KATA protection
July 3, 2024
ID 138414
You can configure the integration of KSMG with Kaspersky Anti Targeted Attack Platform.
Kaspersky Anti Targeted Attack Platform (KATA) is an application designed for the protection of corporate IT infrastructure and timely detection of threats such as zero-day attacks, targeted attacks, and advanced persistent threats (hereinafter also referred to as "APT").
As a result of the integration, KSMG will be able to send email messages to KATA for scanning and receive the scan results. KATA scans messages for signs of targeted attacks and intrusions into the corporate IT infrastructure.
Based on the results of a KATA scan, the KSMG application can block individual messages.
The following KATA integration variants are possible:
- With a single KATA server.
For integration, it is sufficient to specify the IP address of the KATA server with the Central Node component. If the Central Node component is deployed as a cluster (available for KATA version 5.0 and later), you can specify the IP address of any processing server in the cluster.
The address is specified in KATA integration settings in the web interface of the KSMG Control node.
- With a KATA cluster and a local balancer (available for KATA 5.0 and later).
Multiple KATA processing servers from the Central Node cluster provide fault tolerance — if connection becomes lost with one of the servers, the clients automatically switch to one of the other available servers.
The administrator separately installs a local load balancer on KSMG cluster nodes. The local balancer monitors the availability of KATA servers for each node and provides automatic switching between KATA servers.
