Support

Support for business applications

Kaspersky Secure Mail Gateway

Upgrading KSMG to version 2.1

Kaspersky Secure Mail Gateway
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

Upgrading KSMG to version 2.1

May 23, 2024

ID 239410

This functionality is available if the user has the Edit settings permission to upgrade the program on the Control node and Edit settings and Create/edit/delete nodes permissions to upgrade the program on the Secondary node.

Upgrading to KSMG 2.1 is possible only from KSMG 2.0 MR1 (2.0.1.6960). If you want to upgrade KSMG to version 2.1 from version 2.0 (2.0.0.6478), you must first upgrade the application to version 2.0 MR1 (2.0.1.6960) or migrate settings from version 2.0.

When you upgrade to version 2.1, you lose all manual changes of configuration file templates in the /opt/kaspersky/ksmg-appliance-addon/share/templates/ and /opt/kaspersky/ksmg/share/templates/core_settings directories, including changes made to implement Technical Support recommendations. You must edit the files to make these changes again after the upgrade.

Upgrade scenario

Upgrading KSMG to version 2.1 involves the following steps:

  1. Preparing the virtualization environment

    If your virtualization environment uses the VMware ESXi hypervisor:

    • If you are using VMware ESXi 6.7, 6.5 or earlier, you must upgrade the hypervisor to version 7.0 Update 3 or 8.0 Update 2, or migrate your virtual machines to a supported hypervisor version.
    • If VMware EVC mode is enabled in the VMware vSphere cluster settings or virtual machine properties, you must set the compatibility level to at least Intel "Nehalem" Generation.
    • You must upgrade the virtual machine hardware to version 19 or later.

    If your virtualization environment uses the Microsoft Hyper-V Server hypervisor 2016 or earlier, you must upgrade the hypervisor to Microsoft Hyper-V Server 2019 or Microsoft Hyper-V Server 2022, or migrate your virtual machines to a supported hypervisor version.

  2. Copying modified files from a virtual machine

    Perform this step if you made changes to the configuration files of the operating system or the built-in MTA in Technical Support Mode. In this case, do the following:

    1. Make a list of the changes you made.
    2. For each item on the list, please request instructions from Kaspersky Technical Support on how to edit the configuration files of the operating system or MTA for KSMG 2.1.
    3. Edit the relevant files as instructed.
  3. Downloading the ZIP archive with upgrade package from the Kaspersky website and extracting the archive on your computer
  4. Installing the upgrade package

    You must upgrade each node of the cluster.

Disk space requirements

Minimum free disk space requirements for partitions on the node:

  • /tmp – 1536 MB (1.5 GB).
  • /var – 4 GB.
  • /var/log – 200 MB.
  • / – 1 GB.

Changes after the upgrade

After a successful upgrade of KSMG to version 2.1, the following changes occur on the nodes:

  • The web interface of the node is upgraded, the product version is changed.
  • The link to the KSMG 2.1 online help is updated.
  • New application functionality is added on the Control node of the cluster in all localization languages.
  • The previously added license key is applied.
  • The operating system is updated; manually edited operating system settings may be deleted.
  • The built-in Backup digest template is updated. The template is not updated if it has been manually edited.
  • If receiving settings via DHCP was configured for the network adapter, after the upgrade, the adapter settings will be modified so as to dynamically obtain the gateway address via DHCP. Using a static gateway when receiving network settings via DHCP is no longer supported.
  • The following data are kept:
    • Messages in Backup
    • Email traffic processing events
    • Data in the Dashboard section
    • Custom lists
    • Nodes
    • System log files available in Technical Support Mode
    • Messages in Quarantine
    • Messages in the MTA queue
    • Queue statistics by node, taking into account the latest data
    • Reports
    • User accounts and roles
    • Application settings
    • Web interface certificate
    • MTA certificates for TLS encryption
    • DKIM keys
    • SSH keys
    • Local administrator password
    • KATA certificates
  • The following data are removed:
    • Application events
    • Database upgrades
    • LDAP cache data
    • KSN cache data
    • Settings for publication of events to a SIEM system
    • Settings of the snmpd service for interaction with an external monitoring system via the SNMP protocol
    • All manually made changes to the configuration file templates, including the MTA configuration file

Recommendations

To avoid data loss, please do the following:

  • Manually upgrade databases every time you install upgrade packages on a node.
  • If necessary, configure the publishing of application events to the SIEM system from scratch.
  • If necessary, configure from scratch the settings of the snmpd service for interaction with an external monitoring system via the SNMP protocol.
  • If necessary, recreate the settings of the application that require editing KSMG configuration file templates.

You can find information about application events in system logs available in Technical Support Mode.

Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company
Web and device controls. Data encryption. Centralized and convenient management from a single console.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.