Upgrading Central Node installed on a server

Before installing the application upgrade package, it is recommended to first create a backup of the current state of each Central Node server to be updated and download it to the hard drive from the application administrator menu. If installing an application upgrade package fails, or if you need to reinstall Kaspersky Anti Targeted Attack Platform, you can use the backup copy of the application.
We also recommend learning about the limitations of the version to which you are upgrading.

If you are using the distributed solution and multitenancy mode, you need to upgrade each Central Node in accordance with the following procedure without disconnecting the SCNs from the PCN.

The disconnection of SCNs from the PCN is irreversible, you cannot reconnect an SCN to any PCN server.

You must first update the PCN first, then each SCN one by one. Upgrading SCNs before the PCN or upgrading multiple servers in parallel will cause the application to become inoperable.

The upgrade is delivered as an upgrade package. The package is included in the application distribution kit.

To upgrade Central Node installed on a server:

  1. Remove integration servers if any have been added.

    We recommend saving the settings of removed integration servers in any convenient way. After upgrading the application, you can restore these settings manually.

    All steps described below must be performed on servers in Technical Support Mode after elevating user privileges using the sudo -i command.

  2. If you have upgraded Central Node to version 7.0.3 from version 6.1 or earlier, run the following commands:

    rm -rf /data/upgrade/

    rm -rf /opt/upgrade_venv

    If you never upgraded to version 7.0.3, skip this step.

  3. Place the application upgrade package on the Central Node server in the /data directory.
  4. Sign in to the management console of the Central Node server where you want to perform the upgrade via SSH or through the terminal.
  5. Make sure you have more than 100 GB of free space on the /dev/sda2 partition.
  6. Unpack the upgrade archive:

    tar xvf /data/kata-upgrade-8.0.0.1-x86_64_en-ru-zh.tar.gz -C /data/

  7. Install the upgrade package by running the following commands:

    cd /data/upgrade/

    ./run_kata_upgrade.py

    The user name entry window is displayed.

  8. In the displayed window, in the Username field, enter the name of the user with administrator rights, select the OK button and press Enter.

    Default value: admin.

  9. In the displayed window, in the Password field, enter the password of the user with administrator rights, select the OK button and press Enter.

    This opens the window for entering the path to the update archive.

  10. This opens a window; in that window, in the Data directory field, enter the path to the update archive, select the OK button and press Enter.

    Default value: /data/upgrade

  11. In the displayed window, confirm the refusal to use the KEDR functionality.
  12. In the displayed window, select the localization language for the NDR functionality.

    Parts of the application related to NDR functionality will be displayed in the selected language.

    After some time, the console will display a message prompting you to power off the server.

  13. After the message prompting you to power off the server is displayed, run the following command:

    poweroff

  14. Mount the Ubuntu-based ISO image of Kaspersky Anti Targeted Attack Platform 8.0 (kata-cn-8.0.0.1-inst.x86_64_en-ru-zh.iso). If you are using Kaspersky Anti Targeted Attack Platform based on the Astra Linux operating system, follow the instructions to create an ISO image.
  15. Boot from the device that has the mounted iso image.
  16. In the GRUB bootloader menu, select one of the following commands:
    • When upgrading a Central Node deployed on Astra Linux: Upgrade 7.1.1.530 if you are upgrading the component from version 7.1.1, or Upgrade 7.1.3.533 if you are upgrading the component from version 7.1.3.
    • When upgrading a Central Node deployed on Ubuntu: Upgrade 7.1.3.533.
  17. Follow the remaining steps of the wizard to complete the upgrade on the server.

The Central Node component is upgraded.

After upgrading, you must log in again to the Central Node server management console over SSH or through the terminal.

If, after upgrading a Central Node component that has been used in distributed solution and multi-tenancy mode to version 8.0, the Embedded Sensor is missing, you need to restore its functionality by removing the limitations.

Page top