To install the Kaspersky Security management MMC plug-ins and the Integration Server, an account that belongs to the group of local administrators on the device where installation is performed must be used.
The following accounts can be used to start the Integration Server Console:
VMware vSphere platform
The following accounts are required for installation and operation of the application on a VMware ESXi hypervisor:
Roles should be assigned to accounts at the top level of the hierarchy of VMware inventory objects, that is, at the level of VMware vCenter Server.
Microsoft Hyper-V platform
To deploy, delete, or reconfigure an SVM on a Microsoft Windows Server (Hyper-V) hypervisor, a built-in local administrator account or domain account that belongs to the Hyper-V Administrators group is required. For a domain account, you must also grant permissions for remote connection and use of the following WMI namespaces:
A built-in local administrator account or domain account that belongs to the Hyper-V Administrators group and has the permissions listed above is also used to connect the Integration Server to a Microsoft Windows Server (Hyper-V) hypervisor.
Citrix Hypervisor platform
The following accounts are required for installation and operation of the application on Citrix Hypervisor:
KVM platform
The following accounts are required for installation and operation of the application on a KVM hypervisor:
Proxmox VE platform
The following accounts are required for installation and operation of the application on a Proxmox VE hypervisor:
Skala-R platform
The following accounts are required for installation and operation of the application on a R-Virtualization hypervisor:
HUAWEI FusionSphere platform
The following accounts are required for installation and operation of the application on a HUAWEI FusionCompute CNA hypervisor:
Nutanix Acropolis platform
The following accounts are required for installation and operation of the application on a Nutanix AHV hypervisor:
OpenStack cloud platform, VK Cloud platform, and TIONIX Cloud Platform
The following accounts are required to install and operate the application in an infrastructure running on the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform:
Permissions for infrastructure object operations. |
Permissions for sending requests to OpenStack microservices API |
Keystone |
|
Authentication. Querying the state of authentication token for the current user. |
auth/tokens (POST/GET) |
Getting a list of all OpenStack domains. |
domains (GET) |
Getting a list of available OpenStack projects for the current user. |
auth/projects (GET) |
Compute (Nova) |
|
Getting a list of virtual machines. |
servers/detail (GET) |
Getting virtual machine information. |
servers/{server_id} (GET) |
Getting a list of virtual machine types (instance types). |
flavors/detail (GET) |
Getting information about available OpenStack project resources. |
limits (GET) |
Getting a list of server groups. |
os-server-groups (GET) |
Getting a list of availability zones. |
os-availability-zone (GET) |
Getting a list of network interface of the virtual machine. |
servers/{server_id}/os-interface (GET) |
Creating a network interface for the virtual machine. |
servers/{server_id}/os-interface (POST) |
Creating the virtual machine. |
servers (POST) |
Starting/stopping the virtual machine. |
servers/{server_id}/action (POST) |
Removing network interface of the virtual machine. |
servers/{server_id}/os-interface/{port_id} (DELETE) |
Removing the virtual machine. |
servers/{server_id} (DELETE) |
Cinder |
|
Getting a list of volume types. |
{project_id}/types (GET) |
Getting disk information. |
{project_id}/volumes/{volume_id} (GET) |
Creating the disk. |
{project_id}/volumes (POST) |
Removing the disk that was created by the current user. |
{project_id}/volumes/{volume_id} (DELETE) |
Glance |
|
Getting image information. |
images/{image_id} (GET) |
Creating the image. |
images (POST) |
Downloading the image. |
images/{image_id}/file (PUT) |
Removing the image that was created by the current user. |
images/{image_id} (DELETE) |
Neutron |
|
Getting a list of networks. |
networks (GET) |
Getting a list of security groups. |
security-groups (GET) |
Creating a network port |
ports (POST) |
Deleting a network port |
ports/{port_id} (DELETE) |
Getting the ID of a network port |
ports/{port_id} (GET) |
Permissions for infrastructure object operations. |
Permissions for sending requests to OpenStack microservices API |
Keystone |
|
Authentication. Querying the state of authentication token for the current user. |
auth/tokens (POST/GET) |
Getting a list of available OpenStack projects for the current user. |
auth/projects (GET) |
Compute (Nova) |
|
Getting a list of virtual machines. |
servers/detail (GET) |
Getting virtual machine information. |
servers/{server_id} (GET) |
Getting a list of server groups. |
os-server-groups (GET) |
Getting a list of availability zones. |
os-availability-zone (GET) |
Getting a list of hypervisors. This permission is required only if you intend to apply licensing scheme that uses number of processors or number of processor cores on hypervisors, on which the protected virtual machines operate. |
/os-hypervisors/detail (GET) |
ALT Virtualization Server platform
The following accounts are required for installation and operation of the application on a basic hypervisor of the ALT Virtualization Server platform:
Astra Linux Platform
The following accounts are required for installation and operation of the application on a KVM hypervisor running on the Astra Linux platform:
Prior to starting installation of the application, you need to configure the user account that will be used for SVM deployment, removal and reconfiguration.