Kaspersky Security for Virtualization 5.2 Light Agent

Rolling back the last update of databases and application modules

After the databases and application modules are updated for the first time, the function of rolling back the databases and application modules to their previous versions becomes available.

Every time an update is started on an SVM, Kaspersky Security creates a backup copy of the existing application databases and modules and only then proceeds to update them. This lets you roll back the databases and application modules to their previous versions when necessary. The update rollback feature is useful if the new application database version contains an invalid signature that causes Kaspersky Security to block a safe application.

Kaspersky Security application database and module updates are rolled back in the following order:

  1. Rolling back the last update of databases and application modules on the SVM. You can roll back the last application database and module update on one or several SVMs:
    • Rollback of the last database update on an SVM is performed using the database update rollback task on the Protection Server. The task is started from Kaspersky Security Center and is performed on the SVM.
    • Rollback of application module updates on SVMs is performed by a script.
  2. Rolling back the last database update on protected virtual machines. After a database update has been rolled back on an SVM, the last database update is automatically rolled back on all protected virtual machines connected to this SVM. If a protected virtual machine is disabled or paused, the last database update on this machine will be performed after it is enabled according to the Light Agent update task start schedule. The automatic task launch mode is selected by default. The task is started once every two hours.

    On a protected virtual machine with the Light Agent for Windows component installed, you can configure the update task run schedule in the local interface or start the update task manually, if these functions are not denied by the policy for all protected virtual machines of the administration group.

    On a protected virtual machine with the Light Agent for Linux component installed, you can manually start the update task from the command line.

  3. Rollback of an application module update on protected virtual machines.

To roll back the last application database and module update:

  1. Create a Protection Server database update rollback task for SVMs on which you want to roll back the database update.
  2. Start the Protection Server database update rollback task.
  3. If necessary, perform a rollback of an application module update on SVMs and protected virtual machines.

In this section:

Creating a Protection Server database update rollback task

Rolling back application module updates on SVMs and virtual machines

Page top
[Topic 73863]

Creating a Protection Server database update rollback task

You can create an update rollback task using the Administration Console or using the Web Console. In the Web Console, the task is created with the default settings. You can configure the task launch schedule in the task properties window.

To create a Protection Server database update rollback task in the Administration Console:

  1. Open Kaspersky Security Center Administration Console.
  2. Do one of the following:
    • To create a task for the SVMs within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
    • To create a task for one or more SVMs (tasks for a set of devices), select the Tasks folder in the console tree.
  3. Click the New task button to start the New Task Wizard.
  4. At the first step of the Wizard, select the type of task. To do so, in the Kaspersky Security for Virtualization 5.2 Light Agent – Protection Server list, select Rollback.

    Proceed to the next step of the New Task Wizard.

  5. If you have started the New Task Wizard from the Tasks folder, specify the method of selection of the SVMs for which you are creating the task. You can select SVMs from the list of virtual machines discovered by the Administration Server, manually specify the SVM addresses, import a list of SVMs from a file, or specify a previously configured selection of devices (for details, please refer to the Kaspersky Security Center help). Depending on the specified method of SVM selection, perform one of the following operations in the window that opens:
    • In the list of detected virtual machines, specify the SVMs on which you want to create the task. To do so, select the check boxes in the list on the left of the names of relevant SVMs.
    • Click the Add or Add IP range button and enter the addresses of SVMs manually.
    • Click the Import button, and in the window that opens select a TXT file with the list of addresses of SVMs.
    • Click the Browse button and in the window that opens specify the name of the selection containing SVMs for which you want to create the task.

    Proceed to the next step of the New Task Wizard.

  6. In the Scheduled start field, select Manually. Configure the remaining task launch schedule settings. For more information about the task launch schedule settings, refer to the Kaspersky Security Center help.

    Proceed to the next step of the New Task Wizard.

  7. Enter the update rollback task name in the Name field.

    Proceed to the next step of the New Task Wizard.

  8. If you want the task to start as soon as the New Task Wizard finishes, select the Run task when the wizard is complete checkbox. Exit the New Task Wizard.

The created custom scan task appears in the list of tasks. You can start and stop the task manually.

Page top
[Topic 73865]

Rolling back application module updates on SVMs and virtual machines

A script is used to perform rollback of an application module update on an SVM and virtual machine with the Light Agent for Linux component.

On a virtual machine with the Light Agent for Windows component installed, you can use the standard application removal tools of the operating system to roll back updates of modules.

Some of the installed application module updates for Light Agent for Windows are not displayed in the list applications that can be removed. If you need to roll back an application module update that cannot be removed, contact Kaspersky Technical Support.

To roll back an application module update on an SVM:

In the command line on the SVM, run the script named patch_rollback.pl located in the /opt/kaspersky/la/patching/ folder.

The script lets you roll back only the most recently installed application module update. You can view a list of all installed module updates by running the command line script named patch_list.pl located in the /opt/kaspersky/la/patching/ folder.

To roll back an application module update on a virtual machine with the Light Agent for Linux component installed:

In the command line on the virtual machine, run the script named patch_rollback.pl located in the /opt/kaspersky/lightagent/patching/ folder.

The script lets you roll back only the most recently installed application module update. You can view a list of all installed module updates by running the command line script named patch_list.pl located in the /opt/kaspersky/lightagent/patching/ folder.

When application module updates are being rolled back, protection of virtual machines and running tasks are paused.

Page top
[Topic 148811]