Managing Central Node, PCN, or SCN servers using the program web interface

You can use the program web interface to perform the following actions with the server on which the Central Node component is installed:

• Configure the date and time on the server.
• Power off and restart the server.
• Generate or upload a server certificate that you can prepare on your own.
• Configure the network settings of the server.
• Monitor the disk space usage on the server.

If you are using the

distributed solution

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

multitenancy mode

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Configuring the date and time on the server

If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.

To configure the date and time on the server:

1. In the window of the program web interface, select the Settings section, Date and time subsection.
2. In the Time zone drop-down list, select the time zone of the physical location of the server with the Central Node component.

   You can specify the country and time zone by selecting the relevant region on the map under the drop-down lists.

3. In the NTP servers section:
   • If you want to add a new
     NTP server

     Precision time server using the Network Time Protocol.

     :
     1. Click Add.
     2. In the field that opens, enter the IP address or domain name of the NTP server.
     3. Click the button to the right of the field.
   • If you want to edit the IP address or domain name of the NTP server, click the button in the line containing the server.
   • If you want to delete an NTP server, click the button in the line containing the server.
4. Click Apply.

The date and time of the server will be configured.

Generating or uploading a TLS certificate of the server

If you are already using a server TLS certificate, generating or uploading a new certificate causes the currently used certificate to be removed and replaced with the new certificate.

You must enter the data of the new certificate everywhere the old certificate was used.

If you replace the TLS certificate, you will need to

• Reauthorize mail sensors (KSMG, KLMS) on Central Node.
• Reconfigure the connection of Central Node, PCN, and SCN to Sandbox.
• Reconfigure traffic forwarding from Endpoint Agent to Sensor and trusted connection with Endpoint Agent.
• Upload a new certificate to Active Directory (if you are using Active Directory).

Please delete all Endpoint Agent host isolation rules. Connection with the isolated hosts and control over them will be lost.

You can generate a new certificate in the web interface: of the Central Node server or upload a certificate that you have created independently.

If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.

To generate a TLS certificate for a Central Node server:

1. Sign in to the Kaspersky Anti Targeted Attack Platform web interface with the administrator credentials.
2. In the window of the program web interface, select the Settings section, Certificates subsection.
3. In the Server certificate section, click Generate.

   This opens the action confirmation window.

4. Click Yes.

Kaspersky Anti Targeted Attack Platform generates a new TLS certificate. The page is automatically refreshed.

Communication with the mail sensors, the Sandbox component, and the Kaspersky Endpoint Agent program is interrupted until reauthorization.

You can choose to prepare the TLS certificate on your own and upload it using the Kaspersky Anti Targeted Attack Platform web interface.

The TLS certificate file prepared for upload must satisfy the following requirements:

• The file must contain the certificate itself and a private encryption key for the connection.
• The file must be in PEM format.
• The private key length must be 2048 bits or longer.

For more details on preparing TLS certificates for import, please refer to the documentation on Open SSL.

Upload the TLS certificate in the web interface of the PCN or SCN server to which you want to upload the certificate.

To upload an independently prepared TLS certificate using the Kaspersky Anti Targeted Attack Platform web interface:

1. Sign in to the Kaspersky Anti Targeted Attack Platform web interface with the administrator credentials.
2. In the window of the program web interface, select the Settings section, Certificates subsection.
3. In the Server certificate section, click Upload.

   This opens the file selection window.

4. Select a TLS certificate file to download and click the Open button.

   This closes the file selection window.

The TLS certificate is added to the Kaspersky Anti Targeted Attack Platform.

Communication with the mail sensors, the Sandbox component, and the Kaspersky Endpoint Agent program is interrupted until reauthorization.

Downloading the TLS certificate of the server

If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.

To download the TLS certificate of the server:

1. In the window of the program web interface, select the Settings section, Certificates subsection.
2. In the Server certificate section, click Download.

The server certificate file will be saved in the downloads folder of the browser.

Assigning a server DNS name

If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.

To assign the server name to be used by DNS servers:

1. In the window of the program web interface, select the Settings section, Network settings subsection.
2. Enter the full domain name of the server into the Server name (FQDN) field.

   Specify the server name in FQDN format (for example: host.domain.com or host.domain.subdomain.com).

3. Click Apply.

The server name will be assigned.

Configuring DNS settings

If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.

To configure DNS:

1. In the window of the program web interface, select the Settings section, Network settings subsection.
2. In the DNS settings group, enter the IP addresses of the DNS servers in the Primary and Secondary DNS servers field.
3. Click Apply.

The DNS settings will be configured.

Configuring settings of the network interface

If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.

To configure the network interface:

1. In the window of the program web interface, select the Settings section, Network settings subsection.
2. Select the network interface whose settings you want to configure.

   This opens the Edit network interface window.

3. In the State settings group, select one of the following options:
   • Disabled.
   • Enabled, using DHCP server if you want the settings received from the DHCP server to be used for the network interface.
   • Enabled, manual configuration if you want the manually configured network interface to be used.
4. If you selected Enabled, manual configuration, specify values for the following parameters:
   1. In the IP field, specify the IP address of the network interface.
   2. In the Subnet mask field, specify the subnet mask of the network interface.
   3. In the Gateway text box, enter the IP address of the gateway.
5. Click Save.

The settings of the network interface will be configured.

Configuring the default network route

If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.

To configure the default network route:

1. In the window of the program web interface, select the Settings section, Network settings subsection.
2. In the Network route settings group, in the Network interface drop-down list, select the network interface for which you want to configure the network route.
3. In the Gateway text box, enter the IP address of the gateway.
4. Click Apply.

The default network route will be configured.

Configuring proxy server connection settings

If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.

To configure the proxy server connection:

1. In the window of the program web interface, select the Settings section, General settings subsection.
2. In the Proxy server settings group, set the toggle switch to Enabled.
3. In the Host field, specify the URL of the proxy server.
4. In the Port field, specify the port for connecting to the proxy server.
5. In the User name field, specify the user name for authentication on the proxy server.
6. In the Password field, specify the password for authentication on the proxy server.
7. If you do not want to use a proxy server when connecting to local addresses, select the Bypass proxy server for local addresses check box.
8. Click Apply.

The proxy server connection settings will be configured.

Configuring the mail server connection

If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.

The program can send notifications about alerts and system performance. To do so, you must configure the settings of the server used for sending notifications.

To configure the server for sending notifications:

1. In the main window of the program web interface, select the Settings section, Notifications subsection.
2. Go to the Mail configuration tab.
3. In the Host field, specify the IP address of the mail server.
4. In the Port field, specify the port for connecting to the mail server.
5. In the Email from field, specify the email address from which the notifications will be sent.
6. If you want to enable authentication on the mail server, select the Use SMTP authentication of message recipients check box.
7. In the User name field, specify the user name for authentication on the server used for sending notifications.
8. In the Password field, specify the password for authentication on the server used for sending notifications.
9. If you want to use TLS encryption when sending notifications, select the Use TLS encryption check box.
10. If you want to validate the certificate of the mail server, select the Validate TLS encryption check box.

    The Certificate fingerprint field displays the fingerprint of the mail server certificate.

    If the Validate TLS encryption check box is not selected, the program will consider any certificate of the mail server as trusted.

11. Click Apply.

The settings of the server used for sending notifications will be configured.

Selecting operating systems to use when scanning objects in Sandbox

If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.

You can select a set of operating systems that will be used to generate tasks for scanning objects using the Sandbox component. On the Sandbox server, you must install virtual machines with operating systems that match the configured set.

To select the set of operating systems:

1. Select the Sandbox servers section in the window of the program web interface.
2. Go to the Settings tab.
3. Under OS set, select one of the following options:
   • Windows XP, Windows 7, Windows 10.
   • CentOS 7.8, Windows XP, Windows 7, Windows 10.
   • Astra Linux 1.7, Windows XP, Windows 7, Windows 10.

Kaspersky Anti Targeted Attack Platform will create tasks for scanning objects in Sandbox in accordance with the selected set.

If the set of operating systems installed on the Sandbox server does not match the set selected on the Central Node server, objects are not sent to be scanned by that Sandbox server. If multiple Sandbox servers are connected to the Central Node server, the program sends objects to those Sandbox servers whose installed operating systems match the set selected on Central Node.

You can change the set of operating systems in the course of using the program. In this case, you need to make sure that the configuration of the Sandbox server satisfies hardware requirements.

In distributed solution and multitenancy mode, the settings of the operating system set configured on the PCN server are not applied to SCN servers connected to that PCN server. You can select the set of operating systems for each PCN and SCN server individually.