Changing and deleting the settings for connection of the Integration Server to the virtual infrastructure

The Integration Server connects to each protected virtual infrastructure and receives necessary information for application operation. Depending on the type of protected virtual infrastructure the Integration Server connects to one of the following virtual infrastructure objects:

• hypervisor;
• virtual infrastructure administration server;
• Keystone microservice.

When connecting to virtual infrastructure objects, the Integration Server uses settings that were specified during installation of the Protection Server by default.

In the Infrastructure connection settings section of the Integration Server Console, you can perform the following actions:

• Edit the settings for connecting the Integration Server to virtual infrastructure (except for the infrastructure address).
• In the infrastructure running on VMware vCenter Server: enable or disable the use of VMware NSX Manager by Kaspersky Security, and modify the settings for connecting the Integration Server to VMware NSX Manager.
• Delete the virtual infrastructure from the list of infrastructures to which the Integration Server connects.

The Infrastructure connection settings section of the Integration Server Console displays a list of all virtual infrastructures to which the Integration Server connects.

The list is displayed as a table, with each row containing the following information:

• Infrastructure

  Type of virtual infrastructure and IP address in IPv4 format or the fully qualified domain name (FQDN) of the virtual infrastructure object to which the Integration Server connects for interaction with virtual infrastructure.

  For an infrastructure running on VMware vCenter Server with VMware NSX Manager by Kaspersky Security enabled, the column displays the IP address in IPv4 format or the fully qualified domain name (FQDN) of VMware NSX Manager.

• State

  Status of the connection between the Integration Server and the virtual infrastructure.

For a virtual infrastructure based on the ALT Virtualization Server platform, KVM is displayed as the type of a virtual infrastructure that the Integration Server connects to.

If the Integration Server is not connected to the virtual infrastructure object, the table displays an error message.

The Integration Server verifies the authenticity of all virtual infrastructure objects with which a connection is being established, except a Microsoft Windows Server (Hyper-V) hypervisor. Authenticity is not verified for a Microsoft Windows Server (Hyper-V) hypervisor. Authenticity verification for TIONIX Cloud Platform and OpenStack platform microservices is performed only when you use the HTTPS protocol for connecting the Integration Server to a virtual infrastructure.

To verify authenticity, the Integration Server receives an SSL certificate or fingerprint of the public key from each virtual infrastructure object and verifies them.

If it fails to ascertain the authenticity of the certificate or public key received from the virtual infrastructure object, the Integration Server breaks the connection with the virtual infrastructure. An error message is displayed in the table. You can resolve this error in one of the following ways:

• Confirm the authenticity of the certificate or public key received from the virtual infrastructure object.
• Replace the existing certificate with a new one, if you suggest that the existing certificate is not authentic.

To confirm the authenticity of the certificate or public key received from the virtual infrastructure object:

1. Go to the SVM Management section of Integration Server Console, then launch SVM Management Wizard, and open the list of virtual infrastructures to which connection for SVM Management Wizard is configured (see, for example, the "Selecting infrastructure for SVM deployment" step of the Protection Server installation procedure).
2. Confirm authenticity of the certificate or public key in the opened Certificate verification or Open key fingerprint verification window (it depends on the type of the virtual infrastructure object).

If the use of VMware NSX Manager by Kaspersky Security is enabled, the Integration Server also checks the VMware NSX Manager certificate and the table displays a message if a certificate error is detected. You can resolve an error in the VMware NSX Manager certificate in one of the following ways:

• Verify the authenticity of the certificate. To view information about the received certificate, you need to click the Confirm VMware NSX Manager certificate authenticity link that is displayed in the error message. If the certificate complies with the security policy of your organization, you can confirm the authenticity of the certificate and continue connecting to VMware NSX Manager. To do so, click the Consider certificate to be authentic button in the Certificate verification window. The received certificate will be installed as a trusted certificate on the device where the Kaspersky Security Center Administration Console is installed.
• If you do not consider the certificate trustworthy, you can disconnect by clicking the Cancel button, and replace the certificate with a new one.

In this section: Changing the settings for connection of the Integration Server to the virtual infrastructure Deleting the settings for connection of the Integration Server to the virtual infrastructure

Page top