Deploying the Central Node and Sensor components as a cluster

Deployment of the Central Node and Sensor components in the form of a cluster includes the following steps:

1. Deploying the first storage server

   The first step is to deploy the storage server. After the storage server is deployed, you can add additional storage and processing servers to the cluster.

   A cluster must include at least 4 servers: 2 storage servers and 2 processing servers. You can use the Sizing Guide to determine the right number of servers for your organization.

2. Deploying processing servers and additional storage servers

   You can deploy the servers in any order.

3. Configuring the sizing settings of the program

   At the final stage of cluster deployment, you need to configure the scaling settings of the program: specify the planned volume of SPAN traffic, email traffic, the number of hosts with Kaspersky Endpoint Agent, as well as the size of the Storage and event database.

The Central Node component is always installed together with the Sensor component. If you need to use the Central Node component separately, when deploying the processing server, turn off receipt of mirrored traffic from SPAN ports in step 10.

Deploying a storage server

To deploy a data storage server, you need to run a disk image with the Central Node and Sensor components.

If an error occurred while performing the steps of the Setup Wizard, contact Technical Support.

Step 1. Selecting a server role

To select a server role:

1. Enter one of the following numbers:
   • 1 - storage server for deploying the Central Node component in the form of a cluster.
   • 2 - a processing server for deploying the Central Node component in the form of a cluster.

     The role also includes the installation and configuration of the Sensor component.

   • 3 - Central Node and Sensor components for installation on one server.
   • 4 - Sensor component for installation on a standalone server.
2. Press ENTER.

The Setup Wizard proceeds to the next step.

Step 2. Selecting the deployment mode

To select a deployment mode:

1. Enter one of the following numbers:
   • 1.

     Select this value when deploying the first server in the cluster.

   • 2.

     Select this value when deploying a server that will be added to an existing cluster.

2. Press ENTER.

The Setup Wizard proceeds to the next step.

Step 3. Selecting a disk for installing the component

To select a disk for installing the component:

1. Enter the number of the relevant disk.
2. Press ENTER.
3. Do the following:
   • Enter y if you want to confirm the drive selection.
   • Enter n if you want to select a different drive.
4. If you selected n, repeat steps 1-2 of these instructions.

The Setup Wizard proceeds to the next step.

Step 4. Viewing the End User License Agreement and Privacy Policy

To continue installation, you need to read the End User License Agreement and Privacy Policy and accept their terms. Installation will not continue until you accept the terms of the End User License Agreement and Privacy Policy.

To accept the terms of the End User License Agreement and Privacy Policy:

1. Press ENTER.
2. Read the End User License Agreement and the Privacy Policy.

   To move up and down, you can use the keys: ↑ and ↓, PageUp and PageDown, or Enter.

3. If you accept the End User License Agreement and the Privacy Policy, select I accept and press Enter.

The Setup Wizard proceeds to the next step.

Step 5. Selecting a network mask for cluster server addressing

To specify the network mask for cluster server addressing:

• If you want to use the predefined value for the network mask, press Enter.

  Default value: 198.18.0.0/16.

• If you want to specify a different network mask, enter the value and press Enter.

  The mask must match the template: x.x.0.0/16.

The Setup Wizard proceeds to the next step.

Step 6. Selecting a network mask for directing program components

During this step, you need to specify the network mask for directing the main program components (services) that will operate on servers with the Central Node component.

The network for directing application components must not overlap with the network for directing the cluster servers.

To specify the network mask for directing the main components of the program:

• If you want to use the predefined value for the network mask, press Enter.

  Default value: 198.19.0.0/16.

• If you want to specify a different network mask, enter the value and press Enter.

  The mask must match the template: x.x.0.0/16.

The Setup Wizard proceeds to the next step.

Step 7. Selecting the cluster network interface

The cluster network interface is used for communication between cluster servers.

To select the cluster network interface:

1. Select the row containing the network interface that is used for the internal network.

   To select a row, you can use the ↑, ↓, PageUp, and PageDown keys. The selected row is highlighted in red.

2. Press ENTER.

The Setup Wizard proceeds to the next step.

Step 8. Selecting the external network interface

The external network interface is used for SSH access to the server, managing the web interface of Kaspersky Anti Targeted Attack Platform, and other external connections.

To select the external network interface:

1. Select the row containing the network interface that is used for the external network.

   To select a row, you can use the ↑, ↓, PageUp, and PageDown keys. The selected row is highlighted in red.

2. Press ENTER.

The Setup Wizard proceeds to the next step.

Step 9. Selecting the method of obtaining IP addresses for network interfaces

To select a method for obtaining an IP address for network interfaces:

1. Select the row containing the Configuration type: and press Enter.

   To select a row, you can use the ↑, ↓, PageUp, and PageDown keys. The selected row is highlighted in red.

2. In the opened window, select one of the following options:
   • dhcp.
   • static.
3. If you selected static:
   1. Select the row containing the parameter and press the Enter key.
   2. In the opened window, enter the required data and press Enter twice.

      You need to specify a value for each parameter.

4. Select the row containing Save.
5. Press ENTER.

The Setup Wizard proceeds to the next step.

Step 10. Creating an administrator account and authenticating the server in the cluster

During this step, you need to do one of the following:

• Create an administrator account if you are deploying the first server in the cluster.
• Authenticate a server in the cluster if you are deploying additional storage servers.

Creating the administrator account

An administrator account is only required when deploying the first server in the cluster. If you are deploying an additional storage server, instead of opening a window that prompts you to create an administrator account, the program prompts you to authenticate a server in the cluster.

When deploying the first server in the cluster, you need to create an administrator account. This account is used to work in the web interface for scaling management, the program administrator menu, and to work in Technical Support Mode.

By default, the user name of the administrator account is admin. You must enter a password for that user account.

To enter a password for the administrator user account:

1. In the password field, enter the password for the administrator account.

   To select a row, you can use the ↑, ↓, PageUp, and PageDown keys. The selected row is highlighted in red.

2. In the confirm field, enter the password again.
3. Select Ok and press Enter.

The Setup Wizard proceeds to the next step.

Authenticating the server in the cluster

Authenticating a server in the cluster is only required when deploying additional storage servers. If you are deploying the first server in the cluster, the program prompts you to create an administrator account instead of authenticating the server.

To authenticate a server in the cluster, you need to enter the admin account password that was set when the first server in the cluster was deployed.

To authenticate a server in the cluster:

1. In the password field, enter the password for the administrator account.
2. Select Ok and press Enter.

   To select a button, you can use the ↑, ↓, PageUp, and PageDown keys.

The server in the cluster will be authenticated. The Setup Wizard proceeds to the next step.

Step 11. Adding DNS server addresses

Configure the DNS settings for the operation of servers with program components.

To add DNS server addresses:

1. Enter the IP address of the primary DNS server in IPv4 format.

   You must enter at least one DNS server address.

2. If you want to add the IP address of an additional DNS server, press Enter and enter the address of the server.
3. Having added all DNS servers, press Enter twice.

The Setup Wizard proceeds to the next step.

Step 12. Selecting disks for the Ceph storage

Select the disks for the Ceph storage. The number of drives is determined according to the scaling guide.

To select disks for the Ceph storage:

1. Select the row containing the required drive.

   To select a row, you can use the ↑, ↓, PageUp, and PageDown keys. The selected row is highlighted in red.

2. Press ENTER.
3. Repeat steps 1-2 to select the following drives.

The configuration will take some time. Then the installation is complete. You can proceed to the configuration of cluster servers in the web interface for sizing management.

Deploying the processing server

To deploy a processing server, you need to run a disk image with the Central Node and Sensor components.

If an error occurred while performing the steps of the Setup Wizard, contact Technical Support.

Step 1. Selecting a server role

To select a server role:

1. Enter one of the following numbers:
   • 1 - storage server for deploying the Central Node component in the form of a cluster.
   • 2 - a processing server for deploying the Central Node component in the form of a cluster.

     The role also includes the installation and configuration of the Sensor component.

   • 3 - Central Node and Sensor components for installation on one server.
   • 4 - Sensor component for installation on a standalone server.
2. Press ENTER.

The Setup Wizard proceeds to the next step.

Step 2. Selecting the deployment mode

To select a deployment mode:

1. Enter one of the following numbers:
   • 1.

     Select this value when deploying the first server in the cluster.

   • 2.

     Select this value when deploying a server that will be added to an existing cluster.

2. Press ENTER.

The Setup Wizard proceeds to the next step.

Step 3. Selecting a disk for installing the component

To select a disk for installing the component:

1. Enter the number of the relevant disk.
2. Press ENTER.
3. Do the following:
   • Enter y if you want to confirm the drive selection.
   • Enter n if you want to select a different drive.
4. If you selected n, repeat steps 1-2 of these instructions.

The Setup Wizard proceeds to the next step.

Step 4. Viewing the End User License Agreement and Privacy Policy

To continue installation, you need to read the End User License Agreement and Privacy Policy and accept their terms. Installation will not continue until you accept the terms of the End User License Agreement and Privacy Policy.

To accept the terms of the End User License Agreement and Privacy Policy:

1. Press ENTER.
2. Read the End User License Agreement and the Privacy Policy.

   To move up and down, you can use the keys: ↑ and ↓, PageUp and PageDown, or Enter.

3. If you accept the End User License Agreement and the Privacy Policy, select I accept and press Enter.

The Setup Wizard proceeds to the next step.

Step 5. Selecting a network mask for cluster server addressing

To specify the network mask for cluster server addressing:

• If you want to use the predefined value for the network mask, press Enter.

  Default value: 198.18.0.0/16.

• If you want to specify a different network mask, enter the value and press Enter.

  The mask must match the template: x.x.0.0/16.

The Setup Wizard proceeds to the next step.

Step 6. Selecting a network mask for directing program components

During this step, you need to specify the network mask for directing the main program components (services) that will operate on servers with the Central Node component.

The network for directing application components must not overlap with the network for directing the cluster servers.

To specify the network mask for directing the main components of the program:

• If you want to use the predefined value for the network mask, press Enter.

  Default value: 198.19.0.0/16.

• If you want to specify a different network mask, enter the value and press Enter.

  The mask must match the template: x.x.0.0/16.

The Setup Wizard proceeds to the next step.

Step 7. Selecting the cluster network interface

The cluster network interface is used for communication between cluster servers.

To select the cluster network interface:

1. Select the row containing the network interface that is used for the internal network.

   To select a row, you can use the ↑, ↓, PageUp, and PageDown keys. The selected row is highlighted in red.

2. Press ENTER.

The Setup Wizard proceeds to the next step.

Step 8. Selecting the external network interface

The external network interface is used for SSH access to the server, managing the web interface of Kaspersky Anti Targeted Attack Platform, and other external connections.

To select the external network interface:

1. Select the row containing the network interface that is used for the external network.

   To select a row, you can use the ↑, ↓, PageUp, and PageDown keys. The selected row is highlighted in red.

2. Press ENTER.

The Setup Wizard proceeds to the next step.

Step 9. Selecting the method of obtaining IP addresses for network interfaces

To select a method for obtaining an IP address for network interfaces:

1. Select the row containing the Configuration type: and press Enter.

   To select a row, you can use the ↑, ↓, PageUp, and PageDown keys. The selected row is highlighted in red.

2. In the opened window, select one of the following options:
   • dhcp.
   • static.
3. If you selected static:
   1. Select the row containing the parameter and press the Enter key.
   2. In the opened window, enter the required data and press Enter twice.

      You need to specify a value for each parameter.

4. Select the row containing Save.
5. Press ENTER.

The Setup Wizard proceeds to the next step.

Step 10. Authenticating the server in the cluster

To authenticate a server in the cluster, you need to enter the admin account password that was set when the first server in the cluster was deployed.

To authenticate a server in the cluster:

1. In the password field, enter the password for the administrator account.
2. Select Ok and press Enter.

   To select a button, you can use the ↑, ↓, PageUp, and PageDown keys.

The server in the cluster will be authenticated. The Setup Wizard proceeds to the next step.

Step 11. Configuring receipt of mirrored traffic from SPAN ports

To turn on receipt of mirrored traffic from SPAN ports:

1. Enter y.
2. Press ENTER.

The Setup Wizard proceeds to the next step.

To turn off receipt of mirrored traffic from SPAN ports:

1. Enter n.
2. Press ENTER.

The Setup Wizard proceeds to the next step.

Step 12. Adding DNS server addresses

Configure the DNS settings for the operation of servers with program components.

To add DNS server addresses:

1. Enter the IP address of the primary DNS server in IPv4 format.

   You must enter at least one DNS server address.

2. If you want to add the IP address of an additional DNS server, press Enter and enter the address of the server.
3. Having added all DNS servers, press Enter twice.

Installation is complete. You can proceed to the configuration of cluster servers in the web interface for sizing management.