Support

Support for business applications

Kaspersky XDR Expert

Deployment of Kaspersky Next XDR Expert

Deployment scheme: Distributed deployment

Kaspersky Next XDR Expert
Online Help
FAQ Forum Contact support Recovery tools

Deployment scheme: Distributed deployment

May 15, 2024

ID 270598

Get as PDF

You have several options for deploying Kaspersky Next XDR Expert. Before you start, ensure that you are familiar with the different deployment schemes, and then choose the one that best meets your organization's requirements.

This section provides a description of the distributed deployment scheme.

The distributed scheme of <XDR_ NAME> deployment.

Distributed deployment scheme of Kaspersky Next XDR Expert

The distributed deployment scheme of Kaspersky Next XDR Expert contains the following main components:

  • Administrator host. On this host, an administrator uses Kaspersky Deployment Toolkit to deploy and manage the Kubernetes cluster and Kaspersky Next XDR Expert. The administrator host is not included in the Kubernetes cluster.
  • Kubernetes cluster. A Kubernetes cluster includes the controller node (also referred to as primary node during the deployment procedure) and, at a minimum, three worker nodes. The number of worker nodes may vary. On the scheme, the distribution of Kaspersky Next XDR Expert components among the worker nodes is shown as an example. Actual component distribution may vary.
  • DBMS server. A server with an installed database management system is required for the proper function of Kaspersky Next XDR Expert components. An administrator uses Kaspersky Deployment Toolkit to install the DBMS.
  • Hosts with KUMA services. The KUMA services (collectors, correlators, and storages) are installed on the hosts that are located outside the Kubernetes cluster. The number of target hosts for KUMA services may vary.
  • KATA with KEDR. Kaspersky Anti Targeted Attack Platform with the Kaspersky Endpoint Detection and Response functional block. For details about KATA deployment scenarios, refer to the KATA documentation.
  • Kaspersky Next XDR Expert user host. A user device that is used to sign in to OSMP Console or KUMA Console.
  • Secondary Administration Servers (optional). Secondary Administration Servers are used to create a Server hierarchy.
  • Managed devices. Client devices protected by Kaspersky Next XDR Expert. Each managed device has Network Agent installed.

Ports

The scheme does not provide all of the ports required for successful deployment. For the full list of ports, refer to the Ports used by Kaspersky Next XDR Expert section.

Scheme legend:

Icon 1 on the deployment scheme On the scheme, the communication within the Kubernetes cluster between hosts and between Kaspersky Next XDR Expert components is not shown. For details, refer to the Ports used by Kaspersky Next XDR Expert section.

Icon 2 on the deployment scheme For the list of ports that must be opened on the managed devices, refer to the Ports used by Kaspersky Next XDR Expert section.

Icon 3 on the deployment scheme For details about integration with KATA, including KEDR functional block, refer to the Integration with KATA/KEDR section.

Icon 4 on the deployment scheme On the scheme, the KUMA services are deployed according to the distributed deployment scheme. The number of target hosts for KUMA services may vary. The list of ports to be opened depends on the selected deployment scheme. For the full list of ports, refer to the Ports used by Kaspersky Next XDR Expert section.

Icon 5 on the deployment scheme Port TCP 7221 and other ports to install services. You specify these ports as a value for --api.point <port>.

See also:

Architecture of Kaspersky Next XDR Expert

Distributed deployment: Specifying the installation parameters

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.