Creating a tenant and a virtual Administration Server

At this step of the tenant protection infrastructure deployment, tenant information is added to the Integration Server database and a virtual Administration Server is created for the tenant. The procedures are automated by means of the Integration Server REST API.

The actions performed in response to the REST API request depend on the tenant type specified when calling the REST API method: tenant protection infrastructure deployment is available only for the complete tenant type.

Specify the following information in the REST API request:

• Tenant name.
• Tenant type: Complete.
• Settings of the account used by the tenant administrator to connect to the virtual Administration Server configured for the tenant. During the procedure, an account with the main administrator permissions will be automatically created on the virtual Administration Server.

  Kaspersky Security Center verifies the uniqueness of account names within the main Kaspersky Security Center Administration Server and all its virtual Administration Servers. By default, if the account name is not unique, the account creation fails. If you want to use same account names for the virtual Administration Servers, you can disable uniqueness check for internal user names. See Kaspersky Security Center help for more information.

As a result of the procedure, the following actions are performed:

• The tenant data is saved in the Integration Server database and the tenant is assigned a unique identifier.
• Kaspersky Security Center virtual Administration Server and an account to be used by the tenant administrator to connect to the virtual Administration Server are created for each tenant.
• When the first tenant is registered in the console tree of Kaspersky Security Center main Administration Server, a folder with the Multitenancy KSV LA default name is created in the Managed devices folder. You can change this name if required.
• The following structure of folders and nodes is created for each tenant in the Multitenancy KSV LA folder:

  <Tenant name> folder

  • Administration Servers node
    • Administration Servers <Tenant name> node
      • Folders and administration groups required for managing protection of this tenant, similar to the structure of folders and groups of Kaspersky Security Center main Administration Server.
• The policies for enabling and disabling protection of the virtual machines with Kaspersky Security for Virtualization 5.1 Light Agent installed are created in the Multitenancy KSV LA → <Tenant name> folder.

  Policies for enabling and disabling protection are applied only if Kaspersky Security for Virtualization 5.1 Light Agent is installed in the tenant virtual infrastructure. Policies for enabling and disabling protection are used to define the SVM discovery settings and configure general operation settings for Light Agents. For more information about policies for enabling protection refer to Kaspersky Security for Virtualization 5.1 Light Agent Help.