If you want to get acquainted with Kaspersky Next XDR Expert, you can perform a demonstration deployment of the solution.
Use the demonstration deployment of Kaspersky Next XDR Expert (in which the DBMS is installed into the Kubernetes cluster) only to get acquainted the solution. We do not recommend using this approach to solve standard work tasks. For standard usage, perform a multi-node or single-node deployment.
In the demonstration deployment, all Kaspersky Next XDR Expert components are installed on a single node or on multiple nodes of the Kubernetes cluster.
In the scenario below, the demonstration deployment on a single node is described. Single-node deployment requires less resources and is therefore more often used for demonstration deployment. In the demonstration deployment on a single node, the Kubernetes cluster, Kaspersky Next XDR Expert components, and the DBMS are installed on one target host. Also you need the administrator host to deploy and manage the Kubernetes cluster and Kaspersky Next XDR Expert, as well as the target host for installing the KUMA services.
In the single-node configuration, you need at least three hosts:
The main difference between a demonstration deployment and a standard one is the DBMS location. In a standard deployment (multi-node or single-node), the DBMS is installed on a host located outside the cluster. In a demonstration deployment, the DBMS is installed on the target host inside the cluster.
Before you deploy Open Single Management Platform and Kaspersky Next XDR Expert components, we recommend reading the Hardening Guide.
Following this scenario, you can prepare the infrastructure for the demonstration deployment, prepare the configuration file, and deploy the solution by using the Kaspersky Deployment Toolkit utility (hereinafter referred to as KDT).
The demonstration deployment scenario proceeds in stages:
The distribution package contains the following components:
Prepare the selected administrator and target hosts for a demonstration deployment of Kaspersky Next XDR Expert.
How-to instruction: Preparing the administrator and target hosts
Prepare the KUMA target hosts for the installation of the KUMA services (collectors, correlators, and storages).
How-to instruction: Preparing the hosts for installation of the KUMA services
Prepare the KUMA inventory file in the YAML format. The KUMA inventory file contains parameters for installation of the KUMA services.
How-to instruction: Preparing the KUMA inventory file
Prepare the configuration file in the YAML format. The configuration file contains the target host parameters and a set of installation parameters of the Kaspersky Next XDR Expert components.
How-to instructions: Specifying the installation parameters
Deploy Kaspersky Next XDR Expert by using KDT. KDT automatically deploys the Kubernetes cluster within which the Kaspersky Next XDR Expert components and other infrastructure components are installed.
How-to instruction: Installing Kaspersky Next XDR Expert
Install the KUMA services (collectors, correlators, and storages) on the prepared KUMA target hosts that are located outside the Kubernetes cluster.
How-to instruction: Installing KUMA services
Install Central Node to receive telemetry from Kaspersky Anti Targeted Attack Platform, and then configure integration between Kaspersky Next XDR Expert and KATA/KEDR to manage threat response actions on assets connected to Kaspersky Endpoint Detection and Response servers.
If necessary, you can install multiple Central Node components to use them independently of each other or to combine them for centralized management in the distributed solution mode. To combine multiple Central Node components, you have to organize the servers with the components into a hierarchy.
When configuring the Central Node servers, you have to specify the minimum possible value in the Storage field, to avoid duplication of data between the Kaspersky Next XDR Expert and KEDR databases.