How to install Kaspersky Security 10.x for Windows Server on a server cluster
The article concerns:
- Kaspersky Security 10.1.2 for Windows Server
- Kaspersky Security 10.1.1 for Windows Server
- Kaspersky Security 10.1.0 for Windows Server
- Kaspersky Security 10.0.0 for Windows Server
Kaspersky Security 10.x for Windows Server can be installed on a server cluster (Microsoft Server Cluster) running in the Active/Active or in the Active/Passive mode. Kaspersky Security 10.x for Windows Server is a non-cluster-aware application, thus it is not necessary to stop the entire cluster before the installation. Nonetheless, we recommend that you stop the cluster software before the installation, or at least limit the load on cluster resources.
Kaspersky Security 10.x for Windows Server can be installed on a server cluster running under one of the operating systems listed in the system requirements.
Do not install Kaspersky Security 10.x for Windows Server on cluster drives. Otherwise, only the one cluster node that is currently owning the cluster disk will be protected.
Installation
Do the following on each node in the cluster:
- Stop the cluster node. Do this by stopping the Cluster Service on the given cluster node using the Cluster Administrator application. Wait for the failover process to complete successfully for all cluster resources owned by the given node.
- Install Kaspersky Security 10.x for Windows Server. If you have not previously stopped the Cluster Service on that node, you should clear the check box Enable Real-time protection after the installation in the Setup wizard when installing Kaspersky Security 10.x for Windows Server. If you are performing the installation in silent mode, you should use the following command line switch: /RUNRTP=0.
- Resume the cluster node. Do this by starting the Cluster Service on the given cluster node using the Cluster Administrator application. Wait for the failover process to complete successfully for all cluster resources owned by the given node.
Recommendations for implementation
- Exclude the cluster quorum disk (usually Q:) and the cluster logs folder (C:\Windows\Cluster) from the Real-time file protection scan on each cluster node where Kaspersky Security 10.x for Windows Server is installed.
- Do not use folders located on cluster disks for quarantine and backup storage paths.
- Do not use environment variables that point to files on cluster disks.
- When performing a remote installation using Kaspersky Security Center, use the cluster servers’ local names instead of a shared cluster name.
- All events and notifications generated by Kaspersky Security 10.x for Windows Server on each cluster node will contain the network name of the node, and not a shared cluster name.
- By default, shared cluster disks will be protected by Kaspersky Security 10.x for Windows Server on the cluster node that currently owns them.
- When migrating shared disks to a different cluster node, they will be protected by Kaspersky Security 10.x for Windows Server on that node.
- Do not use folders located on shared cluster disks as an update source.
- On-demand scan of shared cluster disks will not be resumed automatically if they are migrated to a different cluster node.
