the Siemens SIMATIC IOT2040 hardware platform.
Innate resistance to the overwhelming majority of cyberattack types
MindLib support for work with a proven IIoT cloud
Dedicated hardware platform for industrial use
Connection to equipment and data transfer to the cloud via a proven universal protocol
The device is specially designed for industrial use and meets all the proven SIMATIC quality standards — durability, reliability and robustness.
Not only does the gateway have its own innate protection against cyberthreats, it also helps protect the entire IoT and IIoT infrastructure. It can be used together with Kaspersky IoT Secure Gateway 100 to secure the industrial internet of things, installing it “above” – at the border of the infrastructure and external data transfer networks.
Unlike KISG 100, this gateway can be used not only in industry, is able to "communicate" with equipment via a larger number of protocols and is compatible with a wide variety of clouds. It collects, verifies and distributes telemetry, and has management capabilities via MQTT.
All events in Kaspersky IoT Secure Gateway 1000 can be conveniently managed from a single center – the Kaspersky Security Center console. Together they form a comprehensive Kaspersky IoT Infrastructure Security solution.
The gateway operates on the Advantech UTX-3117 hardware platform.
Performs critical functions even in hostile environments
Protects the internet of things from cyberattacks
Convenient control and monitoring of all gateway events via Kaspersky Security Center
Enables the building of end-to-end services with cloud-based analytic applications
Innate security at the OS level as well as resilience to the vast majority of cyberattacks
Device detection and classification, registration of security events, protection against network attacks (IDS/IPS)
Secure connection and communication between the gateway and cloud platform via the MQTT (Broker) protocol over TLS
It is possible to use mobile data network as main or backup communication channel
Quick search and categorization of IoT devices based on their network activity. Registration of security events in the system and on the network
Firmware updates using only properly signed and encrypted images from trusted sources
Notifications to the administrator about incidents on the network and detection of new connected devices
Convenient network setup and monitoring, visibility and transparency. Easy-to-use, informative dashboard
High-performance fanless gateway supports IoT cloud computing in real time.
Kaspersky Security Center is an advanced integrated platform for centralized administration and monitoring of the events of Kaspersky IoT Secure Gateway 1000.
Transparency, cost reduction and improved administration efficiency; correlation of events from different sources
Management of up to 100,000 physical, virtual and cloud workstations
Incident notifications through various administrator-friendly channels: text messages, email, push notifications, etc.
Customizable and ready-to-use reports with dynamic filtering and sorting by any data field
Each administrator can only access the tools and data relevant to their work responsibilities
When purchasing or releasing a new application, a relevant extension can be installed without re-installing or patching the console