Support

Support for business applications

Kaspersky Anti Targeted Attack (KATA) Platform

Distributed solution and multitenancy

Modifications of application settings for the distributed solution and multitenancy mode

Kaspersky Anti Targeted Attack (KATA) Platform
Нет результатов
Knowledge Base Online Help
FAQ Download Forum Contact support Recovery tools

Modifications of application settings for the distributed solution and multitenancy mode

8 November 2023

ID 247813

Modifications of application settings for the distributed solution and multitenancy mode are listed in the following table.

Modifications of application settings when switching to the distributed solution and multitenancy mode

Functional area

PCN

SCN

Users

Users and roles assigned to them are preserved. Additionally, PCN users are granted access rights to work with PCN and all connected SCNs.

All users are deleted except the user that was created while Central Node was deployed.

After that, the SCN requests a list of users from the PCN and uses that list to create local users with the same parameters:

  • Name
  • Password
  • Role
  • Status

     

Users that do not have rights to access the SCN, are not displayed in the list of users.

Alerts

Information about all alerts from all connected SCNs is added to the PCN database.

The user name is no longer displayed in existing alert information. User data are deleted from alert operation history.

Dashboard

On the Alerts tab, you can now select the SCNs whose information must be displayed in the widget.

On the System health tab, the status of connection of the PCN with connected SCNs is now displayed.

On the System health tab, the status of connection with the PCN is now displayed.

Tasks

Tasks created on the Central Node server before it was assigned the PCN role, as well as tasks created on the PCN after switching to distributed solution mode, apply to all connected SCNs.

Tasks created on SCNs are also displayed in the task list. Settings of these tasks cannot be changed on the PCN.

Tasks created on the PCN are displayed, as well as tasks created on this SCN.

Settings of tasks created on the PCN cannot be changed.

Reports

Templates and reports created before the switch to distributed solution mode are preserved.

A Servers column is added to the report table, containing information about the relevant SCN for the alert.

After switching to distributed solution mode, only reports created on a PCN are displayed.

Templates and reports created before the switch to distributed solution mode are preserved.

Information about the user who created the report is preserved if the PCN has a user with the same ID (guid). In other cases user information is deleted.

After switching to distributed solution mode, only reports created on an SCN are displayed.

Prevention

Policies created on the Central Node server before it was assigned the PCN role, as well as policies created on the PCN after switching to distributed solution mode, apply to all connected SCNs.

Policies created on SCNs are also displayed in the policy list. Settings of these policies cannot be changed on the PCN.

Policies created on the PCN are displayed, as well as policies created on this SCN.

Settings of policies created on the PCN cannot be changed.

Storage

All files and metadata that were stored on PCNs before the switch to distributed solution mode are preserved. The name of the PCN is displayed for them in the Central Node column.

The PCN also keeps the contents of the Storage of all connected SCNs.

All files and metadata that were stored on SCNs before the switch to distributed solution mode are preserved.

TAA exclusions

No changes.

No changes.

VIP status

No changes.

No changes.

Notification rules

No changes.

No changes.

Integration with mail sensors

No changes.

No changes.

Threat Hunting

During threat hunting in the database, the PCN sends a request to all connected SCNs. After the search query is processed, a list of PCN and SCN events of the selected tenant is displayed.

No changes.

Custom rules ‑ TAA

IOC files added on the Central Node server before it was assigned the PCN role are applied to the PCN.

TAA (IOA) rules that were added on the Central Node server before it was assigned the PCN role are applied to the PCN.

IOC files and TAA (IOA) rules added on the PCN, as well as IOC files and TAA (IOA) rules added on this SCN before and after switching to distributed solution mode are displayed.

Backup of the application

Backup of the application is only available on a PCN that does not have SCNs connected.

To back up the application on a PCN, disconnect all SCNs from the PCN.

Backup of the application on an SCN is not available.

To back up the application on an SCN, disconnect that server from the PCN by switching it to standalone server mode.

See also

Distributed solution and multitenancy mode transition scenario

Assigning the PCN role to a server

Assigning the SCN role to a server

Processing SCN to PCN connection requests

Viewing information about tenants, PCN and SCN servers

Adding a tenant to the PCN server

Deleting a tenant from the PCN server

Renaming a tenant on the PCN server

Disconnecting an SCN from PCN

Modifications of application settings for disconnecting an SCN from PCN

Decommissioning an SCN server

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.