Updating Kaspersky Anti Targeted Attack Platform

You can upgrade Kaspersky Anti Targeted Attack Platform from version 4.1 to version 5.0. During the upgrade, a non fault-tolerant version of the program is installed.

If you used one NTP server to configure the date and time of the Central Node server, we recommend to delete that NTP server or configure integration with an additional NTP server before updating Kaspersky Anti Targeted Attack Platform. Otherwise, an error may occur during the update.

An unavailable or non-operational server may be used as the additional NTP server.

Updating the program involves the following steps:

1. Updating the Sandbox component.

   The program does not have a standard upgrade procedure. You must install the component version 5.0.

   After installing the component you need to set the maximum number of simultaneously running virtual machines. The value 48 is used by default.

   When installing the component on a VMware ESXi virtual machine, you must set up a configuration described in Calculations for the Sandbox component section.

2. Updating the Central Node component.

   You can upgrade the component to version 5.0 only from version 4.1. If you are using an older version, you must upgrade it to 4.1 in the following order: 3.7 → 3.7.1, 3.7.1 → 3.7.2, 3.7.2 → 4.0, 4.0 → 4.1.

   To update the Central Node component on the server with this component, you must first run the script kata-upgrade-preparation. The script is included in the program distribution kit.

   If you are not using the distributed solution and multitenancy mode and are using a standalone Central Node server, you can upgrade the program on the Central Node server.

   If you are using the distributed solution and multitenancy mode:

   1. You can update the program on the PCN server. After the program upgrade is complete, the PCN server belongs to the same tenant it belonged to before the upgrade.
   2. If you want to update the program on an SCN server, change the role of the server from SCN to standalone Central Node server before performing the update.

      The program is updated on the standalone Central Node server.

      After updating the program, you can assign the SCN role to servers and select the tenant to which the SCN server belongs.

   3. After the program update is complete, by default, all users with the Administrator role are granted access to the web interface of the PCN server and all SCN servers.

      If before the program update, each user's access to SCN web interfaces was configured individually, you can configure it again.

      After the program update is complete, by default, all users with the Senior security officer and Security officer roles are granted access to the web interface of the PCN server and all SCN servers.

      If before the program update, each user's access to SCN web interfaces was configured individually, you can configure it again. To do so, in the web interface of the PCN server:

      1. Add the relevant tenants.
      2. Configure the access of user accounts with the Senior security officer and Security officer roles to those tenants and servers.
      3. Delete all SCNs that are temporarily disconnected from the PCN during the update.
      4. Re-connect all relevant SCNs to the PCN.

      The program prompts you to select a tenant for each SCN server.

      User access to SCN web interfaces is configured.

      Perform the program update procedure on the server where you want to update the data.

   Kaspersky Anti Targeted Attack Platform may contain user data and other confidential information. The Kaspersky Anti Targeted Attack Platform administrator must independently ensure the security of this data when updating the program, or in other cases when it may be necessary to permanently delete data. The Kaspersky Anti Targeted Attack Platform administrator bears responsibility for access to data stored on program servers.

3. Updating the Sensor component installed on a standalone server.

   The program does not have a standard upgrade procedure. You must install the component version 5.0.

4. Updating the Kaspersky Endpoint Agent component:
   • Kaspersky Endpoint Agent for Windows.

     If you use the solution together with Kaspersky Security for Windows Server, you can migrate from Kaspersky Security for Windows Server to Kaspersky Endpoint Security for Windows version 12.1 or later that contains a built-in agent. For more information about migration, see the Kaspersky Endpoint Security for Windows Help.

   • Kaspersky Endpoint Agent for Linux.
   • Kaspersky Endpoint Security for Windows.

Special considerations for upgrading Kaspersky Anti Targeted Attack Platform from version 4.1 to version 5.0

1. After updating Kaspersky Anti Targeted Attack Platform to version 5.0, you must add license keys again.
2. Custom widget layouts in the Dashboard section are not saved after the program update.
3. The settings of network interfaces are not saved. If you want to use network interfaces to receive mirrored SPAN traffic, you need to configure traffic capturing after the update.
4. Sensor and Sandbox component data are not preserved.
5. Central Node 5.0 is not compatible with Sensor and Sandbox components of earlier versions.

In this Help section Updating the Central Node component Contents and amount of information kept when updating Kaspersky Anti Targeted Attack Platform

Page top