Changing and deleting the settings for connection of the Integration Server to the virtual infrastructure
The Integration Server receives information about the protected virtual infrastructure required for the application to run, either from the hypervisor or the virtual infrastructure administration server. The Infrastructure connection settings section of the Integration Server Console displays a list of all hypervisors and virtual infrastructure administration servers to which the Integration Server connects.
In the Infrastructure connection settings section of the Integration Server Console, you can perform the following actions:
- Change the name and password of the account that is used to connect the Integration Server to the hypervisor or to the virtual infrastructure administration server.
- In a VMware infrastructure: enable or disable the use of VMware NSX Manager by Kaspersky Security, and enter or modify the settings for connecting the Integration Server to VMware NSX Manager.
- Remove a hypervisor or virtual infrastructure administration server from the list of hypervisors and virtual infrastructure administration servers to which the Integration Server connects.
The list of hypervisors and virtual infrastructure management servers to which the Integration Server connects is displayed as a table, each line of which contains the following information:
- Type and IP address in IPv4 format or the fully qualified domain name (FQDN) of the hypervisor or virtual infrastructure administration server.
- Status of the connection between the Integration Server and the virtual infrastructure.
- For VMware infrastructure: IP address in IPv4 format or fully qualified domain name (FQDN) of VMware NSX-V Manager or VMware NSX-T Manager, if the use of VMware NSX Manager by Kaspersky Security is enabled. If VMware NSX Manager is used, Kaspersky Security can assign security tags to the protected virtual machines.
If the Integration Server is not connected to the hypervisor or to the virtual infrastructure administration server, the table displays an error message.
The Integration Server verifies the authenticity of all hypervisors and virtual infrastructure administration servers that are displayed in the table, except a Microsoft Windows Server (Hyper-V) hypervisor. Authenticity verification is not performed for a Microsoft Windows Server (Hyper-V) hypervisor.
To verify authenticity, the Integration Server receives an SSL certificate or fingerprint of the public key from each hypervisor or virtual infrastructure administration server and verifies them. If the authenticity could not be determined for the certificate or public key received from a hypervisor or virtual infrastructure administration server, the Integration Server disconnects from this hypervisor or virtual infrastructure administration server. An error message is displayed in the table.
You can resolve this error in one of the following ways:
- Confirm the authenticity of the certificate or public key received from the hypervisor or virtual infrastructure administration server. To do so, you need to go to the list of hypervisors and virtual infrastructure administration servers displayed in the SVM Management Wizard (for example, see the "Selecting hypervisors for SVM deployment" step of the SVM deployment procedure). The Certificate verification or Open key fingerprint verification window opens depending on the type of hypervisor or virtual infrastructure administration server. In this window, you can confirm the authenticity of the certificate or public key.
- If you do not consider the certificate to be authentic, you can replace the certificate with a new one.
If the use of VMware NSX Manager by Kaspersky Security is enabled, the Integration Server also checks the VMware NSX Manager certificate and the table displays a message if a certificate error is detected. You can resolve an error in the VMware NSX Manager certificate in one of the following ways:
- Verify the authenticity of the certificate. To view information about the received certificate, you need to click the Confirm VMware NSX Manager certificate authenticity link that is displayed in the error message. If the certificate complies with the security policy of your organization, you can confirm the authenticity of the certificate and continue connecting to VMware NSX Manager. To do so, click the Consider certificate to be authentic button in the Certificate verification window. The received certificate will be installed as a trusted certificate on the computer where the Kaspersky Security Center Administration Console is installed.
- If you do not consider the certificate to be trusted, you can disconnect by clicking the Cancel button, and replace the certificate with a new one.
Page top