KSC Open API
Kaspersky Security Center API description
Creating hybrid gateway connections

A hybrid gateway connection is a gateway connection that uses a tunnel from the primary server to the target secondary server. To create this kind of connection, follow the steps below:

  1. Call the GatewayConnection.PrepareHybridGatewayConnectionToSecondaryServerPort method on the primary server with parameters described below (see Create hybrid gateway connection) and obtain the hybrid session identifier as a return value.
  2. Call the Session.StartSession method on the primary server with parameters corresponding to target secondary server. For example, the login and password for authentication are those of the target secondary server. Use the x-ksc-t-session http-header with a string value obtained previously. This call initiates a session on the target secondary server and returns the created session id.
  3. Call other open-api methods and pass the x-ksc-t-session header as a hybrid session identifier and "X-KSC-Session" as a session id. All function calls with the x-ksc-t-session header will be redirected to the target secondary server and all the responses will be redirected to the caller.
  4. Close the hybrid session by calling the Session.EndSession method and pass the x-ksc-t-session header as a hybrid session identifier and the X-KSC-Session header as an identifier of the session to be closed.
  5. Close the tunnel created in the par. 1 by calling the GatewayConnection.CloseHybridGatewayConnectionToSecondaryServerPort method and pass the hybrid session identifier as parameter.

Example:

  1. Creating a tunnel.
    Request: 
        curl -v -k -H "Authorization: KSCBasic user=\"USER\", pass=\"PASSWORD\", internal=\"0\"" 
    -H "Content-Type: application/json" -d "{}" -k -X POST https://localhost:13299/api/v1.0/login -: 
    -H "Content-Type: application/json" -H "Transfer-Encoding: chunked" -H "X-KSC-RequestId: AECC37AD18B74C4B_8846F01BF6AA6E2D" 
    -d "{\"wstrTargetSlaveServerInstanceId\":\"c5ed323c-e074-4924-aa1e-f2e008db9d58\", \"wstrTargetHostId\":\"89fc81bc-d54c-4f8d-a5bb-faf82bfc6f91\",\"pTargetCertPub\":\"LS0tLS1.......o=\",\"nTargetPort\":12110}" 
    -k -X POST https://localhost:13299/api/v1.0/GatewayConnection.PrepareHybridGatewayConnectionToSecondaryServerPort

    Response (getting the hybrid session identifier): 
        {"PxgRetVal":"6CFA39478AC0FC1FBD339042A88F9A06"}
  2. Starting the session on a target secondary server.
    Request: 
        curl -v -H "Authorization: KSCBasic user=\"USER\", pass=\"PASSWORD\", internal=\"0\"" 
    -H "x-ksc-t-session: 6CFA39478AC0FC1FBD339042A88F9A06" 
    -H "Content-Type: application/json" -d "{}" 
    -k -X POST https://localhost:13299/api/v1.0/Session.StartSession

    Response (getting the identifier of the created session): 
        {"PxgRetVal":"n9vunEemB7dO/JH/mT/Lb8Q=="}
  3. Calling the GetStaticInfo Open-API method.
    Request: 
        curl -v -H "X-KSC-Session: nEfy5V6fmntufkJeyOoMNOg==" 
    -H "x-ksc-t-session: 6CFA39478AC0FC1FBD339042A88F9A06" 
    -H "Content-Type: application/json" 
    -H "X-KSC-RequestId: 39C49236A51C334C_86659DDD6960D6E2" -d "{}" -k -X POST https://localhost:13299/api/v1.0/HostGroup.GetStaticInfo

    Response: 
     {"PxgRetVal":{"KLADMSRV_APPLICATION_ID":1017,"KLADMSRV_B2B_CLOUD_MODE":false,......}}
  4. Ending the session created in the par.2.
    Request: 
        curl -v -H "X-KSC-Session: nEfy5V6fmntufkJeyOoMNOg==" 
    -H "x-ksc-t-session: 6CFA39478AC0FC1FBD339042A88F9A06" 
    -H "Content-Type: application/json" 
    -H "X-KSC-RequestId: 39C49236A51C334C_86659DDD6960D6E2" -d "{}" -k -X POST https://localhost:13299/api/v1.0/Session.EndSession

    Response: 
        {}
  5. Closing the tunnel created in the par.1.
    Request: 
        curl -v -H "Authorization: KSCBasic user=\"USER\", pass=\"PASSWORD\", internal=\"0\"" 
    -H "Content-Type: application/json" -d "{}" -k -X POST https://localhost:13299/api/v1.0/login -: 
    
    -H "Content-Type: application/json" -H "Transfer-Encoding: chunked" 
    -H "X-KSC-RequestId: AECC37AD18B74C4B_8846F01BF6AA6E2D" 
    -d "{\"szwTSessionId\":\"116CC992BC8ECBD658C06D6D660331D5\"}" 
    -k -X POST https://localhost:13299/api/v1.0/GatewayConnection.CloseHybridGatewayConnectionToSecondaryServerPort

    Response: 
        {}