Modifications of program settings for distributed solution mode and multitenancy

Modifications of program settings for the distributed solution mode and multitenancy mode are shown in the following table.

Modifications of program settings for the distributed solution mode and multitenancy mode

Functional area

PCN

SCN

Users

Users and roles assigned to them are preserved. Additionally, PCN users are granted access rights to work with PCN and all connected SCNs.

All users are deleted except the user that was created while Central Node was deployed.

After that, the SCN requests a list of users from the PCN and uses that list to create local users with the same parameters:

  • Name
  • Password
  • Role
  • Status

     

    Users that do not have rights to access the SCN, are not displayed in the list of users.

Alerts

Information about all alerts from all connected SCNs is added to the PCN database.

The user name is no longer displayed in existing alert information. User data are deleted from alert operation history.

Dashboard

On the Alerts tab, you can now select the SCNs whose information should be displayed in the widget.

On the System health tab, the status of connection of the PCN with connected SCNs is now displayed.

On the System health tab, the status of connection with the PCN is now displayed.

Tasks

Tasks created on the Central Node server before it was assigned the PCN role, as well as tasks created on the PCN after switching to distributed solution mode, apply to all connected SCNs.

Tasks created on SCNs are also displayed in the task list. Settings of these tasks cannot be changed on the PCN.

Tasks created on the PCN are displayed, as well as tasks created on this SCN.

Settings of tasks created on the PCN cannot be changed.

Reports

Templates and reports created before the switch to distributed solution mode are preserved.

A Servers column is added to the report table, containing information about the relevant SCN for the alert.

After switching to distributed solution mode, only reports created on an PCN are displayed.

Templates and reports created before the switch to distributed solution mode are preserved.

Information about the user who created the report is preserved if the PCN has a user with the same ID (guid). In other cases user information is deleted.

After switching to distributed solution mode, only reports created on an SCN are displayed.

Prevention

Policies created on the Central Node server before it was assigned the PCN role, as well as policies created on the PCN after switching to distributed solution mode, apply to all connected SCNs.

Policies created on SCNs are also displayed in the policy list. Settings of these policies cannot be changed on the PCN.

Presets for automatic creation of prevention rules become unavailable, new rules are not created. Rules that were previously automatically created are applied to all connected SCNs.

Policies created on the PCN are displayed, as well as policies created on this SCN.

Settings of policies created on the PCN cannot be changed.

Presets for automatic creation of prevention rules become unavailable, new rules are not created. Rules that were previously automatically created are applied only to this SCN.

Storage

All files and metadata that were stored on PCNs before the switch to distributed solution mode are preserved. The name of the PCN is displayed for them in the Central Node column.

The PCN also keeps the contents of the Storage of all connected SCNs.

All files and metadata that were stored on SCNs before the switch to distributed solution mode are preserved.

TAA exceptions

No changes.

No changes.

VIP status

No changes.

No changes.

Notifications

No changes.

No changes.

Integration with mail sensors

No changes.

No changes.

Integration with Kaspersky Security Center

Integration with Kaspersky Security Center becomes unavailable.

Integration with Kaspersky Security Center becomes unavailable.

Threat Hunting

During threat hunting in the database, the PCN sends a request to all connected SCNs. After the search query is processed, a list of PCN and SCN events of the selected organization is displayed.

No changes.

User rules ‑ TAA

IOC files added on the Central Node server before it was assigned the PCN role are applied to the PCN.

TAA (IOA) rules that were added on the Central Node server before it was assigned the PCN role are applied to the PCN.

IOC files and TAA (IOA) rules added on the PCN, as well as IOC files and TAA (IOA) rules added on this SCN before and after switching to distributed solution mode are displayed.

Backup of the program

Backup of the program is only available on a PCN that does not have SCNs connected.

To back up the program on a PCN, disconnect all SCNs from the PCN.

Backup of the program on an SCN is not available.

To back up the program on an SCN, disconnect that server from the PCN by switching it to standalone server mode.

Integration with MDR

Integration settings configured on the Central Node before it is assigned the PCN role are kept after switching to distributed solution mode and are applied to all connected SCNs.

Integration settings configured on the Central Node before it is assigned the SCN role are replaced with settings received from the PCN server after switching to distributed solution mode.

See also

Distributed mode and multitenancy transition scenario

Assigning the PCN role to a server

Assigning the SCN role to a server

Processing SCN to PCN connection requests

Viewing information about organizations, PCN and SCN servers

Adding an organization to the PCN server

Removing an organization from the PCN server

Renaming an organization on the PCN server

Disconnecting an SCN from PCN

Modifications of program settings for disconnecting an SCN from PCN

Decommissioning an SCN server

Page top