Creating a backup copy and restoring the application from backup

If you are using the non fault-tolerant version of the application, you can create a backup copy of the application and then restore it from the backup copy.

For a standalone Central Node server, you can create a backup copy of the data from this Central Node server.

If you are using the distributed solution and multitenancy mode, you can:

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

• Create a backup copy of PCN data.
• Create a backup copy of SCN data.

  Restoring data from a backup copy of the SCN will change the role of the server from SCN to standalone Central Node server.

Follow the procedure for creating the backup copy of the application on the server for which you want to create a backup copy of the data.

Kaspersky Anti Targeted Attack Platform may contain user data and other confidential information. The Kaspersky Anti Targeted Attack Platform administrator must take steps to ensure the security of this data when creating a backup copy of the application, when replacing equipment on which the application is installed, or in other cases when it may be necessary to permanently delete data. The Kaspersky Anti Targeted Attack Platform administrator bears responsibility for access to data stored on application servers.

You can create a backup copy of the following data:

• The application database.
• Objects in Storage.
• Files from alerts generated during a rescan.
• Sandbox artifacts.
• Configuration files.
• Information about KATA and KEDR licenses.
• Central Node or PCN settings:
  • If you are using a standalone Central Node server, a backup copy of Central Node settings is created.
  • If you are using the distributed solution and multitenancy mode and are managing the PCN server, a backup copy of PCN settings is created.
  • If you are using the distributed solution and multitenancy mode and are managing the SCN server, you can create a backup copy of the SCN, but restoring data from a backup copy will change the role of the server from SCN to standalone Central Node server.

You can clear the directory before creating a backup copy of the application.

Before the application is restored from a backup copy, the following is cleared on the Central Node or PCN server on which the application is being restored:

• The application database.
• Objects in Storage.
• Files from alerts generated during a rescan.
• Sandbox artifacts.
• Configuration files.
• Information about KATA and KEDR licenses.
• Central Node or PCN settings.

  Contents and volume of data exported for the creation of a backup copy of the application

  Maximum data volume	Data type	Exported data	Application operation mode
  4 GB	Central Node settings. The application database on Central Node: Alerts and VIP statuses of alerts Tasks and task execution results Policies User-defined TAA (IOA) rules and exclusions User-defined IDS rules and exclusions IOC files Scan exclusion rules Information about files in Storage Information about quarantined objects List of computers with Endpoint Agent Reports and report templates User account data Notifications	Central Node settings, if selected. Application databases, by default.	Standalone Central Node server.
  4 GB	PCN settings.	Custom	Distributed solution and multitenancy mode.
  4 GB	SCN settings.	Custom As for a standalone Central Node server.	Distributed solution and multitenancy mode.
  4 GB	Application databases on the PCN: Alerts and VIP statuses of alerts Task execution results Policies User-defined TAA (IOA) rules and exclusions User-defined IDS rules and exclusions IOC files List of data excluded from the scan Information about files in Storage Information about quarantined objects List of Kaspersky Endpoint Agent hosts Reports and report templates User account data Notifications	Default	Distributed solution and multitenancy mode.
  No	Configuration files.	Yes	All modes.
  No	KATA and KEDR licenses.	Yes	All modes.
  300 GB	Backup	Custom	All modes.
  300 GB	Sandbox artifacts.	Custom	All modes.
  300 GB	Files from alerts generated during a rescan.	Custom	All modes.
  No	Events database.	None.	All modes.

Files that are in the scan queue when the backup copy of the application is created are not exported.

The versions of the application being restored must match the version of the application installed on the server. If the versions of the application do not match, an error message is displayed when the application restoration is initiated, and the restoration process is terminated.