Creating a backup copy and restoring the program from backup

If you are using the non fault-tolerant version of Kaspersky Anti Targeted Attack Platform, you can create a backup copy of the program and then restore it from the backup copy.

For a standalone Central Node server, you can create a backup copy of the data from this Central Node server.

If you are using the

distributed solution

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

multitenancy mode

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

• Create a backup copy of PCN data.
• Create a backup copy of SCN data.

  Restoring data from a backup copy of the SCN will change the role of the server from SCN to standalone Central Node server.

Follow the procedure for creating the backup copy of the program on the server for which you want to create a backup copy of the data.

Kaspersky Anti Targeted Attack Platform may contain user data and other confidential information. The Kaspersky Anti Targeted Attack Platform administrator must independently ensure the security of this data when creating a backup copy of the program, when replacing equipment on which the program is installed, or in other cases when it may be necessary to permanently delete data. The Kaspersky Anti Targeted Attack Platform administrator bears responsibility for access to data stored on program servers.

You can create a backup copy of the following data:

• The program database.
• Objects in Storage.
• Files from alerts generated during a rescan.
• Sandbox artifacts.
• Configuration files.
• Information about KATA and KEDR licenses.
• Central Node or PCN settings:
  • If you are using a standalone Central Node server, a backup copy of Central Node settings is created.
  • If you are using the distributed solution and multitenancy mode and are managing the PCN server, a backup copy of PCN settings is created.
  • If you are using the distributed solution and multitenancy mode and are managing the SCN server, you can create a backup copy of the SCN, but restoring data from a backup copy will change the role of the server from SCN to standalone Central Node server.

You can clear the directory before creating a backup copy of the program.

Before the program is restored from a backup copy, the following is cleared on the Central Node or PCN server on which the program is being restored:

• The program database.
• Objects in Storage.
• Files from alerts generated during a rescan.
• Sandbox artifacts.
• Configuration files.
• Information about KATA and KEDR licenses.
• Central Node or PCN settings.

  Contents and volume of data exported for the creation of a backup copy of the program

  Maximum data volume	Data type	Exported data	Program operation mode
  4 GB	Central Node settings. The program database on Central Node: Alerts and VIP statuses of alerts Tasks and task execution results Policies User-defined TAA (IOA) rules and exclusions User-defined IDS rules and exclusions IOC files Scan exclusion rules Information about files in Storage Information about quarantined objects List of computers with Endpoint Agent Reports and report templates User account data Notifications	Central Node settings, if selected. Program databases, by default.	Standalone Central Node server.
  4 GB	PCN settings.	Custom	Distributed solution and multitenancy mode.
  4 GB	SCN settings.	Custom As for a standalone Central Node server.	Distributed solution and multitenancy mode.
  4 GB	Program databases on the PCN: Alerts and VIP statuses of alerts Task execution results Policies User-defined TAA (IOA) rules and exclusions User-defined IDS rules and exclusions IOC files List of data excluded from the scan Information about files in Storage Information about quarantined objects List of Kaspersky Endpoint Agent hosts Reports and report templates User account data Notifications	Default	Distributed solution and multitenancy mode.
  No	Configuration files.	Yes	All modes.
  No	KATA and KEDR licenses.	Yes	All modes.
  300 GB	Backup	Custom	All modes.
  300 GB	Sandbox artifacts.	Custom	All modes.
  300 GB	Files from alerts generated during a rescan.	Custom	All modes.
  No	Events database.	None.	All modes.

Files that are in the scan queue when the backup copy of the program is created are not exported.

The versions of the program being restored must match the version of the program installed on the server. If the versions of the programs do not match, an error message is displayed when the program restoration is initiated, and the restoration process is terminated.

Creating a backup copy of Central Node server settings from the program administrator menu

To create a backup copy of the Central Node (PCN or SCN in distributed solution and multitenancy mode), do the following in the administrator menu of the server:

1. In the list of sections of the program administrator menu, select the System administration section.
2. Press ENTER.

   This opens the action selection window.

3. In the list of actions, select Backup/Restore settings.
4. Press ENTER.

   This opens the Backup/Restore settings window.

5. In the list of actions, select New.
6. Press ENTER.

   This opens the Backup settings window.

7. Click Back up.

A backup copy of server settings is created.

Downloading a file containing a backup copy of server settings from the Central Node or PCN server to the hard drive of the computer

It is recommended to save files containing a backup copy of the Central Node server settings to the hard drive of your computer.

To download a file containing a backup copy of the Central Node server settings to the hard drive of your computer, run the following command in the command line interface of the Linux operating system on your computer:

scp <name of the account used for working in the administrator menu and in the server management console>@<IP address of the server>:<name of the file containing the backup copy of the program in the form of settings-<date and time of backup copy creation>.tar.gz>

Page top

Restoring server settings from a backup copy using the program administrator menu

To restore Central Node server settings from a backup copy, you must first create a backup copy of current server settings. In case of an error when restoring server settings you will be able to use a backup copy of server settings.

To restore server settings from a previously created backup copy, perform the following actions in the administrator menu of the server:

1. In the list of sections of the program administrator menu, select the System administration section.
2. Press ENTER.

   This opens the action selection window.

3. In the list of actions, select Backup/Restore settings.
4. Press ENTER.

   This opens the Backup/Restore settings window.

5. In the list of files containing backup copies of the program, select the file from which you want to restore the server settings.

   If the necessary file is not listed, upload the file containing the backup copy of the settings to the server.

6. Press ENTER.

   This opens the action selection window.

7. In the list of actions, select Restore <name of the file with the backup copy of server settings>.
8. Press ENTER.

   This opens the action confirmation window.

9. Click Restore.

Server settings are restored from the selected file.

If the hardware configuration of the Central Node server on which the backup copy was created differs from the hardware configuration of the server on which you are planning to restore the server settings, you need to reconfigure the application scaling settings after restoring.

Creating a backup copy of the program in Technical Support Mode

To create a backup copy of Kaspersky Anti Targeted Attack Platform, run the following command in Technical Support Mode of the server:

kata-backup-restore backup

You can also specify one or multiple parameters for this command (see the table below).

You can use the -h command to receive tips on using parameters.

Parameters of the command for creating a backup copy of Kaspersky Anti Targeted Attack Platform

If additional settings are not defined, the backup copy of Kaspersky Anti Targeted Attack Platform contains only databases (alerts database, VIP status details, the list of data excluded from the scan, notifications).

All files containing a backup copy of the program are saved to one TAR archive. Archive file name: data_kata_ddmmyyyyhhMM, where ddmmyyyy is the date and hhMM is the hour and minute when the backup copy of the program was created. The name of the database is KATA5.0.sql for the backup copy of the program version 5.0.

Page top

Restoring the program from a backup copy in Technical Support Mode

To restore Kaspersky Anti Targeted Attack Platform from a backup copy, you must first create a backup copy of the current state of the program and download it to the hard drive of your computer. If an error occurs when restoring the program or if it becomes necessary to reinstall Kaspersky Anti Targeted Attack Platform, you will be able to use the saved copy of the program.

The versions of the program being restored must match the version of the program installed on the server. If the versions of the programs do not match, an error message is displayed when the program restoration is initiated, and the restoration process is terminated.

To restore Kaspersky Anti Targeted Attack Platform from a backup copy, run the following command in Technical Support Mode of the server:

kata-backup-restore restore

You can also specify one or multiple parameters for this command (see the table below).

You can use the -h command to receive tips on using parameters.

Parameters of the command for restoring Kaspersky Anti Targeted Attack Platform from a backup copy

Page top