There are two options for deploying Kaspersky Next XDR Expert: on multiple nodes or on a single node of the Kubernetes cluster. Before you start, we recommend that you familiarize yourself with the available deployment schemes, and then choose the one that best meets your organization's requirements. You can use the sizing guide that describes the hardware requirements and the recommended deployment option in relation to the number of devices in the organization.
Depending on the deployment option you choose, you may need the following hosts for the function of Kaspersky Next XDR Expert:
The administrator host is a physical or virtual machine that is used to deploy and manage the Kubernetes cluster and Kaspersky Next XDR Expert. Since KDT runs on the administrator host, this host must meet the requirements for KDT.
If the administrator host is not included in the cluster, it will be used only to deploy and manage the Kubernetes cluster and Kaspersky Next XDR Expert. If the administrator host is included in the cluster, it will also act as a target host that is used for operation of Kaspersky Next XDR Expert components. In this case, the host must meet the requirements for target hosts.
The target hosts are the physical or virtual machines that are used to deploy Kaspersky Next XDR Expert. The following target hosts are used:
Target hosts for installing the Kaspersky Next XDR Expert components
The hosts that are included in the Kubernetes cluster and between which the workload is distributed. The target hosts must meet the requirements for the selected deployment option (the multi-node or single node deployment).
You can use one of the target hosts as the administrator host to run the Kaspersky Next XDR Expert deployment from the target host. In this case, this host must also meet the requirements for KDT.
KUMA target hosts for installing the KUMA services
The target hosts that are not included in the Kubernetes cluster and that are used to install the KUMA services (collectors, correlators, and storages). The number of the KUMA target hosts depends on the amount of events that Kaspersky Next XDR Expert has to process.
The host for installing the DBMS is a separate server that is located outside the Kubernetes cluster. This host must meet the requirements for the database node.
If you want to receive telemetry from Kaspersky Anti Targeted Attack Platform and manage threat response actions on assets connected to Kaspersky Endpoint Detection and Response servers, you can install and configure Kaspersky Anti Targeted Attack Platform with Kaspersky Endpoint Detection and Response. Kaspersky Anti Targeted Attack Platform is a standalone solution that must be installed on a separate server that is not included in the Kubernetes cluster. For details about KATA deployment scenarios, refer to the KATA documentation.
Multi-node deployment
In the multi-node deployment, the Kaspersky Next XDR Expert components are installed on several worker nodes of the Kubernetes cluster and if one node fails, the cluster can restore the operation of components on another node.
In this configuration, you need at least six seven hosts:
4 target hosts for installing the Kubernetes cluster and the Kaspersky Next XDR Expert components
1 host acting both as the administrator and target host
3 target hosts
If you want to use the administrator host located on a separated host outside the cluster, you will need have to allocate one additional host for the deployment.
1 host for installing the DBMS
1 KUMA target host for installing the KUMA services
Single-node deployment
In the single-node deployment, all Kaspersky Next XDR Expert components are installed on a single node of the Kubernetes cluster. You can perform the single-node deployment of Kaspersky Next XDR Expert if you need a solution that requires fewer computing resources.
In this configuration, you need at least two hosts:
1 target host for installing the Kubernetes cluster, the Kaspersky Next XDR Expert components, and the DBMS
This host acts both as the administrator and target host. If you want to use the administrator host located on a separated host outside the cluster, you will need have to allocate one additional host for the deployment.
1 KUMA target host for installing the KUMA services
In this configuration, the DBMS does not require a separate node but should be installed manually on the target host before the Kaspersky Next XDR Expert deployment.