Selecting infrastructure for SVM deployment

At this step, you need to select the virtual infrastructure in which you want to deploy the SVM. If SVM deployment was not previously performed in this virtual infrastructure, you need to configure the connection of the SVM Management Wizard to the virtual infrastructure. Then select the hypervisors or OpenStack projects for SVM deployment depending on the type of virtual infrastructure.

To configure the connection of SVM Management Wizard to the virtual infrastructure:

  1. Click the Add button.
  2. In the Virtual infrastructure connection settings window that opens, specify the following settings:
    • Type

      For a virtual infrastructure based on the ALT Virtualization Server platform, you need to select KVM as the type of virtual infrastructure object that the SVM Management Wizard will connect to.

      For a virtual infrastructure on the VK Cloud platform, select Keystone microservice (OpenStack platform) as the type of virtual infrastructure object to which you want SVM Management Wizard to connect.

    • Protocol

      The Protocol field is displayed if you are configuring a connection to a virtual infrastructure based on the OpenStack platform, VK Cloud platform or TIONIX Cloud Platform.

    • Addresses
    • OpenStack domain

      The OpenStack domain field is displayed if you are configuring a connection to a virtual infrastructure based on the OpenStack platform, VK Cloud platform or TIONIX Cloud Platform.

    • User name
    • Password
  3. If you are deploying an SVM in a virtual infrastructure running on Citrix Hypervisor, VMware vSphere, KVM, Proxmox VE, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, OpenStack, ALT Virtualization Server, Astra Linux, VK Cloud platform, or TIONIX Cloud Platform, when connecting the Integration Server to the virtual infrastructure during Kaspersky Security operation, we recommend using an account with restricted permissions for virtual infrastructure operations. Select the Account with limited rights check box and specify the settings of the user account that the Integration Server will use to connect to the virtual infrastructure during Kaspersky Security operation.

    If the check box is cleared, during Kaspersky Security operation the Integration Server will connect to the virtual infrastructure using the same user account that is used for SVM deployment, removal and reconfiguration.

    In a virtual infrastructure running on the Microsoft Hyper-V platform, you can connect to the virtual infrastructure during Kaspersky Security operation only by using the same user account that is used for SVM deployment, removal and reconfiguration.

  4. Click the Connect button.

    The Virtual infrastructure connection settings window closes. The Wizard adds the selected virtual infrastructure objects to the list and attempts to establish a connection.

    The Wizard verifies the authenticity of all virtual infrastructure objects with which the connection is established.

    Authenticity is not verified for a Microsoft Windows Server (Hyper-V) hypervisor.

    For Keystone microservices, authenticity is verified only when using the HTTPS protocol to connect the SVM Management Wizard to the virtual infrastructure.

    To verify authenticity, the Wizard receives the SSL certificate or fingerprint of the public key from each virtual infrastructure object and verifies them.

    If the authenticity of the received certificate(s) cannot be established, the Verify certificate window opens with a message about this. Click the link in this window to view the details of the received certificate. If the certificate complies with the security policy of your organization, you can confirm the authenticity of the certificate and continue connecting to the virtual infrastructure object. The received certificate will be installed as a trusted certificate on the device where the Kaspersky Security Center Administration Console is installed. If you do not consider this certificate to be authentic, click the Cancel button in the Verify certificate window to disconnect, and replace the certificate with a new one.

    If the authenticity of the open key could not be established, the Verify public key fingerprint window opens with a message about this. You can confirm the authenticity of the open key and continue the connection. The open key fingerprint will be saved on the device where the Kaspersky Security Center Administration Console is installed. If you do not consider this open key to be authentic, click the Cancel button in the Verify public key fingerprint window to terminate the connection.

    If a connection cannot be established with a virtual infrastructure object, information about the connection errors is displayed in the table.

The table displays information about the virtual infrastructures whose connections are configured for SVM Management Wizard. If SVMs are already deployed in the virtual infrastructure, the table also contains information about them. Each row of the table displays a hierarchical list of virtual infrastructure objects and the following information:

You can search the list of virtual infrastructure objects based on the Name/Address column. The search starts as you type in the Search field. The table displays only those virtual infrastructure objects that meet the search criteria. To reset the search results, delete the contents of the Search field.

You can update the list of virtual infrastructure objects using the Refresh button above the table. When updating a list, the Wizard verifies the SSL certificates or fingerprints of the public key, just like what happens when adding virtual infrastructure objects to the list.

You can use buttons in the Name/Address column to:

To select infrastructure for SVM deployment:

  1. Depending on the type of the virtual infrastructure, select check boxes in the table to the left of the names of the hypervisors on which you want to deploy an SVM, or the OpenStack projects in which you want to deploy an SVM.

    You can select hypervisors or OpenStack projects that are not subject to SVM deployment restrictions.

    If SVMs are being deployed in an infrastructure based on the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform, simultaneous SVM deployment in different infrastructures is not supported. You can deploy SVMs in only one of these infrastructures at a time, or in one or more infrastructures of other types.

    The simultaneous deployment of SVMs within OpenStack projects, which are running on different Keystone microservices, is not supported. You can simultaneously deploy SVMs only in OpenStack projects that are running on the same Keystone microservice.

  2. If you want to enable concurrent SVM deployment on several hypervisors, or within several OpenStack projects, select the Allow parallel deployment on N hypervisors or Allow parallel deployment on N SVMs check box (depending on the type of the virtual infrastructure), and specify the number of hypervisors on which SVMs will be deployed concurrently, or the number of SVMs.

Proceed to the next step of the wizard.

Page top