You can configure settings of each Central Node component individually or manage several components in a centralized way in distributed solution mode.
The distributed solution is a two-tier hierarchy of servers with Central Node components installed. This structure sets apart a primary control server known as the Primary Central Node (PCN) and secondary servers known as Secondary Central Nodes (SCN). Interaction of servers requires connecting SCN to PCN.
If you have deployed the Central Node component as a cluster, the entire cluster takes on the role of a PCN or SCN.
PCN and SCN scan files and objects using the same technology as the individually managed Central Node component.
The distributed solution allows centralized management of the following functional areas of the program:
If you are supporting multiple organizations or branch offices of the same organization, you can use the program in multitenancy mode.
Multitenancy mode lets you use the solution to protect the infrastructure of multiple organizations or branch offices of the same organization (hereinafter also referred to as "tenants") simultaneously. You can install Kaspersky Anti Targeted Attack Platform on one or more Central Node for each tenant. Each tenant can manage the program independently from other tenants. The service provider can manage the data of multiple tenants.
For each user account, the number of simultaneous program management sessions is limited to one IP address. If the same user name is used to log in to the program from a different IP address, the earlier session is terminated.
If you are using the distributed solution and multitenancy mode, the limit is enforced for each PCN and SCN server separately.
Operation of the program in distributed solution mode
You can use the distributed solution and multitenancy mode in the following cases:
When the program switches to the distributed solution and multitenancy mode, all previously added license keys are deleted from servers with the SCN role. Each connected SCN receives a key from the PCN. If full functionality of the program is used for the PCN (KATA and KEDR key), and partial functionality is used for the SCN (only KATA key or only KEDR key), the SCN server load limit may be exceeded because of the increased volume of data. If partial program functionality is used for the PCN (only KATA key or only KEDR key), and full functionality is used for the SCN (KATA and KEDR key), the program functionality is partially unavailable.
License keys can be managed only on the PCN.
You can use the following scenarios to deploy the program in distributed solution and multitenancy mode:
In this case, you must upgrade the Central Node component to version 5.0.
Before you switch servers with Central Node components installed to distributed solution mode, you should review the changes that will be applied to the system after the operating mode is changed. Assigning the PCN role to a server is irreversible.