Centralized installation of application components

This section describes the procedure for centralized installation of application components when using the script named kics4net-deploy-<application version number>.bundle.sh.

Prior to centrally installing components, you must perform the necessary actions to prepare for application installation.

The application components centralized installation script uses data that was saved in the installation settings file. Running the script does not require root privileges for the current user account on the computer from which the installation will be performed.

During centralized installation of application components, by default the script verifies the checksums of packages in the folder containing the unpacked files from the distribution kit. This lets you verify the integrity of files from the application installation packages by comparing the calculated checksums of packages with their reference values. If a calculated checksum for even one package does not match the reference value, the installation script stops.

It is recommended to centrally install application components with package checksum validation enabled. If necessary, you can disable validation of package checksums. However, correct installation of application components cannot be guaranteed if you do so.

To centrally install components of Kaspersky Industrial CyberSecurity for Networks on computers:

1. On the computer from which the centralized installation will be performed, go to the folder with the unpacked files of scripts and packages for installing, verifying and removing application components, included in the distribution kit. For Kaspersky Industrial CyberSecurity for Networks 4.0, the files are located in the kics4net-release_<application version>/linux-centos subfolder. For Kaspersky Industrial CyberSecurity for Networks 4.0.1, the files are located in the kics4net-release_<application version>/linux-astra subfolder.
2. Enter the command for running the application components centralized installation script:

   bash kics4net-deploy-<application version>.bundle.sh

   If for some reason you need to disable validation of the checksums of packages used for application installation, you can enter the script startup command with the --skip-checksum-validation parameter. This parameter is intended only for testing and must not be used during normal installation of application components.

   The screen prompts you to choose the language of the installation menu.

3. Select the language that you want to use in the installation menu.

   The choice of the installation menu language does not affect the localization of the Kaspersky Industrial CyberSecurity for Networks components. The capability to choose the localization language of application components is available during initial configuration of Kaspersky Industrial CyberSecurity for Networks after a Server is installed.

4. If the script was run without the --skip-checksum-validation parameter, after selecting the language for the installation menu, the script runs a verification of the checksums of packages in the folder containing the saved files from the distribution kit. Wait for validation of the package checksums to complete.

   If a calculated checksum for even one package does not match the reference value, the installation script stops. In this case, replace the corrupted files with the original files from the distribution kit and run the application components centralized installation script again.

5. In the menu for selecting the installation option, select Run new installation.

   The main centralized installation menu appears on the screen.

6. Perform the following actions:
   1. Click the Add Server menu item to add a Server node and configure the main settings for this node.
   2. If you want to configure additional settings for the Server node, select Change Server settings and configure the relevant settings.

      In Kaspersky Industrial CyberSecurity for Networks version 4.0.1, if you want to use an installed Postgres Pro DBMS instead of the DBMS from the application distribution kit, you need to select Use installed Postgres Pro DBMS when configuring additional settings.

   3. If the Server is installed with sensors, use the Add sensor menu item to add nodes of sensors.
   4. If you want to configure additional settings for added sensor nodes, select Change sensor settings and configure the relevant settings for each added node.
   5. Use the Change the user running the installation menu item to specify the user account with root privileges that will be used for centralized installation of application components. This user account will be used on those nodes for which no additional account was specified when configuring advanced settings.
7. When finished configuring the settings, select Save settings and start installation.

   You will be prompted to enter the password of the user running the installation.

8. Enter the password of the user running the installation. The password must be entered twice: first in the SSH password prompt and then in the BECOME password prompt.

   The installation script will begin the installation of components. During installation, the screen will display service messages regarding operations being completed.

Wait for completion of the script kics4net-deploy-<application version number>.bundle.sh.

After installation of Kaspersky Industrial CyberSecurity for Networks components is complete, the application is not yet ready to monitor your industrial network. To use the application, you need to perform the necessary actions to prepare the application for operation.

See also: Centralized installation menu commands

Page top