In general, the choice of a centralized management architecture depends on the location of protected devices, access from adjacent networks, delivery schemes of database updates, and so on.
At the initial stage of architecture development, we recommend getting acquainted with the Kaspersky Security Center Cloud Console components and their interaction with each other, as well as with schemas for data traffic and port usage.
Based on this information, you can form an architecture that specifies: