Contents
- Installing the Kaspersky Security solution
- Installing a Windows-based Integration Server
- Installing the Linux-based Integration Server
- Installing Kaspersky Security web plug-ins
- Installing Kaspersky Security MMC plug-ins
- SVM deployment using the Integration Server Web Console
- Connecting the Integration Server and the virtual infrastructure
- Creating and running an SVM deployment task
- Selecting infrastructure for SVM deployment
- Selecting the SVM image
- Selecting the number of SVMs for deployment (infrastructures based on OpenStack)
- Specifying SVM settings
- Specifying SVM settings (infrastructures based on OpenStack)
- Configuring SVM network settings (infrastructures based on OpenStack)
- Configuring IP address settings for SVM
- Specifying Kaspersky Security Center connection settings
- Creating the configuration password and the root account password
- Start task for SVM deployment
- Starting an SVM deployment task (OpenStack-based infrastructure)
- Viewing information about task execution
- Deploying SVMs using the Integration Server Console
- Selecting an action
- Selecting infrastructure for SVM deployment
- Selecting the SVM image
- Selecting the number of SVMs for deployment (infrastructures based on OpenStack)
- Specifying SVM settings
- Specifying SVM settings (infrastructures based on OpenStack)
- Configuring SVM network settings (infrastructures based on OpenStack)
- Configuring IP address settings for SVM
- Specifying Kaspersky Security Center connection settings
- Creating the configuration password and the root account password
- Starting SVM deployment
- Starting SVM deployment (infrastructures based on OpenStack)
- SVM deployment
- Finishing SVM deployment
- Automatically creating tasks and a default policy for the Protection Server
- Preparing the Protection Server for operation
- Installing Light Agents and Network Agent
- About installing Kaspersky Security Center Network Agent on virtual machines
- About installing Light Agent for Linux
- About installing Light Agent for Windows
- Installing Light Agent on a template for non-persistent virtual machines
- Compatibility of Light Agent for Windows with virtualization solutions
- Preparing Light Agents for operation
- Displaying virtual machines and SVMs in Kaspersky Security Center
- Viewing the list of SVMs connected to the Integration Server
Installing the Kaspersky Security solution
Installation of Kaspersky Security for Virtualization 6.2 Light Agent in the virtual infrastructure consists of the following stages:
- Installing the Integration Server
Depending on your infrastructure, you need to install the Windows-based Integration Server or the Linux-based Integration Server.
For the Linux-based Integration Server, connecting to virtual infrastructure based on Microsoft Hyper-V is not supported. Use the Windows-based Integration Server to install and run Kaspersky Security in an infrastructure based on the Microsoft Hyper-V platform.
If you want to use the Integration Server Console to manage the Windows-based Integration Server, you also need to install Integration Server Console on the device where Kaspersky Security Center Administration Console is installed, or on another device with a Windows operating system.
If you want to use Integration Server Web Console to manage the Integration Server, you need to install the Integration Server web plug-in. After it is installed, Integration Server Web Console will be available in Kaspersky Security Center Web Console.
- Installing Kaspersky Security management plug-ins
If you want to manage components of the Kaspersky Security solution via Kaspersky Security Center Web Console and use Integration Server Web Console, you need to install management web plug-ins on the device where Kaspersky Security Center Web Console is installed.
If you want to manage solution components via Kaspersky Security using Kaspersky Security Center Administration Console, you need to install management MMC plug-ins on the device where Kaspersky Security Center Administration Console is installed.
If you are using Kaspersky Security Center Linux, you need to install the management web plug-ins. The Kaspersky Security Center Administration Console and management MMC plug-ins are not supported.
After installing the Protection Server management plug-in, it is recommended to run the Download updates to the Administration Server storage task in Kaspersky Security Center and make sure that the task completes successfully. For details, please refer to the Kaspersky Security Center help.
After installing the management plug-ins, you can create a default policy and an Update databases and solution modules task for the Protection Server using the Kaspersky Security Center Initial Configuration Wizard.
- Installing Kaspersky Security Protection Servers
The Protection Server is installed as a result of deploying SVMs on a hypervisor in a virtual infrastructure.
You can deploy SVMs in the following ways:
- Using the Integration Server Web Console. In the Web Console, you must first configure the connection of the Integration Server to the virtual infrastructure. Then you create a task for the Integration Server, in which you specify all the necessary SVM deployment settings, and start the task. The Integration Server runs the SVM deployment task. You can monitor the task progress in Integration Server Web Console.
- Using the Integration Server Console. In Integration Server Console, you launch the SVM Management Wizard. Following the instructions in the wizard, you configure the wizard's connection to the virtual infrastructure, enter all the necessary SVM deployment settings, and start the deployment. The Integration Server deploys the SVMs. You can monitor the deployment progress in the wizard.
- Without using the Integration Server management consoles, using the Integration Server REST API (open a description of REST API requests).
If none of the above methods are suitable, you can deploy SVMs using the tools of the virtual infrastructure and then configure the SVM using the klconfig script API manually or using automation tools.
In an infrastructure managed by VMware vCenter Server and VMware NSX Manager, if you use Integration Server Console for SVM deployment, then after the SVM deployment is complete, you need to configure the Integration Server's connection to VMware NSX Manager. If you use Integration Server Web Console for SVM deployment, you can configure a connection to VMware NSX Manager when configuring the Integration Server's connection to the virtual infrastructure or later, using the procedure for changing connection settings.
- Preparing the Protection Servers for operation
You must follow the steps to prepare the deployed SVMs and Protection Servers for operation.
- Installing Light Agents and Kaspersky Security Center Network Agent
On each virtual machine that needs to be protected using the Kaspersky Security solution, you need to install the following:
- On a virtual machine with the Linux operating system:
- Light Agent for Linux (Kaspersky Endpoint Security for Linux running in Light Agent mode).
- Kaspersky Security Center Network Agent for Linux.
- On a virtual machine with a Windows operating system:
- Light Agent for Windows (Kaspersky Endpoint Security for Windows running in Light Agent mode)
- Kaspersky Security Center Network Agent for Windows
To protect your VDI, you need to install Light Agent and Network Agent on your virtual machine templates.
- On a virtual machine with the Linux operating system:
- Preparing Light Agents for operation
You must follow the steps to prepare the installed Light Agents for operation.
Installing a Windows-based Integration Server
The procedure for installing the Windows-based Integration Server depends on which version of Kaspersky Security Center you plan to use to manage the Kaspersky Security solution:
- If you want to use the Kaspersky Security Center Windows to manage the Kaspersky Security solution, you can use the Kaspersky Security components installation wizard. The wizard lets you install the Windows-based Integration Server and Integration Server Console.
The Integration Server must be installed on the device on which the Administration Server of Kaspersky Security Center is installed. The Integration Server Console must be installed on the device where the Kaspersky Security Center Administration Console is installed.
- If you want to use Kaspersky Security Center Linux to manage the Kaspersky Security solution, do not use the Kaspersky Security Components Installation Wizard. The Windows-based Integration Server must be installed on a device with a Windows operating system, regardless of the location of the Kaspersky Security Center components. You can also install the Integration Server Console on a Windows device. Installation is performed manually.
The Integration Server and Integration Server Console must be installed under an account that belongs to the local administrator group.
Installation requires at least 4 GB of free space on the drive containing the %ProgramData% folder.
For successful installation of the Integration Server, in the settings of network equipment or traffic monitoring software you need to allow connections through the port that will be used by SVMs and Light Agents to connect to the Integration Server. By default, port number 7271 (TCP) is used.
Installing the Integration Server and Integration Server Console using the wizard
You can install the Integration Server and Integration Server Console by using the Kaspersky Security Components installation wizard in interactive mode or in silent mode.
The Microsoft .NET Framework 4.6.2, 4.7, or 4.8 is required for the Kaspersky Security Components Installation Wizard. You can install the Microsoft .NET Framework platform in advance, or the Kaspersky Security Component Installation Wizard will suggest installing it during the installation of Kaspersky Security solution components. Internet access is required to install Microsoft .NET Framework. If there are any problems with the installation of Microsoft .NET Framework, make sure that Windows updates KB2919442 and KB2919355 have been installed on the device.
Depending on the availability of Kaspersky Security Center components installed on the device, the following operations are performed once installation is started:
- If only Kaspersky Security Center Administration Console is installed on the device, the Integration Server Console is installed.
- If the Kaspersky Security Center Administration Server and Kaspersky Security Center Administration Console are installed on the device, the Integration Server and Integration Server Console are installed.
When you install the Integration Server, the data kept while removing the previous version of the Integration Server can be used.
After installation of the Integration Server Console is complete, in Kaspersky Security Center Administration Console, in the workspace of the Administration Server <server name> node on the Monitoring tab, the Deployment section displays a Manage Kaspersky Security for Virtualization <version number> Light Agent link (where <version number> is the number of the installed version of the Kaspersky Security solution). This link is used to start the Integration Server Console.
The procedure for installing the Integration Server as part of Kaspersky Security solution update differs from the "clean" installation procedure described in this section.
Installing in interactive mode using the wizard
To install the Integration Server and Integration Server Console in interactive mode using the wizard:
- On the device where Administration Console and Kaspersky Security Center Administration Server are installed, run the ksvla-components_<solution version number>_mlg.exe file. This file is included in the distribution kit.
Kaspersky Security components installation Wizard starts.
- Select the localization language of the Wizard and of the Kaspersky Security components and proceed to the next step of the Wizard.
By default, the localization language of the operating system installed on the device where the Wizard was started is used.
- Make sure that the Install management components option is selected and proceed to the next step of the Wizard.
The Wizard checks the amount of free space on the drive that contains the %ProgramData% folder. If there is less than 4 GB of free space on the drive, the Wizard displays an error message and you cannot proceed to the next step of the Wizard. If this is the case, close the Wizard, free up space on the drive, and restart the Kaspersky Security Components Installation Wizard.
- In the next step, read the Kaspersky Security End User License Agreement, which is concluded between you and Kaspersky, and the Privacy Policy, which describes the processing and transmission of data.
To continue the installation, you must confirm that you have fully read and accept the terms of the End User License Agreement and the Privacy Policy. To confirm, select both check boxes in the window of the Wizard.
Proceed to the next step of the wizard.
- Create the password of the Integration Server administrator (
admin) account. Theadminaccount is used for the following purposes:- To connect the Integration Server Console to the Integration Server if the device on which the Integration Server Console is installed is not part of a Microsoft Windows domain.
- To connect the Integration Server Web Console to the Integration Server.
Enter a password in the Password and Confirm password fields. The account name cannot be edited.
A password must be no longer than 60 characters. You can use only letters of the Latin alphabet (uppercase and lowercase letters), numerals, and the following special characters:
! # $ % & ' ( ) * " + , - . / \ : ; < = > _ ? @ [ ] ^ ` { | } ~. For security purposes, you are advised to set a password that is at least 8 characters long and use at least three of the four categories of characters: lowercase letters, uppercase letters, numerals, and special characters.Proceed to the next step of the wizard.
- If port 7271, which is the default port for connecting to the Integration Server, is occupied on the device where the wizard is running, the wizard will prompt you to specify a port number for connecting to the Integration Server.
In the Port field, specify a port number in the range of 1025–65535 and proceed to the next step of the Wizard.
- Review the information about the actions that the wizard will perform and click the Install button to begin performing the listed actions.
- Wait for the wizard to finish.
If an error occurs during wizard operation, the wizard rolls back the changes made.
- Click Finish to close the Wizard window.
Information about the work of the Wizard is written to trace files of the Kaspersky Security Components Installation Wizard. If the wizard completed with an error, you can use these files when contacting Technical Support.
Page topInstalling in silent mode using the wizard
Before starting installation of the Integration Server and Integration Server Console, it is recommended to close the Kaspersky Security Center Administration Console.
To install the Integration Server and Integration Server Console in silent mode using the wizard:
ksvla-components_<solution version number>_mlg.exe -q --lang=<language ID> --accept-EulaAndPrivacyPolicy=yes --viisPass=<password> [--log-path=<file path>] [--viisPort=<port number>]
where:
<solution version number>is the version number of the solution in X.X.X.X format.-qis an option specifying that the installation is performed in silent mode. If you want to run the installation interactively from the command line, do not specify this option.--lang=<language ID>is the identifier of the language of the components to install.The language ID must be indicated in the following format: ru, en, de, fr, zh-Hans, zh-Hant, ja. It is case-sensitive.
--accept-EulaAndPrivacyPolicy=yesmeans that you accept the terms of the Kaspersky Security End User License Agreement, concluded between you and Kaspersky, and the Privacy Policy, which describes the processing and transmission of data. By setting this parameter toyes, you confirm the following:- You have fully read, understood and accept the terms and conditions of the Kaspersky Security End User License Agreement.
- You have fully read and understood the Privacy Policy, you are aware and agree that your data will be handled and transmitted (including to third countries) as described in the Privacy Policy.
The text of the End User License Agreement and Privacy Policy is included in the solution's distribution kit. Accepting the terms of the End User License Agreement and Privacy Policy is a prerequisite for installing Integration Server and Integration Server Console.
You can read the text of the End User License Agreement and the Privacy Policy by executing the following command:
ksvla-components_<solution version number>_mlg.exe --lang=<language ID> --show-EulaAndPrivacyPolicyThe text of the End User License Agreement and the Privacy Policy is output to the license_<language ID>.txt file in the tmp folder.
--viisPass=<password>is the password of the Integration Server administrator account (admin). Theadminaccount is used for the following purposes:- To connect the Integration Server Console to the Integration Server if the device on which the Integration Server Console is installed is not part of a Microsoft Windows domain.
- To connect the Integration Server Web Console to the Integration Server.
A password must be no longer than 60 characters. You can use only letters of the Latin alphabet (uppercase and lowercase letters), numerals, and the following special characters:
! # $ % & ' ( ) * " + , - . / \ : ; < = > _ ? @ [ ] ^ ` { | } ~. For security purposes, you are advised to set a password that is at least 8 characters long and use at least three of the four categories of characters: lowercase letters, uppercase letters, numerals, and special characters.--log-path=<path to file>is the path to the file where information about installation results is saved.Optional parameter. By default, the installation results are logged in trace files saved at %temp%\Kaspersky_Security_for_Virtualization_<version number>_Light_Agent_BundleInitialInstall_logs_<date and time>.zip, where:
- <version number> refers to the number of the installed version of the Kaspersky Security solution;
- <date and time> refers to the date and time when the installation was completed in the dd_MM_yyyy_HH_mm_ss format.
--viisPort=<port number>is the port for connecting to the Integration Server.Optional parameter. Port number 7271 is used by default for connecting to the Integration Server. Specify this parameter if you want to use a different port to connect to the Integration Server.
To view a description of all available command line parameters for installing and updating Kaspersky Security components, use the --help parameter.
Installing the Integration Server and Integration Server Console takes some time. Information about the work of the Wizard is written to trace files of the Kaspersky Security Components Installation Wizard. If the wizard completed with an error, you can use these files when contacting Technical Support.
Page topInstalling manually
To remove the Integration Server and Integration Server Console manually:
- Place the ksvla-components_<solution version number>_mlg.exe file (where <version number> is the version number of the solution in X.X.X.X format) on the Windows device. This file is included in the distribution kit.
- Extract files required for installing Integration Server and Integration Server Console by running:
ksvla-components_<solution version>_mlg.exe -layout <folder> --accept-EulaAndPrivacyPolicy=yeswhere:
<solution version>is the version number of the solution in X.X.X.X format.<folder>is the path to the folder to extract the Integration Server and Integration Server Console installation files into. If you do not specify a folder path, the files are extracted into the 'data' subfolder inside the folder containing the ksvla-components_<solution version number>_mlg.exe file.accept-EulaAndPrivacyPolicy=yesmeans that you accept the terms of the Kaspersky Security End User License Agreement between you and Kaspersky and the Privacy Policy that describes processing and transmission of data. By setting this parameter toyes, you confirm the following:- You have fully read, understood and accept the terms and conditions of the Kaspersky Security End User License Agreement.
- You have fully read and understood the Privacy Policy, you are aware and agree that your data will be handled and transmitted (including to third countries) as described in the Privacy Policy.
Accepting the terms of the End User License Agreement and Privacy Policy is a prerequisite for installing Integration Server and Integration Server Console. You can read the text of the End User License Agreement and the Privacy Policy by executing the following command:
ksvla-components_<solution version>_mlg.exe --lang=<language ID> --show-EulaAndPrivacyPolicyThe text of the End User License Agreement and the Privacy Policy is output to the license_<language ID>.txt file in the tmp folder.
Running the command creates two subfolders with files inside the specified folder. The AttachedContainer subfolder includes the following files, among others:
- viis_service.msi – file required to install the Integration Server
- viis_console.msi – file required to install Integration Server Console
- Start the Integration Server installation process by running:
viis_service.msi ADMIN_VIIS_PASSWORD=<password>where:
<password>is the password of the Integration Server administrator account (admin). Theadminaccount is used for connecting Integration Server Console to Integration Server.A password must be no longer than 60 characters. You can use only letters of the Latin alphabet (uppercase and lowercase letters), numerals, and the following special characters:
! # $ % & ' ( ) * " + , - . / \ : ; < = > _ ? @ [ ] ^ ` { | } ~. For security purposes, you are advised to set a password that is at least 8 characters long and use at least three of the four categories of characters: lowercase letters, uppercase letters, numerals, and special characters.
- Launch the Integration Server Console installation process by running:
viis_console.msi
After installation is complete, you can start the Integration Server Console using the executable file located in the Integration Server Console installation folder.
Page topInstalling a Linux-based Integration Server
To install the Linux-based Integration Server, you need to install the Integration Server package on a device with the Linux operating system and perform the initial configuration of the Integration Server.
To install the Linux-based Integration Server package, run the command:
sudo apt-get install ./ksvla-viis_<build number>-<build number>_amd64.deb
If the device does not have the required packages, they may be installed automatically during installation of the Integration Server, or a warning will be displayed about the need to install them.
After completing the installation of the Integration Server, you need to perform the initial configuration of the Integration Server.
To perform the initial configuration of the Integration Server:
- Run the following command:
sudo /opt/kaspersky/viis/bin/viis-setup.shThe initial configuration script starts.
- When prompted by the script, do the following:
- Select the locale that will be used to display the End User License Agreement and Privacy Policy.
- Please read the text of the End User License Agreement, which is concluded between you and Kaspersky, and the Privacy Policy, which describes the processing and transfer of data. To continue the installation, you must confirm that you have fully read and accept the terms of the End User License Agreement and the Privacy Policy.
Files with the text of the End User License Agreement and Privacy Policy are located in the directory /opt/kaspersky/viis/doc/EULA/<language identifier>/license.txt.
- Specify the port number to connect to the Integration Server.
- Create the password of the Integration Server administrator (
admin) account.
When the script ends and the console is no longer busy, the initial configuration process is complete. After the initial configuration is complete, the Integration Server starts and is ready to work.
Integration Server Web Console is used to manage the Linux-based Integration Server. The Integration Server Web Console becomes available in Kaspersky Security Center Web Console after installing the Integration Server web plug-in.
You can view the installation results and the installed version of the Linux-based Integration Server by running the command:
# apt show ksvla-viis
Installing Kaspersky Security web plug-ins
To manage Kaspersky Security solution components via Kaspersky Security Center Web Console, you need to install:
- Management web plug-in for the Protection Server (Kaspersky Security for Virtualization <version number> Light Agent – Protection Server)
- Management web plug-in for Light Agent for Linux (Kaspersky Endpoint Security for Linux running in Light Agent mode) and/or management web plug-in for Light Agent for Windows (Kaspersky Endpoint Security for Windows running in Light Agent mode)
- Management web plug-in for the Integration Server (Kaspersky Security for Virtualization <version number> Light Agent – Integration Server), if you want to use Integration Server Web Console to manage the Integration Server
To install a web plug-in:
- In the Kaspersky Security Center Web Console main window, select Settings → Web plug-ins.
The list of installed web plug-ins opens.
- Start installation of the Kaspersky Security web plug-in in one of the following ways:
- Installing from a list of Kaspersky web plug-ins:
- Click the Add button.
A list of all available Kaspersky web plug-ins opens. The list is updated automatically as new web plug-in versions are released.
- Find the required web plug-in in the list and click the plug-in name.
- In the web plug-in description window that opens, click Install plug-in.
- Wait for the installation process to finish and click OK in the information window.
- Click the Add button.
- Installing a web plug-in from a third-party source. The solution distribution kit includes archives required for installing web plug-ins.
- Click the Add from file button.
- In the window that opens, download the ZIP archive with the web plug-in distribution and the file with the signature in TXT format. ZIP archives with web plug-in distributions and signed files are located in the archives with web plug-ins that are included in the solution distribution kit.
- Click the Add button.
- Wait for the installation process to finish and click OK in the information window.
- Installing from a list of Kaspersky web plug-ins:
Newly installed plug-ins are displayed in the list of installed web plug-ins.
Page topInstalling Kaspersky Security MMC plug-ins
To manage Kaspersky Security solution components via Kaspersky Security Center Administration Console, you need to install:
- Management MMC plug-in for the Protection Server (Kaspersky Security for Virtualization <version number> Light Agent – Protection Server)
- Management MMC plug-in for Light Agent for Linux (Kaspersky Endpoint Security for Linux running in Light Agent mode) and/or management MMC plug-in for Light Agent for Windows (Kaspersky Endpoint Security for Windows running in Light Agent mode)
We recommend closing the Kaspersky Security Center Administration Console before starting the installation of the MMC plug-ins.
To install the MMC plug-in,
on the device where Kaspersky Security Center Administration Console is installed, run the klcfginst.msi file.
The files required for installing MMC plug-ins are included in the Kaspersky Security solution distribution kit.
After installation, the MMC plug-ins appear in the list of installed management MMC plug-ins in the properties of the Kaspersky Security Center Administration Server.
To view the list of installed management MMC plug-ins:
- In the Kaspersky Security Center Administration Console tree, select the Administration Server: <server name> node, and open the Administration Server properties window in one of the following ways:
- Using the Properties command in the context menu of the Administration Server <server name> node.
- Using the Administration Server properties link in the workspace of the Administration Server <server name> node in the Administration Server section.
- In the list on the left, in the Additional section, select the Information about the installed application management plug-ins section.
SVM deployment using the Integration Server Web Console
Before deployment, you need to download the SVM images and SVM image description files.
To deploy an SVM using Integration Server Web Console, you need to do the following:
- Configure the connection of the Integration Server to the virtual infrastructure in which you want to deploy the SVM.
- Create and run an SVM deployment task for the Integration Server in the selected infrastructure.
After it starts, the task appears in the task list in Integration Server Web Console, in the SVM management section, and is added to the task queue on the Integration Server. You can view information about each task and its execution status.
Upon successful completion of the task, the SVM is deployed to the selected infrastructure.
Connecting the Integration Server and the virtual infrastructure
To configure the Integration Server's connection to the virtual infrastructure:
- Open Integration Server Web Console and connect to the Integration Server.
- Go to the List of virtual infrastructures section.
- Click the Add button.
- In the Add virtual infrastructure window that opens, specify the following required settings:
- Infrastructure object type
- Protocol
The Protocol field is displayed if you are configuring a connection to a virtual infrastructure based on the OpenStack platform, VK Cloud platform or TIONIX Cloud Platform.
- Infrastructure object address
- Account settings for connecting to the infrastructure with administrator rights:
- OpenStack domain
The OpenStack domain field is displayed if you are configuring a connection to a virtual infrastructure based on the OpenStack platform, VK Cloud platform or TIONIX Cloud Platform.
- User name
- Password
- OpenStack domain
- In a virtual infrastructure based on XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, OpenStack, Alt Virtualization Server, Astra Linux, Numa vServer, VK Cloud platform, or TIONIX Cloud Platform, we also recommend specifying an account that has limited rights to perform actions in the virtual infrastructure. Under this account, the Integration Server will connect to the virtual infrastructure while Kaspersky Security is running in order to get information about SVMs available for connection and to distribute Light Agents between SVMs.
To set restricted permissions for a user account:
- Click Add an account with restricted permissions in the Account with restricted permissions section.
- In the window that opens, specify the account name and password.
- Click the Save button.
If an account with restricted permissions is not configured the Integration Server uses the same user account that is used for SVM deployment, removal and reconfiguration, to connect to the virtual infrastructure while Kaspersky Security is running.
In a virtual infrastructure running on the Microsoft Hyper-V platform, you can connect to the virtual infrastructure during Kaspersky Security operation only by using the same user account that is used for SVM deployment, removal and reconfiguration.
- In a virtual infrastructure based on the VMware vSphere platform, you can configure the use of VMware NSX Manager by the Kaspersky Security solution:
- Click the Save button in the Add virtual infrastructure window.
The Integration Server adds the selected virtual infrastructure objects to the list and attempts to establish a connection.
The Integration Server verifies the authenticity of all virtual infrastructure objects with which the connection is established.
Authenticity is not verified for a Microsoft Windows Server (Hyper-V) hypervisor.
For Keystone microservices, authenticity is verified only when using the HTTPS protocol to connect the Integration Server to the virtual infrastructure.
To verify authenticity, the Integration Server receives an SSL certificate or fingerprint of the public key from each virtual infrastructure object and verifies them.
If the authenticity of the received certificate(s) cannot be established, the Verify certificate window opens with a message about this. Click the link in this window to view the details of the received certificate. If the certificate complies with the security policy of your organization, you can confirm the authenticity of the certificate and continue connecting to the virtual infrastructure object. The received certificate will be installed as a trusted certificate on the device where the Integration Server is installed. If you do not consider this certificate to be authentic, click the Cancel connection button in the Verify certificate window to disconnect, and replace the certificate with a new one.
If the authenticity of the open key could not be established, the Verify public key fingerprint window opens with a message about this. You can confirm the authenticity of the open key and continue the connection. The public key fingerprint will be saved on the device where the Integration Server is installed. If you do not consider this open key to be authentic, click the Cancel connection button in the Verify public key fingerprint window to terminate the connection.
If a connection to a virtual infrastructure object could not be established, information about connection errors is displayed in the list of infrastructures in the Status column.
Using the buttons above the table, you can:
- refresh the list of virtual infrastructures
- sort and search the list
- edit the settings for connecting the Integration Server to virtual infrastructures
- delete settings for connecting to virtual infrastructures
- export the list in CSV format
Creating and running an SVM deployment task
To create and run an SVM deployment task for the Integration Server:
- Open Integration Server Web Console and connect to the Integration Server.
- Go to the SVM management section.
- Click the New task button and select SVM deployment from the drop-down list.
The Integration Server New Task Wizard will start.
- Follow the wizard instructions.
Selecting infrastructure for SVM deployment
At this step, the table displays information about the virtual infrastructures to which connections are configured for the Integration Server. If SVMs are already deployed in the virtual infrastructure, the table also contains information about them. Each row of the table displays the following information about the virtual infrastructure:
You can search the list of virtual infrastructure objects based on the Name/Address column. The table displays only those virtual infrastructure objects that meet the search criteria. To reset the search results, delete the contents of the search field.
You can update the list of virtual infrastructure objects using the Refresh button above the table. When updating a list, the Integration Server verifies the SSL certificates or fingerprints of the public key, just like what happens when adding virtual infrastructure objects to the list.
To select infrastructure for SVM deployment:
- Depending on the type of the virtual infrastructure, select checkboxes in the table to the left of the names of the hypervisors on which you want to deploy an SVM, or the OpenStack projects in which you want to deploy an SVM. You can select hypervisors or OpenStack projects to which the Integration Server has successfully connected.
If SVMs are being deployed in an infrastructure based on the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform, simultaneous SVM deployment in different infrastructures is not supported. You can deploy SVMs in only one of these infrastructures at a time, or in one or more infrastructures of other types.
The simultaneous deployment of SVMs within OpenStack projects, which are running on different Keystone microservices, is not supported. You can simultaneously deploy SVMs only in OpenStack projects that are running on the same Keystone microservice.
Simultaneous deployment of SVMs to hypervisors of different types (for example, to a VMware ESXi hypervisor and a KVM hypervisor) is not supported.
- If you want to allow parallel deployment of multiple SVMs, select the Allow parallel deployment of N SVMs check box and specify the number of SVMs that should be deployed in parallel.
Proceed to the next step of the wizard.
Page topSelecting the SVM image
At this step, select the file of the SVM image for deployment. The SVM image file and SVM image description file (in XML format) must be placed on the device where the Integration Server is installed, into a single folder that the Integration Server has read access to.
To specify the SVM image, in the field, enter the path to the SVM image description file (in XML format) relative to the file system of the device on which the Integration Server is installed, and click the Select button.
The Wizard automatically selects the required SVM image file:
- An XVA file for deployment on a XenServer hypervisor or on a Numa vServer hypervisor.
- An OVA file for deployment on a VMware ESXi hypervisor.
- A QCOW2 file for deployment on a KVM hypervisor (including on a KVM hypervisor running on OpenStack platform, Astra Linux, VK Cloud Platform or TIONIX Cloud Platform), on a Proxmox VE hypervisor, on a R-Virtualization hypervisor, on a HUAWEI FusionCompute CNA hypervisor, on a Nutanix AHV hypervisor, or on an ALT Virtualization Server platform basic hypervisor.
The window displays the following information about the selected image:
- Vendor is the name of the vendor of the solution that the SVM is part of.
- Publisher is the name of the publisher of the solution that the SVM is part of. If the image is authentic, the Publisher field displays the value
AO Kaspersky Lab.If the authenticity of the image has not been verified, an error message is displayed at the top of the window, and
Unknownis displayed in the Publisher field.If the authenticity of the image has not been verified, it is recommended to use a different image for SVM deployment. To do this, you need to re-download the archive with the files necessary for SVM deployment.
- Solution name is the name of the solution that the SVM is part of.
- SVM version is the SVM version number.
- Description is a brief description of the SVM image.
- Virtual drive size is the amount of disk space required to deploy the SVM.
It is recommended to validate the SVM image. To do so, click the Validate button in the SVM image integrity check section. The verification results are displayed in the window as follows:
- If the image file integrity check is successful, the
Completed successfullymessage is displayed. - If the image file gets modified or corrupted while being transmitted from the publisher to the end user or if the image format is not supported, the upper part of the window shows an error message and the SVM image integrity check section displays information about the detected problem.
If an SVM image file integrity check ended with an error, it is recommended to use a different image for SVM deployment. To do this, you need to re-download the archive with the files necessary for SVM deployment.
If the authenticity of an image has been verified and the image file integrity check completed successfully, proceed to the next step of the Wizard.
If the authenticity of an image has not been verified or an image file integrity check has not been performed or ended with an error but you accept the risk and want to use the selected SVM image, to proceed to the next step of the Wizard you need to select the check box located in the lower part of the window.
Page topSelecting the number of SVMs for deployment (infrastructures based on OpenStack)
This step is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
For this step, you must specify the number of SVMs to be deployed on the hypervisors within each selected OpenStack project. The OpenStack project name column displays the name of the project that the SVM will be deployed in, as well as the project path in the infrastructure.
In the Number of SVMs column, specify the number of SVMs to be deployed on the hypervisors within the OpenStack project.
Proceed to the next step of the wizard.
Page topSpecifying SVM settings
This step is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.
At this step, you need to specify the name of the SVM and select the storage on the hypervisor where the SVM will be deployed. The Hypervisor address column displays the IP address in IPv4 format or the fully qualified domain name (FQDN) of the hypervisor on which the SVM will be deployed.
Specify the following settings:
Proceed to the next step of the wizard.
Page topSpecifying SVM settings (infrastructures based on OpenStack)
This step is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
On this step, you must specify deployment settings for each SVM that is to be deployed within the selected OpenStack projects. The OpenStack project name column displays the name of the project that the SVM will be deployed in, as well as the project path in the infrastructure.
Specify the following settings required for SVM deployment:
You can also specify the following settings:
Proceed to the next step of the wizard.
Page topConfiguring SVM network settings (infrastructures based on OpenStack)
For this step, you must specify network settings for each SVM to be deployed.
The window displays the following information:
- Hypervisor address
The Hypervisor address column is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.
- OpenStack project name
The OpenStack project name column is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
For each SVM, specify one or more virtual networks in the Network name column.
You can also specify the following settings:
- VLAN ID
The VLAN ID column is displayed if you are deploying the SVM in a virtual infrastructure based on Microsoft Hyper-V platform or in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
- Security group
The Security group column is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
Proceed to the next step of the wizard.
Page topConfiguring IP address settings for SVM
For this step, you must specify IP addressing settings for all SVMs. You can use dynamic or static IP addressing.
If you want to specify all network settings of the SVM manually, select:
- Select Static IP addressing. This opens a table containing the following information:
- Hypervisor address
The Hypervisor address column is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.
- OpenStack project name
The OpenStack project name column is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
- SVM name
- Network name
- Hypervisor address
- Specify the following IP addressing settings for each SVM:
- DNS server
- alternative DNS server
- SVM IP address
- Subnet mask
- gateway
If you specified several virtual networks for the SVM at the previous step, specify the settings for each virtual network.
If you want to use DHCP network settings for all SVMs:
- Select Dynamic IP addressing (DHCP).
By default, the IP address of the DNS server and the IP address of the alternative DNS server received over the DHCP protocol are used for each SVM (the Use list of DNS servers received via DHCP check box is selected). If you specified several virtual networks for the SVM at the previous step, by default the network settings for the SVM are received from the DHCP server of the first virtual network in the list of the specified virtual networks.
- If you want to manually specify the IP address of the DNS server and alternative DNS server, clear the Use list of DNS servers received via DHCP check box. This opens a table containing the following information:
- Hypervisor address
The Hypervisor address column is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.
- OpenStack project name
The OpenStack project name column is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
- SVM name
Specify the IP addresses of DNS servers in the DNS server and Alternative DNS server table columns.
- Hypervisor address
Proceed to the next step of the wizard.
Page topSpecifying Kaspersky Security Center connection settings
At this step, you must specify the settings of SVM connection to the Kaspersky Security Center Administration Server.
Specify the following settings:
Proceed to the next step of the wizard.
Page topCreating the configuration password and the root account password
At this step, you need to create a klconfig account password (configuration password) and a root account password on the SVM.
The configuration password is required for SVM reconfiguration. The root user account is used for access to the operating system on SVMs.
Enter passwords for each account into the Password and Confirm password fields.
Passwords must be no longer than 60 characters. You can use only letters of the Latin alphabet (uppercase and lowercase letters), numerals, and the following special characters: ! # $ % & ' ( ) * " + , - . / \ : ; < = > _ ? @ [ ] ^ ` { | } ~. For security purposes, you are advised to set passwords that are at least 8 characters long and use at least three of the four categories of characters: lowercase letters, uppercase letters, numerals, and special characters.
If you want to configure access to SVMs over SSH under the root account, select the Allow remote access to SVM for the root account via SSH check box.
Proceed to the next step of the wizard.
Page topStart task for SVM deployment
This step is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.
This step displays all the settings of the created SVM deployment task for the Integration Server:
- The task name is generated automatically and contains the task type. You can use this name to find the task in the list in Integration Server Web Console, in the SVM management section.
- The list at the top of the window contains general settings for all SVMs that will be deployed by the task:
- The table at the bottom of the window contains individual settings for each SVM:
- Hypervisor address
- SVM name
- Storage
- Network name
- VLAN ID
The VLAN ID is displayed if you are deploying the SVM in the virtual infrastructure running on Microsoft Hyper-V platform.
- All IP addressing settings that you provided for the SVM.
To start the SVM deployment task, click the Start button.
You can monitor the task progress in Integration Server Web Console, in the SVM management section.
Page topStarting an SVM deployment task (OpenStack-based infrastructure)
This step is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
This step displays all the settings of the created SVM deployment task for the Integration Server:
- The task name is generated automatically and contains the task type. You can use this name to find the task in the list in Integration Server Web Console, in the SVM management section.
- The list at the top of the window contains general settings for all SVMs that will be deployed by the task:
- The table at the bottom of the window contains individual settings for each SVM:
- OpenStack project name
- SVM name
- Virtual machine type
- Volume type
- Availability zone
- Server group
- Network name
- VLAN ID
- Security group
- All IP addressing settings that you provided for the SVM.
To start the SVM deployment task, click the Start button.
You can monitor the task progress in Integration Server Web Console, in the SVM management section.
Page topViewing information about task execution
You can monitor the progress of tasks in Integration Server Web Console, in the SVM management section.
To view information about a task for the Integration Server:
- Open Integration Server Web Console and connect to the Integration Server.
- Go to the SVM management section.
In the window that opens, a list of tasks for the Integration Server is displayed as a table. The list contains the Integration Server tasks that you created and ran using the wizard (SVM deployment, reconfiguration, and removal tasks), as well as SVM image verification tasks that are created automatically when you run an SVM image file integrity check while creating SVM deployment tasks. The task is placed in the list immediately after its creation and is automatically deleted from the list some time after the task has been completed (successfully or with an error) or canceled. By default, completed or canceled tasks are listed for 60 minutes.
If necessary, you can cancel tasks that have not yet been completed. To do this, select the task in the list and click the Cancel button located above the table.
For tasks that are running, their progress is displayed. If a task completes with an error, an error message is displayed.
- To view detailed information about a task, click on the task name.
The window that opens displays the following information about the selected task:
- Task name
- Task type
- Time when the task was created
- Time when the task transitioned from the current status
- Current task status and an error message if the task was completed with an error
- List of all SVMs on which the task is running, and the progress of the task on each SVM Each row in the list contains the following information:
- SVM name
- IP address of the SVM in IPv4 format
- Task status on the SVM, and an error message if the task was completed with an error
- Location of the SVM in the virtual infrastructure (address and type of hypervisor or the OpenStack project name, address and type of infrastructure)
- For Deployment or Reconfiguration tasks, you can view information about the execution of stages of a task on the selected SVM. To open the list of stages, click on the SVM name in the list.
In the window that opens, information about the execution of each stage of the task on an individual SVM is displayed in the form of a table:
- Stage name
- Stage start time
- Stage execution status and error message if an error occurred at this stage
- Stage end time
Deploying SVMs using the Integration Server Console
If you use the Integration Server Console, SVMs are deployed using the SVM Management Wizard, which is launched from the Integration Server Console.
Following the instructions of the SVM Management Wizard, you need to configure the wizard's connection to the virtual infrastructure, specify all the SVM deployment settings, and start the deployment.
Information about SVM deployment results is displayed in the last step of the wizard.
Before deployment, you need to download the SVM images and SVM image description files.
To deploy SVMs using the Integration Server Console:
- Open Integration Server Console and connect to the Integration Server.
- In the SVM management section, click the SVM management button to start the SVM Management Wizard.
- Follow the wizard instructions.
Selecting an action
At this step, choose the SVM deployment option.
Proceed to the next step of the wizard.
Page topSelecting infrastructure for SVM deployment
At this step, you need to select the virtual infrastructure in which you want to deploy the SVM. If SVM deployment was not previously performed in this virtual infrastructure, you need to configure the connection of the SVM Management Wizard to the virtual infrastructure. Then select the hypervisors or OpenStack projects for SVM deployment depending on the type of virtual infrastructure.
To configure the connection of SVM Management Wizard to the virtual infrastructure:
- Click the Add button.
- In the Virtual infrastructure connection settings window that opens, specify the following settings:
- Type
- Protocol
The Protocol field is displayed if you are configuring a connection to a virtual infrastructure based on the OpenStack platform, VK Cloud platform or TIONIX Cloud Platform.
- Addresses
- OpenStack domain
The OpenStack domain field is displayed if you are configuring a connection to a virtual infrastructure based on the OpenStack platform, VK Cloud platform or TIONIX Cloud Platform.
- User name
- Password
- If you are deploying SVMs in a virtual infrastructure based on XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, OpenStack, Alt Virtualization Server, Astra Linux, Numa vServer, VK Cloud platform, or TIONIX Cloud Platform, to connect the Integration Server to the virtual infrastructure while Kaspersky Security is running, we recommend using an account that has limited rights to perform actions in the virtual infrastructure. Select the Account with restricted permissions check box and specify the settings of the user account that the Integration Server will use to connect to the virtual infrastructure during operation of Kaspersky Security.
If the check box is cleared, during Kaspersky Security operation the Integration Server will connect to the virtual infrastructure using the same user account that is used for SVM deployment, removal and reconfiguration.
In a virtual infrastructure running on the Microsoft Hyper-V platform, you can connect to the virtual infrastructure during Kaspersky Security operation only by using the same user account that is used for SVM deployment, removal and reconfiguration.
- Click the Connect button.
The Virtual infrastructure connection settings window closes. The Wizard adds the selected virtual infrastructure objects to the list and attempts to establish a connection.
The Wizard verifies the authenticity of all virtual infrastructure objects with which the connection is established.
Authenticity is not verified for a Microsoft Windows Server (Hyper-V) hypervisor.
For Keystone microservices, authenticity is verified only when using the HTTPS protocol to connect the SVM Management Wizard to the virtual infrastructure.
To verify authenticity, the Wizard receives the SSL certificate or fingerprint of the public key from each virtual infrastructure object and verifies them.
If the authenticity of the received certificate(s) cannot be established, the Verify certificate window opens with a message about this. Click the link in this window to view the details of the received certificate. If the certificate complies with the security policy of your organization, you can confirm the authenticity of the certificate and continue connecting to the virtual infrastructure object. The received certificate will be installed as a trusted certificate on the device where the Kaspersky Security Center Administration Console is installed. If you do not consider this certificate to be authentic, click the Cancel button in the Verify certificate window to disconnect, and replace the certificate with a new one.
If the authenticity of the open key could not be established, the Verify public key fingerprint window opens with a message about this. You can confirm the authenticity of the open key and continue the connection. The open key fingerprint will be saved on the device where the Kaspersky Security Center Administration Console is installed. If you do not consider this open key to be authentic, click the Cancel button in the Verify public key fingerprint window to terminate the connection.
If a connection cannot be established with a virtual infrastructure object, information about the connection errors is displayed in the table.
The table displays information about the virtual infrastructures to which connections are configured in the SVM Management Wizard. If SVMs are already deployed in the virtual infrastructure, the table also contains information about them. Each row of the table displays a hierarchical list of virtual infrastructure objects and the following information:
You can search the list of virtual infrastructure objects based on the Name/Address column. The search starts as you type in the Search field. The table displays only those virtual infrastructure objects that meet the search criteria. To reset the search results, delete the contents of the Search field.
You can update the list of virtual infrastructure objects using the Refresh button above the table. When updating a list, the Wizard verifies the SSL certificates or fingerprints of the public key, just like what happens when adding virtual infrastructure objects to the list.
You can use buttons in the Name/Address column to:
- Remove selected virtual infrastructure from the list.
The Integration Server continues to connect to the virtual infrastructure removed from this list, and to receive the information required for SVM operation.
- If you cannot connect to the virtual infrastructure, open the Virtual infrastructure connection settings window to change the settings of the account used to make the connection.
After the settings are modified, the Wizard verifies the SSL certificates or fingerprints of the public key, just like what happens when adding virtual infrastructure objects to the list.
To select infrastructure for SVM deployment:
- Depending on the type of the virtual infrastructure, select check boxes in the table to the left of the names of the hypervisors on which you want to deploy an SVM, or the OpenStack projects in which you want to deploy an SVM.
You can select hypervisors or OpenStack projects that are not subject to SVM deployment restrictions.
If SVMs are being deployed in an infrastructure based on the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform, simultaneous SVM deployment in different infrastructures is not supported. You can deploy SVMs in only one of these infrastructures at a time, or in one or more infrastructures of other types.
The simultaneous deployment of SVMs within OpenStack projects, which are running on different Keystone microservices, is not supported. You can simultaneously deploy SVMs only in OpenStack projects that are running on the same Keystone microservice.
- If you want to allow concurrent deployment of multiple SVMs, select the Allow parallel deployment on N hypervisors or Allow parallel deployment on N SVMs check box (depending on the type of virtual infrastructure) and specify the number of SVMs to be deployed concurrently.
Proceed to the next step of the wizard.
Page topSelecting the SVM image
At this step, select the file of the SVM image for deployment on the hypervisor. The SVM image file and SVM image description file (in XML format) must be placed in the same folder on the device where the Kaspersky Security Center Administration Console is installed, or in the same folder on a network resource to which the user account performing the installation has read access. If you are installing the Protection Server on different types of hypervisors, the SVM image files for each type of hypervisor and the SVM image description file must be located in the same folder.
To specify the SVM image, click Browse and in the window that opens select the SVM image description file (in XML format).
After a file has been selected, the field to the left of the button displays the full path to the file and its name. The Wizard automatically selects the required SVM image file:
- A VHDX file for deployment on a Microsoft Windows Server (Hyper-V) hypervisor.
- An XVA file for deployment on a XenServer hypervisor or on a Numa vServer hypervisor.
- An OVA file for deployment on a VMware ESXi hypervisor.
- A QCOW2 file for deployment on a KVM hypervisor (including on a KVM hypervisor running on OpenStack platform, Astra Linux, VK Cloud Platform or TIONIX Cloud Platform), on a Proxmox VE hypervisor, on a R-Virtualization hypervisor, on a HUAWEI FusionCompute CNA hypervisor, on a Nutanix AHV hypervisor, or on an ALT Virtualization Server platform basic hypervisor.
The window displays the following information about the selected image:
- Vendor is the name of the vendor of the solution that the SVM is part of.
- Publisher is the name of the publisher of the solution that the SVM is part of.
- Solution name is the name of the solution that the SVM is part of.
- SVM version is the version number of the SVM image.
- Description is a brief description of the SVM image.
- Virtual drive size is the amount of disk space required to deploy the SVM.
The Wizard verifies the authenticity of the image. The verification results are displayed in the window as follows:
- If the image is authentic, the Publisher field displays the value
AO Kaspersky Lab. - If the authenticity of the image has not been verified, an error message is displayed at the top of the window, and
Unknownis displayed in the Publisher field.
If the authenticity of the image has not been verified, it is recommended to use a different image for SVM deployment. To do this, you need to re-download the archive with the files necessary for SVM deployment using the Kaspersky Security Components Installation Wizard or on the Kaspersky website.
The SVM image integrity check section displays information about the results of SVM image file integrity check for each type of hypervisor. If integrity check was not performed, the Validation not performed message is displayed.
It is recommended to validate the SVM image. To do so, click the Validate button in the SVM image integrity check section. The verification results are displayed in the window as follows:
- If the image file successfully passed the integrity check, the
Validmessage is displayed. - If the image file gets modified or corrupted while being transmitted from the publisher to the end user or if the image format is not supported, the upper part of the window shows an error message and the SVM image integrity check section displays information about the detected problem.
If an SVM image file integrity check ended with an error, it is recommended to use a different image for SVM deployment. To do this, you need to re-download the archive with the files necessary for SVM deployment using the Kaspersky Security Components Installation Wizard or on the Kaspersky website.
If the authenticity of an image has been verified and the image file integrity check completed successfully, proceed to the next step of the Wizard.
If the authenticity of an image has not been verified or an image file integrity check has not been performed or ended with an error but you accept the risk and want to use the selected SVM image, to proceed to the next step of the Wizard you need to select the check box located in the lower part of the window.
Page topSelecting the number of SVMs for deployment (infrastructures based on OpenStack)
This step is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
For this step, you must specify the number of SVMs to be deployed on the hypervisors within each selected OpenStack project. The OpenStack project column displays the name of the project that the SVM will be deployed in, as well as the project path in the infrastructure.
In the Number of SVMs column, specify the number of SVMs to be deployed on the hypervisors within the OpenStack project.
Proceed to the next step of the wizard.
Page topSpecifying SVM settings
This step is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.
For this step, you must specify deployment options for each SVM to be deployed on the selected hypervisors. The Hypervisor column displays the IP address in IPv4 format or the fully qualified domain name (FQDN) of the hypervisor on which the SVM will be deployed.
Specify the following settings required for SVM deployment:
If you are deploying an SVM in a virtual infrastructure running the Microsoft Hyper-V platform, you can also specify the VLAN ID.
Proceed to the next step of the wizard.
Page topSpecifying SVM settings (infrastructures based on OpenStack)
This step is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
On this step, you must specify deployment settings for each SVM that is to be deployed within the selected OpenStack projects. The OpenStack project column displays the name of the project that the SVM will be deployed in, as well as the project path in the infrastructure.
Specify the following settings required for SVM deployment:
You can also specify the following settings:
Proceed to the next step of the wizard.
Page topConfiguring SVM network settings (infrastructures based on OpenStack)
This step is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
For this step, you must specify network settings for each SVM to be deployed within the selected OpenStack projects. The OpenStack project column displays the name of the project that the SVM will be deployed in, as well as the project path in the infrastructure.
For each SVM, specify one or more virtual networks in the Network name column.
You can also specify the following settings:
Proceed to the next step of the wizard.
Page topConfiguring IP address settings for SVM
For this step, you must specify IP addressing settings for all SVMs. You can use dynamic or static IP addressing.
If you want to use DHCP network settings for all SVMs:
- Select Dynamic IP addressing (DHCP).
By default, the IP address of the DNS server and the IP address of the alternative DNS server received over the DHCP protocol are used for each SVM (the Use list of DNS servers received via DHCP check box is selected). If you specified several virtual networks for the SVM at the previous step, by default the network settings for the SVM are received from the DHCP server of the first virtual network in the list of the specified virtual networks.
- If you want to manually specify the IP address of the DNS server and alternative DNS server, clear the Use list of DNS servers received via DHCP check box. This opens a table containing the following information:
- Hypervisor
The Hypervisor column is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.
- OpenStack project
The OpenStack project column is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
- SVM name
Specify the IP addresses of DNS servers in the DNS server and Alternative DNS server table columns.
- Hypervisor
If you want to specify all network settings of the SVM manually, select:
- Select Static IP addressing. This opens a table containing the following information:
- Hypervisor
The Hypervisor column is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.
- OpenStack project
The OpenStack project column is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
- SVM name
- Network name
- Hypervisor
- Specify the following IP addressing settings for each SVM:
- SVM IP address
- Subnet mask
- Gateway
- DNS server
- Alternative DNS
If you specified several virtual networks for the SVM at the previous step, specify the settings for each virtual network.
Proceed to the next step of the wizard.
Page topSpecifying Kaspersky Security Center connection settings
This step is performed if the wizard cannot automatically determine the settings for connecting to Kaspersky Security Center.
At this step, you must specify the settings of SVM connection to the Kaspersky Security Center Administration Server.
Specify the following settings:
Proceed to the next step of the wizard.
Page topCreating the configuration password and the root account password
At this step, you need to create a klconfig account password (configuration password) and a root account password on the SVM.
The configuration password is required for SVM reconfiguration. The root user account is used for access to the operating system on SVMs.
Enter passwords for each account into the Password and Confirm password fields.
Passwords must be no longer than 60 characters. You can use only letters of the Latin alphabet (uppercase and lowercase letters), numerals, and the following special characters: ! # $ % & ' ( ) * " + , - . / \ : ; < = > _ ? @ [ ] ^ ` { | } ~. For security purposes, you are advised to set passwords that are at least 8 characters long and use at least three of the four categories of characters: lowercase letters, uppercase letters, numerals, and special characters.
If you want to configure access to SVMs over SSH under the root account, select the Allow remote access to SVM for the root account via SSH check box.
Proceed to the next step of the wizard.
Page topStarting SVM deployment
This step is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.
For this step, the wizard window displays all previously entered settings required for deploying the SVM:
General settings for all SVMs:
- SVM image description file
- SVM IP settings
- SSH-based remote access to the SVM for the root account
- Kaspersky Security Center connection settings
- Parallel deployment
Individual settings for each SVM:
- Hypervisor
- SVM name
- Storage
- Network name
- VLAN ID
The VLAN ID is displayed if you are deploying the SVM in the virtual infrastructure running on Microsoft Hyper-V platform.
- All IP addressing settings that you provided for the SVM.
To start deploying SVMs, go to the next step of the wizard.
Page topStarting SVM deployment (infrastructures based on OpenStack)
This step is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.
For this step, the wizard window displays all previously entered settings required for deploying the SVM:
General settings for all SVMs:
- Keystone microservice address
- SVM image description file
- SVM IP settings
- SSH-based remote access to the SVM for the root account
- Kaspersky Security Center connection settings
- Parallel deployment
Individual settings for each SVM:
- OpenStack project
- SVM name
- Virtual machine type
- Volume type
- Availability zone
- Server group
- Network name
- VLAN ID
- Security group
- All IP addressing settings that you provided for the SVM.
To start deploying SVMs, go to the next step of the wizard.
Page topSVM deployment
At this step, SVMs are deployed on hypervisors. The process takes some time. Please wait until deployment is complete.
The window shows, one row at a time, the stages of deployment of each SVM with the status of each stage: Processing N%, Pending, Skipped, Completed, Error.
After SVM deployment is complete, you are advised to make sure that the Integration Server is running and can be accessed by the SVM over the network.
If an error occurs on a hypervisor during the SVM deployment process, the Wizard rolls back the changes on this hypervisor. Deployment continues on the other hypervisors.
When deployment is completed, SVM is turned on automatically.
Proceed to the next step of the wizard.
Page topFinishing SVM deployment
This step displays information about the SVM deployment results in the virtual infrastructure.
You can use the links to open a brief report and the SVM Management Wizard log.
You can view the following information in the brief report:
- Addresses of the hypervisors on which SVMs were deployed, or OpenStack projects, within which SVMs were deployed (depending on the type of virtual infrastructure).
- Names of deployed SVMs.
- Brief description of the completed stages of deployment of each SVM, including the start and end times of each stage. If an error occurred during a particular stage, the relevant information is reflected in the report.
The brief report is saved in a temporary file. To be able to use information from the report later, save the log file in a permanent storage location.
The SVM Management Wizard log saves information specified by you at every step of the wizard. If the SVM deployment process ends in an error, you can use the wizard log when contacting Technical Support.
The SVM Management Wizard log is saved on the device where the wizard was launched, in the file %LOCALAPPDATA%\Kaspersky Lab\Kaspersky VIISLA Console\logs\KasperskyDeployWizard_<file creation date and time>.log and does not contain account passwords. A new log file is created each time the wizard starts.
Finish the wizard.
If your virtual infrastructure uses a Microsoft Windows Server (Hyper-V) hypervisor, after SVM deployment the event log may contain an event indicating the need to update the Integration Services package on the SVM. You can ignore this notification because the Integration Services do not need to be updated to operate the SVM.
Page topAutomatically creating tasks and a default policy for the Protection Server
The Kaspersky Security Center Initial Configuration Wizard lets you automatically create a default Protection Server policy and an Update databases and solution modules task for the Protection Server. The Initial Configuration Wizard is available in Kaspersky Security Center Administration Console and in Kaspersky Security Center Web Console.
If you use Kaspersky Security Center Web Console, the Initial Configuration Wizard starts the first time you launch Kaspersky Security Center Web Console.
You can also run the Initial Configuration Wizard manually.
How to run the Initial Configuration Wizard in Kaspersky Security Center Web Console
If you use Kaspersky Security Center Administration Console, the Initial Configuration Wizard starts automatically the first time you launch Administration Console after installing the management MMC plug-in for the Protection Server.
If the Initial Configuration Wizard for the managed application was not started automatically, you can manually start it.
How to run the Initial Configuration Wizard in Kaspersky Security Center Administration Console
Creating an Update databases and solution modules task for the Protection Server
An Update Solution Databases and Modules task is created for the Managed devices administration group and lets you download an update package for the databases and application modules of the Kaspersky Security solution to all SVMs that will be moved to the Managed devices administration group or to any nested administration group. The task is started every time an update package is downloaded to the Kaspersky Security Center Administration Server repository.
Creating default policy for Protection Server
A default Protection Server policy is created for the Managed devices administration group with the name Kaspersky Security for Virtualization 6.2 Light Agent – Protection Server and is applied on all SVMs that will be moved to the Managed devices administration group or to any nested administration group.
When creating a default Protection Server policy, the wizard prompts you to configure the following settings:
- Decide whether you want to use Kaspersky Security Network in the operation of the Protection Server.
- Configure settings for connecting SVMs to the Integration Server.
The other policy settings take the default values. You can configure them later.
If you have not configured the settings for connecting SVMs to the Integration Server or cannot connect with the specified settings, the policy is created with the Inactive policy status. Later you can configure the settings of this policy and activate it.
Page topPreparing the Protection Server for operation
After completing the SVM deployment procedure, it is recommended to use virtual infrastructure tools to check the system date on the SVM. A discrepancy between the system dates on Kaspersky Security Center Administration Server and the SVM may result in an error when connecting the SVM to Kaspersky Security Center as well as incorrect operation of Kaspersky Security solution components.
After deploying the SVM on a hypervisor, you can modify the resources allocated to the SVM, for example, to match those recommended by Kaspersky experts. You can regulate the performance of the SVM using the resources assigned to it.
To prepare the Protection Server for operation, you must perform the following actions:
- Make sure that new SVMs are connected to the Integration Server. You can view the list of connected SVMs in the Integration Server Console or in the Integration Server Web Console.
- Activate the solution on all new SVMs.
To activate the solution on SVMs, you must add a license key to the SVMs by using the Solution activation task. After installing the Light Agent component on virtual machines and connecting the Light Agents to the SVMs, the Protection Server component sends license information to the Light Agents.
- Update the databases of the solution on all new SVMs and download database updates for Light Agents to the SVMs. By default, database updates required for the operation of the Protection Server, Light Agent for Linux, and Light Agent for Windows are downloaded to the SVMs from the Administration Server repository.
If the current version of the solution supports more than one version of Light Agent for Linux or Light Agent for Windows, you need to make sure you are downloading database updates for the correct version of Light Agent. If you have different versions of Light Agent installed on protected devices, updates for all installed versions must be downloaded to the SVM.
To configure the downloading of updates for the correct versions of Light Agent:
- In the Protection Server policy, specify the versions of Light Agents for which the Protection Server must receive updates.
The Administration Server needs some time to download database updates for Light Agents. We recommend starting the database update process after completing the synchronization of the Network Agent on the SVM with the Administration Server (by default, the synchronization period is 15 minutes after changing the policy settings).
- Manually run the Download updates to the repository task.
- Download the update packages to the SVM. To download update packages to the SVM, you can use an automatically created Protection Server task, Updating databases and solution modules.
- In the Protection Server policy, specify the versions of Light Agents for which the Protection Server must receive updates.
Installing Light Agents and Network Agent
On each virtual machine that needs to be protected using the Kaspersky Security solution, you need to install Light Agent and Kaspersky Security Center Network Agent.
Installed on protected virtual machines, Kaspersky Security Center Network Agent facilitates interaction between a Light Agent installed on a virtual machine and the Kaspersky Security Center Administration Server, and lets you use Kaspersky Security Center to manage the operation of the Light Agent.
You can install Light Agent on a virtual machine template that will be used to create persistent and non-persistent virtual machines. When installing on a non-persistent virtual machine template, we recommend configuring additional installation settings for Light Agents and Network Agent.
You can install Light Agent on virtual machines as part of an infrastructure that uses VDI-based solutions for creating virtual desktops. For Light Agent for Windows to be compatible with some virtualization solutions, additional steps are required during installation.
About installing Kaspersky Security Center Network Agent on virtual machines
Before or during the installation of Kaspersky Endpoint Security for Linux in Light Agent mode, you need to install Network Agent for Linux on each virtual machine.
Before or during installation of Kaspersky Endpoint Security for Windows in Light Agent mode, you need to install Network Agent for Windows on each virtual machine.
The files required for installing Network Agent are included in the Kaspersky Security Center distribution kit. For more information on installing Network Agent, please refer to the Kaspersky Security Center Help.
Page topAbout installing Light Agent for Linux
Kaspersky Endpoint Security for Linux in Light Agent mode for protection of virtual environments is installed in one of the following ways:
- Remotely from the administrator's workstation using Kaspersky Security Center.
To use Kaspersky Endpoint Security for Linux as a Light Agent for Linux, you select the Light Agent mode in one of the following ways:
- In the properties of the installation package of the Kaspersky Endpoint Security for Linux application, on the Settings tab.
- Using the autoinstall.ini configuration file, which is included in the application installation package (
KSVLA_MODE=yes).
- Using the command line.
To use Kaspersky Endpoint Security for Linux as a Light Agent for Linux, after the installation is complete, you need to run the initial application configuration and select the Light Agent mode in one of the following ways:
- Enter
yesin theSpecifying the application usagestep of the initial configuration script. - Specify the
KSVLA_MODE=yessetting in the initial setup configuration file.
- Enter
When installing on a non-persistent virtual machine template, we recommend configuring additional installation settings for Light Agent and Network Agent.
For more information about installing Kaspersky Endpoint Security for Linux in Light Agent mode, see the application Help of the relevant version.
Page topAbout installing Light Agent for Windows
Kaspersky Endpoint Security for Windows in Light Agent mode for protection of virtual environments is installed in one of the following ways:
- Remotely from the administrator's workstation using Kaspersky Security Center.
To use Kaspersky Endpoint Security for Windows as a Light Agent for Windows, you need to select the Light Agent configuration in the properties of the Kaspersky Endpoint Security for Windows installation package on the Settings tab.
- Locally on a virtual machine using the installation wizard.
To use Kaspersky Endpoint Security for Windows as a Light Agent for Windows, you need to select the Light Agent for protecting virtual environments configuration at the configuration selection step.
- Using the command line.
To use Kaspersky Endpoint Security for Windows as a Light Agent for Windows, you select the Light Agent mode in one of the following ways:
- Run the installation command with
LIGHTAGENTMODE=1. - Perform a silent installation using a setup.ini file with
KSVLAMode=1.
- Run the installation command with
To optimize the performance of Kaspersky Endpoint Security for Windows in Light Agent mode, we recommend using predefined groups of exclusions and trusted applications for various virtualization solutions. You can include recommended scan exclusions and trusted applications in the trusted zone during local installation using the wizard or when creating an installation package in interactive mode.
When installing on a non-persistent virtual machine template, we recommend configuring additional installation settings for Light Agent and Network Agent.
For more information about installing Kaspersky Endpoint Security for Windows in Light Agent mode, see the application Help of the relevant version.
Page topInstalling Light Agent on a template for non-persistent virtual machines
If you are installing on a virtual machine template that will be used to create non-persistent virtual machines, we recommend that you configure settings that optimize the operation of Light Agent on the non-persistent virtual machines.
If these settings are configured, the operation of non-persistent virtual machines created from the template will be optimized as follows:
- Kaspersky Security Center functionality that is not required for non-persistent virtual machines will be disabled, namely the receiving of information about software, hardware, vulnerabilities, and necessary updates.
- Updates that require restarting the protected virtual machine will not be installed on virtual machines created from the template. When receiving updates that require a restart, the Light Agent installed on the virtual machine sends a message to Kaspersky Security Center about the need to update the virtual machine template.
- Non-persistent virtual machines running Windows operating systems will not use the active infection disinfection technology regardless of the configured settings of Light Agent for Windows. If it is necessary to perform the disinfection procedure for an active infection, the Light Agent installed on the virtual machine will send a message to Kaspersky Security Center about the need to perform this procedure on the virtual machine template.
Kaspersky Security Center Network Agent settings
If you are installing Network Agent using Kaspersky Security Center, in the properties window of the Network Agent installation package, you need to specify the following settings in the Advanced section:
- Enable dynamic mode for VDI.
- Optimize the settings for VDI.
If you are installing Network Agent using the command line, you need to use a response file (in TXT format) with the following settings:
KLNAGENT_VM_VDI=1KLNAGENT_VM_OPTIMIZE=1
For more information on installing Network Agent, please refer to the Kaspersky Security Center Help.
Light Agent for Linux settings
If you are installing Kaspersky Endpoint Security for Linux in Light Agent mode using Kaspersky Security Center, you need to include the autoinstall.ini configuration file in the installation package with the following settings:
KSVLA_MODE=yesVDI_MODE=yes
If you create an installation package in Kaspersky Security Center Web Console, you can specify these settings using the following check boxes in the installation package properties on the Settings tab:
- Use the application in Light Agent mode
- Enable VDI protection mode.
If you are installing Kaspersky Endpoint Security for Linux in Light Agent mode using the command line, after the installation is complete, you need to configure the settings as follows, depending on the initial configuration mode:
- Run the initial configuration script and enter
yesin theSpecifying the application usage modeandEnabling VDI protection modesteps. - Run the initial configuration in automatic mode by specifying the following settings in the initial configuration file:
KSVLA_MODE=yesVDI_MODE=yes
For more information about installing Kaspersky Endpoint Security for Linux in Light Agent mode, see the application Help of the relevant version.
Light Agent for Windows settings
If you are installing Kaspersky Endpoint Security for Windows in Light Agent mode using Kaspersky Security Center, you need to configure the following settings in the properties of the Kaspersky Endpoint Security for Windows installation package on the Settings tab:
- select the Light Agent configuration
- select the Protect VDI check box
If you are installing Kaspersky Endpoint Security for Windows in Light Agent mode using the Installation Wizard, you need to configure the following settings at the configuration selection step:
- select the Light Agent for protecting virtual environments configuration
- select the Protect VDI check box
If you are installing Kaspersky Endpoint Security for Windows in Light Agent mode using the command line, you need to do one of the following:
- Run the installation command with
LIGHTAGENTMODE=1andVDI=1. - Perform installation in silent mode using a setup.ini file with
KSVLAMode=1andInstallOnVDI=1.
For more information about installing Kaspersky Endpoint Security for Windows in Light Agent mode, see the application Help of the relevant version.
Page topCompatibility of Light Agent for Windows with virtualization solutions
You need to take additional steps when installing Light Agent for Windows on virtual infrastructures that use the following virtualization solutions:
- Citrix App Layering
- Citrix Provisioning (Citrix Provisioning Services)
- VMware App Volumes
Compatibility with Citrix App Layering technology
Compatibility with Citrix Provisioning (Citrix Provisioning Services) technology
Compatibility with VMware App Volumes technology
Page topPreparing Light Agents for operation
To prepare Light Agents for operation, you must perform the following actions:
- Configure the settings required for SVM discovery and connection of Light Agents to SVMs.
To configure the settings for Light Agent for Linux, you need to create a policy for Kaspersky Endpoint Security for Linux running in Light Agent mode.
To configure the settings for Light Agent for Windows, you need to create a policy for Kaspersky Endpoint Security for Windows running in Light Agent mode.
Following the instructions in the New Policy Wizard, you need to select the SVM discovery method and, depending on the selected method, configure the settings for connecting to the Integration Server or specify a list of SVM addresses.
- Make sure that Light Agents connect to SVMs and to the Integration Server.
- Make sure that Light Agents have received information about the license used to activate Kaspersky Security for Virtualization Light Agent.
After activating the solution on SVMs and connecting Light Agents to the SVMs, the Protection Server component sends license information to Light Agents. You can view information about the license that Light Agent uses. You can view it on a protected virtual machine with Light Agent.
- Make sure that the database updates required for Light Agent are installed on the protected virtual machines.
Databases on protected virtual machines are updated using a special Update task, in which a folder on the SVM is specified as the update source. The update task is started automatically.
You can check how up-to-date the databases are on a protected virtual machine with Light Agent:
- For Light Agent for Linux: using the command
kesl-control --app-info. - For Light Agent for Windows: in the local interface of Kaspersky Endpoint Security for Windows.
- For Light Agent for Linux: using the command
For details about configuring the applications running in Light Agent mode, see the Help for the relevant application.
Page topDisplaying virtual machines and SVMs in Kaspersky Security Center
After installation of Kaspersky Security in the virtual infrastructure, the SVMs and protected virtual machines on which Network Agent is installed will forward information about themselves to Kaspersky Security Center. By default, Kaspersky Security Center adds devices on which Kaspersky Security components are installed to the Unassigned devices folder.
In the Kaspersky Security Center Administration Console, an SVM is displayed under the name that you specified during deployment of this SVM. The name of the protected virtual machine matches the network name of the virtual machine (hostname). If a virtual machine with the same name is already registered on the Kaspersky Security Center Administration Server, a sequence number is added to the name of the new virtual machine, for example: <Name>~1, <Name>~2.
If you configured rules for moving virtual machines to administration groups prior to installing the solution, Kaspersky Security Center moves the devices on which Kaspersky Security components are installed to the specified administration groups in accordance with the configured rules for moving devices.
After installing the solution components, the SVMs and protected virtual machines send tags to Kaspersky Security Center. You can use these tags when creating rules for moving SVMs and protected virtual machines to administration groups.
The SVM sends the following tag to Kaspersky Security Center:
%VmType%=SVM – indicates that the virtual machine is an SVM.
A protected virtual machine with Kaspersky Security Center Network Agent installed sends the following tag to Kaspersky Security Center:
- %VmType%=<Persistent / Nonpersistent> – indicates whether this virtual machine is non-persistent or persistent virtual machine:
- %VmType%=Persistent – persistent virtual machine;
- %VmType%=Nonpersistent – non-persistent virtual machine.
- %KsvlaMode%=<Yes / No> – a flag that determines the operating mode of the Kaspersky Endpoint Security for Linux or Kaspersky Endpoint Security for Windows application on a virtual machine:
- %KsvlaMode%=Yes – the application is being used in Light Agent mode to protect virtual environments;
- %KsvlaMode%=No – the application is being used in standard mode.
You can manually move SVMs to the Managed devices administration group or nested administration groups (for more information about moving virtual machines to administration groups, see the Kaspersky Security Center Help).
Page topViewing the list of SVMs connected to the Integration Server
You can view a list of all SVMs that are connected to the Integration Server in the Integration Server Web Console or the Integration Server Console.
Page top