• We have implemented distributed solution mode enables centralized management of servers that have Central Node components.
• The program distribution kit now includes virtual machines for the Sandbox component with pre-activated Microsoft operating systems and software.
• We have added:
  • Network isolation of hosts with the Endpoint Sensors component.
  • The option of configuring Central Node components through the application web interface.
  • Display of Kaspersky Endpoint Security alerts in the web interface.
  • Notifications for users of computers with the Endpoint Sensors component about the execution of program tasks on their computers.
  • The option of saving Kaspersky Anti Targeted Attack Platform alerts to Kaspersky Private Security Network (KPSN) local reputation database.
  • The capability to manually load objects to be scanned by the program through the web interface.
  • Notifications for program users about program malfunctions.
  • The feature of creating lists of passwords for unlocking password-protected archives.
  • Support of Windows 10.
• We have improved display of Windows event log records.
• We have removed the support for 32-bit Windows 7 on virtual machines for the Sandbox component.
• We have lifted several limitations on receiving events from the Windows log.

How to prepare your corporate IT infrastructure for program installation

Before installation of the program, prepare your corporate IT infrastructure:

1. Ensure that the servers, the computer intended for working with the program web interface, and the computers to be installed with the Endpoint Sensors component meet the hardware and software requirements.
2. Perform the following preliminary preparations of the corporate IT infrastructure for installation of the Sandbox component:
   • For both network interfaces, block access of the server hosting the Sandbox component to the corporate LAN in order to keep the network safe from the objects being analyzed.
   • For the first network interface, allow Internet access for the server hosting the Sandbox component for the purposes of database updates and analysis of the behavior of objects.
   • For the second network interface, allow inbound connections to ports 22 and 443 for the server hosting the Sandbox component.
3. Prepare the organization’s IT infrastructure to the installation of the Central Node component:
   • Allow connections to ports 22, 80, 443, 8443, 161, 8081, 6379, and 5432 for the server with the Central Node component.
   • Allow connections to ports 22, 443, 161, 8081, 6379, and 5432 for the server with the Sensor component.
   • Allow connections to ports 22 and 443 for the server with the Sandbox component.
   • Allow connections to port 443 for computers and servers with the Endpoint Sensors component.
   • Allow incoming connections to computers hosting the Endpoint Sensors component and the server hosting the Central Node component directly, without a proxy server.

The infrastructure is ready for installing the component. If necessary, you can assign other ports for the application components in the administrator menu of the server with the Central Node component. If you change the ports in the administrator menu, allow connections to these ports in your corporate IT infrastructure.

How to install program components

1. Install the disk image containing the Sandbox component.
2. Configure the Sandbox component through the Sandbox web interface.
3. Install the disk images of Microsoft Windows operating systems and applications for the Sandbox component.
4. Install the disk image containing the Central Node and Sensor components. 
5. If there are multiple Central Node components, you can use the program in distributed solution mode.
6. Configure the Central Node and Sensor components.
7. Install the Endpoint Sensors component on computers within the corporate IT infrastructure.

The application components are installed.

How to begin working with the web interface

1. In a browser on any computer on which access to the Central Node server has been allowed, enter the IP address of the server with the Central Node component.
2. Enter the user name and password that you specified during installation and configuration of the Central Node component to access the program web interface.

The main window of the application web interface will open. Now you can start using the web interface.

How to use the administrator menu

To start working in the program administrator menu in the management console of a server with program components:

1. Enter the management console of the server whose settings you want to change via the SSH protocol or through the terminal.
2. When the system prompts you, enter the user name and password that was specified for working in the administrator menu during installation of the Sandbox component.

The program administrator menu is displayed. Now you can start using the administrator menu.

How to start using the program in Technical Support Mode

1. Enter the management console of the server with which you want to work in Technical Support Mode via the SSH protocol or through a terminal.
2. When the system prompts you, enter the administrator user name "admin" and the password that was specified during deployment of the program.
3. In the program administrator menu, select Technical Support Mode.
4. Press Enter.
5. If you are sure you would like to work with the program in Technical Support Mode, select Yes and press ENTER. Press Enter.

Kaspersky Anti Targeted Attack Platform does not support integration with Kaspersky Security Center in distributed solution mode.