Upgrading from a previous version of the application

You can upgrade the following application versions to Kaspersky Security for Virtualization 5.0 Agentless:

• Kaspersky Security for Virtualization 4.0 Service Pack 1 Maintenance Release 1 Agentless
• Kaspersky Security for Virtualization 4.0 Service Pack 1 Agentless
• Kaspersky Security for Virtualization 4.0 Agentless

The following application upgrade options are available:

1. Upgrading the application installed in an infrastructure managed by a VMware vCenter server and VMware NSX Manager.
2. Upgrading the application installed in an infrastructure managed by a VMware vCenter Server and VMware vShield Manager, with migration to the VMware NSX platform.

Upgrading the application installed in an infrastructure managed by a VMware vCenter server and VMware NSX Manager

Before beginning an upgrade of the application, you are advised to make sure that the VMware virtual infrastructure meets the Kaspersky Security software requirements. If the VMware clusters protected by Kaspersky Security include VMware ESXi 5.5 hypervisors, prior to beginning the application upgrade the following actions must be performed:

1. For all VMware clusters that include one or more VMware ESXi 5.5 hypervisors, remove the deployed Kaspersky Security services. Removal is performed in the VMware vSphere Web Client console (in the Networking & Security / Installation and Upgrade section on the Service Deployments tab).
2. Upgrade all VMware ESXi 5.5 hypervisors for compliance with the Kaspersky Security software requirements or remove all VMware ESXi 5.5 hypervisors from the VMware clusters that you want to protect using Kaspersky Security.

An upgrade consists of the following steps:

1. Updating Kaspersky Security Center For proper functioning of Kaspersky Security for Virtualization 5.0 Agentless, you must upgrade Kaspersky Security Center to one of the following versions:
   • Kaspersky Security Center 10 Service Pack 3
   • Kaspersky Security Center 10 Service Pack 2 Maintenance Release 1

   For Kaspersky Security Center update instructions, see the Kaspersky Security Center documentation.

   During the Kaspersky Security Center update to Kaspersky Security Center 10 Service Pack 3, the previous version of Kaspersky Security administration plug-in is automatically deleted.

2. Upgrading the Kaspersky Security administration plug-in, Integration Server, and Integration Server Management Console.
3. Updating SVMs with Kaspersky Security components in the virtual infrastructure.

   When an SVM with the File Anti-Virus component is updated, the copies of files that were placed in Backup are automatically deleted.

4. Converting policies and tasks.

After an upgrade is complete, you are advised to make sure that the application activation task and application database update task are being performed on new SVMs, and that a policy is being applied.

Upgrading the application installed in an infrastructure managed by a VMware vCenter Server and VMware vShield Manager, with migration to the VMware NSX platform

An upgrade consists of the following steps:

1. Removing the File Anti-Virus and Network Threat Detection components of the previous version of the application. The component removal procedure can be found in the documentation for Kaspersky Security for Virtualization 4.0 Service Pack 1 Agentless or Kaspersky Security for Virtualization 4.0 Agentless.

   When an SVM with the File Anti-Virus component is removed, the copies of files that were placed in Backup are automatically deleted.

2. Upgrading the VMware virtual infrastructure for compliance with Kaspersky Security software requirements. In the virtual infrastructure, you must remove VMware vShield Manager and deploy VMware NSX for vSphere 6.4.1 or VMware NSX for vSphere 6.3.6. Components of Kaspersky Security for Virtualization 5.0 Agentless cannot operate in an infrastructure managed by a VMware vCenter server and VMware vShield Manager.
3. Preparing the virtual infrastructure for installation of Kaspersky Security components.
4. Updating Kaspersky Security Center For proper functioning of Kaspersky Security for Virtualization 5.0 Agentless, you must upgrade Kaspersky Security Center to one of the following versions:
   • Kaspersky Security Center 10 Service Pack 3
   • Kaspersky Security Center 10 Service Pack 2 Maintenance Release 1

   For Kaspersky Security Center update instructions, see the Kaspersky Security Center documentation.

   During the Kaspersky Security Center update to Kaspersky Security Center 10 Service Pack 3, the previous version of Kaspersky Security administration plug-in is automatically deleted.

5. Upgrading the Kaspersky Security administration plug-in, Integration Server, and Integration Server Management Console.
6. Configuring the settings for connecting the Integration Server to one or several VMware vCenter Servers.
7. Installing the new versions of File Anti-Virus and Network Threat Detection components in the virtual infrastructure.
   1. Registration of Kaspersky Security services in VMware NSX Manager: the file system protection service (Kaspersky File Antimalware Protection) and the network protection service (Kaspersky Network Protection).
   2. Configuration of an NSX Security Group and NSX Security Policy.
   3. Deploying SVMs with the new versions of the File Anti-Virus and Network Threat Detection components on VMware ESXi hypervisors.

   After SVMs are deployed, in Kaspersky Security Center a new KSC cluster is created for each VMware vCenter server that manages SVMs with the new version of Kaspersky Security. In the Kaspersky Security Center Administration Console, in the Managed devices folder, an administration group is created for each new KSC cluster.

   The new KSC cluster and the administration group created for it are assigned the name VMware vCenter '<name>' (<IP address>) Agentless, where:

   • <name> is the name of the VMware vCenter server corresponding to the new KSC cluster. If the name of the VMware vCenter server is not defined or matches its IP address, the name is omitted.
   • <IP address> is the IP address of the VMware vCenter server corresponding to the new KSC cluster.

   The Kaspersky Security Center Administration Console also displays the administration group created for the KSC cluster that contains SVMs with the previous version of Kaspersky Security.

   The KSC cluster for the previous version of the application and the administration group created for it are named VMware vCenter "<name>" (<IP address>), where:

   • <name> is the name of the VMware vCenter server corresponding to the KSC cluster for the previous version of the application. If the name of the VMware vCenter server is not defined or matches its IP address, the name is omitted.
   • <IP address> is the IP address of the VMware vCenter server corresponding to the KSC cluster for the previous version of the application.
8. Converting policies and tasks.
9. Application activation and update of the application databases on all SVMs.