Support

Support for business applications

Kaspersky Industrial CyberSecurity for Networks

Installing and removing the application

Installing an updated application version with a patch

Kaspersky Industrial CyberSecurity for Networks
Нет результатов
Online Help
FAQ Download Forum Contact support Recovery tools Product videos

Installing an updated application version with a patch

March 22, 2024

ID 255711

Get as PDF

Under certain conditions, Kaspersky experts may prepare updated application files with the applied patches. Patches are intended for adding or fixing the functionality of the current application version if such changes cannot be applied by updating the databases and application modules.

The updated application files with the applied patch (hereinafter also referred to as "updated application files") are supplied in the form of an archive similar to the archive included in the application distribution kit.

If the application components are not yet installed on the computers, you can use the archive with the updated application files to install the application, the same way as the archive from the distribution kit. To do so, when preparing for the application installation, unpack the archive with the updated application files, but not the archive from the distribution kit. You can perform all other actions to install the components in the same way as when using the archive from the distribution kit.

If the components of the current application version are already installed on the computers, to install the updated application files with the patch, use the patch installation script kics4net-install-patch.sh. The kics4net-install-patch.sh script allows you to replace the installed application components of the current version with application components of the updated version and to migrate the data accumulated by the current application version. If an error occurs when replacing the installed components, the script rolls back the installation of the updated application files and returns the application to the state it had when the script was run.

What data can be migrated from the current application version using the kics4net-install-patch.sh script

The kics4net-install-patch.sh script is included in the application distribution kit and is in the archive with the updated application files.

The kics4net-install-patch.sh script installs the updated application files locally on the computer where the script is run. Therefore, to update all application components (Server and sensors), run the kics4net-install-patch.sh script sequentially on each computer with the installed application component. The components can be updated in any order: you can first update the application files on the Server computer and then on the sensor computers, or vice versa.

To install the updated application files on the computer where Kaspersky Industrial CyberSecurity for Networks Server or sensor is installed:

  1. Prepare the directory to store the old files from the archive that was last used for installing components or for the last update of application files.

    If the directory with the old unpacked files already exists on the computer (for example, the directory was not deleted after the local installation of the component), you can use this directory for further actions. If there is no such directory, perform the following actions to prepare it:

    1. Copy the archive that was last used for installing the components or to update the application files to a directory of your choice.
    2. Go to the folder containing the copied archive and enter the following command to unpack it:

      tar -zxvf <archive file name>

      The unpacked directories and files appear in a subdirectory whose name matches the name of the archive file.

    In the description of the further actions, this prepared directory is referred to as a directory with old files.

  2. Prepare the directory to store the new unpacked files from the received archive with the updated application files.

    To prepare the directory:

    1. Copy the archive containing the updated application files to your computer.
    2. Go to the folder containing the copied archive and enter the following command to unpack it:

      tar -zxvf <archive file name>

      The unpacked directories and files appear in a subdirectory whose name matches the name of the archive file.

    In the description of the further actions, this prepared directory is referred to as a directory with new files.

  3. In the directory with the new files, go to the <archive file name>/linux-centos subdirectory. This directory contains files of scripts and packages for installing, verifying and removing application components.
  4. Run the kics4net-install-patch.sh script:
    • To install the updated application files on the Server computer, enter the following command:

      sudo bash kics4net-install-patch.sh -o <path to the directory with the old files>/linux-centos -n <path to the directory with the new files>/linux-centos -b <path to the directory with the backup copy> --backup-traffic

    • To install the updated application files on the sensor computer, enter the following command:

      sudo bash kics4net-install-patch.sh -s -o <path to the directory with the old files>/linux-centos -n <path to the directory with the new files>/linux-centos -b <path to the directory with the backup copy> --backup-traffic

    where:

    • -o is a parameter specifying the full path to the directory that contains the scripts and package files for installation, verification, and removal of the application components in the directory with the old files (mandatory parameter).
    • - n is a parameter specifying the full path to the directory that contains the scripts and package files for installation, verification, and removal of the application components in the directory with the new files (mandatory parameter).
    • -b is a parameter specifying the full path to the directory for creating the backup copy (by default, the script creates a backup copy in a temporary directory and automatically deletes the created files if the installation of the updated application files is successful or if the installation is rolled back due to an error during the script operation).

      It is recommended to use this parameter to save the backup copy in the correct directory regardless of the kics4net-install-patch.sh script execution results. If a large amount of data is accumulated in the application, use the -b parameter to specify a mounted directory on a different hard drive and avoid the overflowing of the system (root) partition.

    • --backup-traffic is a parameter for adding the traffic dump files to the backup and further restoring these files after the updated application files are installed. By default, the traffic dump files are not copied to the backup directory; these files remain in their original location and are available if the installation is successful. This parameter allows you to automatically restore the traffic dump files in case of the rollback of the updated application files installation caused by an error in the kics4net-install-patch.sh script execution.

      It is recommended to use this parameter if you want to save the traffic dump files and there is a risk of errors during the installation of the updated application files. Typically, the directory where the application stores the traffic dump files requires a large amount of disk space. When the --backup-traffic parameter is used, the kics4net-install-patch.sh script copies these files to the backup directory, which may require significant additional disk space. Also, the script running time may significantly increase.

    • -s is a parameter for enabling installation of the updated sensor files; it is applied when the kics4net-install-patch.sh script is run on the sensor computer.

      Example:

      sudo bash kics4net-install-patch.sh -o /tmp/kics4net-release_<application version number>/linux-centos -n /tmp/kics4net-patch1_<application version number>/linux-centos -b ./old_kics4net_data --backup-traffic

The script starts installing the updated application files. Wait for the kics4net-install-patch.sh script to finish.

To view the application version on the Server and start working with the application after installing the updated files:

  1. Connect to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface. Use the IP address of the Server computer for the connection.
  2. Select the About section and view the version of the application installed on the Server.
  3. Select Initial configuration.
  4. Please read the terms of the End User License Agreement and the Privacy Policy. To do so, open each document by using the corresponding links in the names of the following check boxes: I confirm that I have fully read, understand, and accept the terms and conditions of this End User License Agreement and I am aware and agree that my data will be handled and transmitted (including to third countries) as described in the Privacy Policy. I confirm that I have fully read and understand the terms of the Privacy Policy.
  5. If you fully agree to the terms of the End User License Agreement and the Privacy Policy, select both check boxes.

    If you do not agree to the terms of the End User License Agreement and/or the Privacy Policy, close the web interface page and remove the installed application components from your computers.

  6. Click the Continue button.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.