Contents of exported data

Kaspersky Anti Targeted Attack Platform may contain user data and other confidential information. The Kaspersky Anti Targeted Attack Platform administrator must take steps to ensure the security of this data when creating a backup copy, when replacing equipment on which the application is installed, or in other cases when it may be necessary to permanently delete data. The Kaspersky Anti Targeted Attack Platform administrator bears responsibility for access to data stored on application servers.

You can create a backup copy of the following data:

The application database.
Objects in Storage.
Files from alerts generated during a rescan.
Sandbox artifacts.
Configuration files.
Central Node or PCN settings:

You can clear the directory before creating a backup copy of the application.

Before restoring data from backup, the following is cleared on the Central Node or PCN server on which the application is being restored:

The application database.
Objects in Storage.
Files from alerts generated during a rescan.
Sandbox artifacts.
Configuration files.

Central Node or PCN settings.

Contents and amount of data exported to create a backup copy

Data type	Exported data	Application operation mode	Deployment method
Central Node settings. The application database on Central Node: Alerts and VIP statuses of alerts Tasks and task execution results Policies User-defined TAA (IOA) rules and exclusions User-defined IDS rules and exclusions IOC files Scan exclusion rules Information about files in Storage Information about quarantined objects List of computers with Endpoint Agent Reports and report templates User account data Notifications	Central Node settings, if selected. Application databases, by default.	Standalone Central Node server.	All deployment methods.
PCN settings.	Custom	Distributed solution and multitenancy mode.	All deployment methods.
SCN settings.	Custom As for a standalone Central Node server.	Distributed solution and multitenancy mode.	All deployment methods.
Application databases on the PCN: Alerts and VIP statuses of alerts Task execution results Policies User-defined TAA (IOA) rules and exclusions User-defined IDS rules and exclusions IOC files List of data excluded from the scan Information about files in Storage Information about quarantined objects List of Kaspersky Endpoint Agent hosts Reports and report templates User account data Notifications	Default	Distributed solution and multitenancy mode.	All deployment methods.
Configuration files.	Yes	All modes.	All deployment methods.
Backup	Custom	All modes.	Non-high-availability version.
Sandbox artifacts.	Custom	All modes.	Non-high-availability version.
Files from alerts generated during a rescan.	Custom	All modes.	Non-high-availability version.
Events database.	None.	All modes.	All deployment methods.

Files that are in the scan queue when the backup copy of the application is created are not exported.

Page top