Updating the cluster to Kaspersky Secure Mail Gateway 2.0 MR1

Before updating Kaspersky Secure Mail Gateway, we strongly recommend you create a backup copy of Kaspersky Secure Mail Gateway virtual machines (a snapshot of the virtual machine in the hypervisor) of all cluster nodes. This will let you go back to the previous version of Kaspersky Secure Mail Gateway if the installation of the new version fails.

Before installing updates using the Kaspersky Secure Mail Gateway web interface, you must download the ZIP archive with upgrade packages from the Kaspersky website or a partner company website and extract the KTGZ update files from the archive.

This sequence of steps lets you keep processing the traffic of the organization during the update process.

To update the program to version 2.0 MR1 in a cluster containing multiple nodes:

In the web interface of the Control node, go to the Nodes section and make sure that all cluster nodes are available and do not have errors.
If there is no access to the cluster node, or if errors are encountered on the node, resolve the problems before you start the update process.
Install upgrade packages on one of the Secondary nodes.
To update Kaspersky Secure Mail Gateway to version 2.0 MR1 on the first of the cluster nodes being updated:
1. In the web interface of the Control node, go to the Message queue section, select the node for which you want to install the update, and disable the reception of messages on that node.
2. In the table of messages in the queue, filter the messages by node then wait until messages from all queues are sent.
3. In the web interface of the node being updated, click Install patch and install the preliminary upgrade package (ksmg_upgrade_2.0.0.6478_2.0.1.6960_step1.ktgz).
4. If necessary, log in to the web interface of the node.
5. Reload the page of the web interface by pressing F5 or clicking the Refresh button in your browser.
6. In the web interface of the node being updated, click Install patch and install the main upgrade package (ksmg_upgrade_2.0.0.6478_2.0.1.6960_step2.ktgz).
7. Wait until the operating system restarts, then reload the page of the web interface by pressing F5 or clicking the Refresh button in your browser.
8. In the web interface of the updated node, click Change role to Control node.
9. In the web interface of the new Control node:
  1. Update the databases.
  2. If a connection with the LDAP server was configured, update the LDAP cache.
    If a LDAP server connection was not configured, synchronize with an Active Directory domain controller.
    In the application web interface window, select the Settings → External services → LDAP server connections section.
    Select the Synchronization settings tab.
    In the Schedule drop-down list, select Manually.
    Click Save.
    Click Synchronize now.
  3. Turn on the reception and transmission of messages on all cluster nodes and click Apply.
  4. Turn off the reception of messages on all cluster nodes and click Apply.
  5. Turn on the reception of messages only on the updated node.
  6. To check if the messages can pass through the node, send a test message through the node and confirm if it was delivered to the recipient.
As a result, Kaspersky Secure Mail Gateway is updated to version 2.0 MR1 on the cluster node.
After installing the preliminary upgrade package, the node remains accessible to other cluster nodes.

After installing the main upgrade package, the node becomes inaccessible to other cluster nodes. In the web interface of this node, you need to assign it the role of the new Control node.
Install upgrade packages on each of the remaining Secondary nodes.
After the update, each Secondary Node will be accessible to the new Control Node and inaccessible to the old Control Node.
Install upgrade packages on the old Control node.
To update Kaspersky Secure Mail Gateway to version 2.0 MR1 on the old Control node of the cluster:
1. In the web interface of the old Control node, go to the Message queue section and turn off the reception of messages.
2. Wait until messages from all queues are sent.
3. Go to the Nodes section and assign the Secondary node role to the node.
4. In the web-interface of the node, install the preliminary upgrade package (ksmg_upgrade_2.0.0.6478_2.0.1.6960_step1.ktgz).
5. Wait until the operating system restarts.
  If necessary, log in to the web interface of the node.
6. In the web-interface of the node, install the main upgrade package (ksmg_upgrade_2.0.0.6478_2.0.1.6960_step2.ktgz).
7. Wait until the operating system restarts, then reload the page of the web interface by pressing F5 or clicking the Refresh button in your browser.
8. In the web interface of the new Control node:
  1. Update the databases.
  2. If a connection with the LDAP server was configured, update the LDAP cache.
    If a LDAP server connection was not configured, synchronize with an Active Directory domain controller.
    In the application web interface window, select the Settings → External services → LDAP server connections section.
    Select the Synchronization settings tab.
    In the Schedule drop-down list, select Manually.
    Click Save.
    Click Synchronize now.
  3. Turn on the reception of messages on the node with the updated program.
  4. To check if the messages can pass through the node, send a test message through the node and confirm if it was delivered to the recipient.
As a result, Kaspersky Secure Mail Gateway is updated to version 2.0 MR1 on the cluster node.
Before installing the update, you must assign the Secondary node role to it in the web interface of this node.

As a result, all cluster nodes are updated to Kaspersky Secure Mail Gateway version 2.0 MR1 and are accessible from the new Control node.

If necessary, give back the Control node role to the node that previously was the Control node.

Page top