Upgrading Kaspersky Anti Targeted Attack Platform

You can upgrade Kaspersky Anti Targeted Attack Platform from version 5.0 to version 5.1.

You cannot migrate from the non-fault-tolerant version of the application to the fault-tolerant version by upgrading it — if you are using the non-fault-tolerant version of the application, you can only install the non-fault-tolerant version during the upgrade, and vice versa.

Upgrading the application involves the following steps:

1. Upgrading the Sandbox component.

   The application does not have a standard upgrade procedure. You must install the component version 5.1.

   After installing the component you need to set the maximum number of simultaneously running virtual machines. The value 48 is used by default.

   When installing the component on a VMware ESXi virtual machine, you must set up a configuration described in Calculations for the Sandbox component section.

2. Upgrading the Central Node component.

   You can upgrade the component to version 5.1 only from version 5.0. If you are using an older version, you must upgrade it to 5.1 in the following order: 3.7 → 3.7.1, 3.7.1 → 3.7.2, 3.7.2 → 4.0, 4.0 → 4.1, 4.1 → 5.0.

   If you are not using the distributed solution and multitenancy mode and are using a standalone Central Node server, you can upgrade the application on the Central Node server.

   If you are using the distributed solution and multitenancy mode:

   1. You can update the application on the PCN server. After the application upgrade is complete, the PCN server belongs to the same tenant it belonged to before the upgrade.
   2. If you want to update the application on an SCN server, change the role of the server from SCN to standalone Central Node server before performing the update.

      The application is updated on the standalone Central Node server.

      After upgrading the application, you can assign the SCN role to servers and select the tenant to which the SCN server belongs.

   3. After the application update is complete, by default, all users with the Administrator role are granted access to the web interface of the PCN server and all SCN servers.

      If before the application update, each user's access to SCN web interfaces was configured individually, you can configure it again.

      After the program update is complete, by default, all users with the Senior security officer and Security officer roles are granted access to the web interface of the PCN server and all SCN servers.

      If before the application update, each user's access to SCN web interfaces was configured individually, you can configure it again. To do so, in the web interface of the PCN server:

      1. Add the relevant tenants.
      2. Configure the access of user accounts with the Senior security officer and Security officer roles to those tenants and servers.
      3. Delete all SCNs that are temporarily disconnected from the PCN during the update.
      4. Re-connect all relevant SCNs to the PCN.

      The application prompts you to select a tenant for each SCN server.

      User access to SCN web interfaces is configured.

      Perform the application update procedure on the server where you want to update the data.

      If the Central Node component is deployed as a cluster, you can update the component on any server in the cluster.

   Kaspersky Anti Targeted Attack Platform may contain user data and other confidential information. The Kaspersky Anti Targeted Attack Platform administrator must take steps to ensure the security of this data when upgrading the application, or in other cases when it may be necessary to permanently delete data. The Kaspersky Anti Targeted Attack Platform administrator bears responsibility for access to data stored on application servers.

3. Upgrading the Sensor component installed on a standalone server.
4. Upgrading the Endpoint Agent component:
   • Kaspersky Endpoint Agent for Windows.

     If you use the solution together with Kaspersky Security for Windows Server, you can migrate from Kaspersky Security for Windows Server to Kaspersky Endpoint Security for Windows version 12.1 or later that contains the built-in agent. For more information about migration, see the Kaspersky Endpoint Security for Windows Help.

   • Kaspersky Endpoint Agent for Linux.
   • Kaspersky Endpoint Security for Windows.
   • Kaspersky Endpoint Security for Linux.

Special considerations for upgrading Kaspersky Anti Targeted Attack Platform from version 5.0 to version 5.1

1. After upgrading Kaspersky Anti Targeted Attack Platform to version 5.1, you must add license keys again.
2. A short interruption in the operation of the application is considered acceptable, including for the fault-tolerant version of the application.
3. If the Kaspersky Secure Mail Gateway solution is used in the role of the Sensor component, the settings for integration with it are saved.
4. Sensor and Sandbox component data are not preserved.
5. Central Node 5.1 is not compatible with Sensor and Sandbox components of earlier versions.

In this Help section Upgrading the Central Node component Upgrading the Sensor component Contents and amount of information kept when upgrading the Kaspersky Anti Targeted Attack Platform Installing the 5.1.1 application update package

Page top