Before installing the application upgrade package, it is recommended to first create a backup of the current state of each Central Node server to be updated and download it to the hard drive from the application administrator menu. If installing an application upgrade package fails, or if you need to reinstall Kaspersky Anti Targeted Attack Platform, you can use the backup copy of the application.
We also recommend learning about the limitations of the version to which you are upgrading.
If you are using the distributed solution and multitenancy mode, you need to upgrade each Central Node in accordance with the following procedure without disconnecting the SCNs from the PCN.
The disconnection of SCNs from the PCN is irreversible, you cannot reconnect an SCN to any PCN server.
The upgrade is delivered as an upgrade package. The package is included in the application distribution kit.
To update Central Node:
/data
directory./data
directory. To view the role, use the $ docker node ls
command.tar xvf /data/kata-upgrade-7.0.3.520-x86_64_en-ru.tar.gz -C /data/
cd /data/upgrade/
./run_kata_upgrade.py --patch-version 703
The user name entry window is displayed.
Default value: admin.
This opens the window for entering the path to the update archive.
Default value: /data/upgrade
Parts of the application related to NDR functionality will be displayed in the selected language.
The Central Node component is upgraded.
After the update is complete, we recommend restarting all updated Central Nodes. If Central Node is installed as a cluster, we recommend restarting all cluster servers one by one.
After upgrading a Central Node cluster, the alert table may not display new alerts generated by the IDS technology. We recommend checking that new alerts are displayed in the table by following the steps of the instructions below.
To see if new alerts are being displayed in the alerts table:
docker ps --format "table {{.Image}} | {{.Status}}"
curl "http://eicar.com/counter.php?act=1&uid=1&id=234"
This opens the table of alerts.
If the alert is missing from the table, follow the steps in the instructions to fix the limitation.
To remove the limitation:
sudo -i
docker service update --force kata_product_main_1_ids_alert_syncer
The limitation is removed.
If the test alert is missing from the table, please contact Technical Support.
Page top