Kaspersky Security Center

Scenario: Deployment of a Kaspersky Security Center failover cluster

November 2, 2024

ID 222333

A Kaspersky Security Center failover cluster provides high availability of Kaspersky Security Center and minimizes downtime of Administration Server in case of a failure. The failover cluster is based on two identical instances of Kaspersky Security Center installed on two computers. One of the instances works as an active node and the other one is a passive node. The active node manages protection of the client devices, while the passive one is prepared to take all of the functions of the active node in case the active node fails. When a failure occurs, the passive node becomes active and the active node becomes passive.

Prerequisites

You have hardware that meets the requirements for the failover cluster.

Stages

Kaspersky applications deployment proceeds in stages:

  1. Creating an account for Kaspersky Security Center services

    Create a new domain group (in this scenario the name 'KLAdmins' is used for this group), and then grant the local administrator's permissions to the group on both nodes and on the file server. Then create two new domain user accounts, (in this scenario the names 'ksc' and 'rightless' are used for these accounts), and add the accounts to the KLAdmins domain group.

    Add the user account, under which Kaspersky Security Center will be installed, to the previously created KLAdmins domain group.

  2. File server preparation

    Prepare the file server to work as a component of the Kaspersky Security Center failover cluster. Make sure that the file server meets the hardware and software requirements, create two shared folders for Kaspersky Security Center data, and configure permissions to access the shared folders.

    How-to instructions: Preparing a file server for the Kaspersky Security Center failover cluster

  3. Preparation of active and passive nodes

    Prepare two computers with identical hardware and software to work as the active and passive nodes.

    How-to instructions: Preparing nodes for the Kaspersky Security Center failover cluster

  4. Database Management System (DBMS) installation

    Select any of the supported DBMS, and then install the DBMS on a dedicated computer. For information about how to install the DBMS refer to its documentation.

  5. Kaspersky Security Center installation

    Install Kaspersky Security Center in the failover cluster mode on both nodes. You must first install Kaspersky Security Center on the active node, and then install it on the passive one.

    Additionally, you can install Kaspersky Security Center Web Console on a separate device that is not a cluster node.

    How-to instructions: Installing Kaspersky Security Center on the Kaspersky Security Center failover cluster nodes

  6. Testing the failover cluster

    Check that you configured the failover cluster correctly and that it works properly. For example, you can stop one of the Kaspersky Security Center services on the active node: kladminserver, klnagent, ksnproxy, klactprx, or klwebsrv. After the service is stopped, the protection management must be automatically switched to the passive node.

Results

The Kaspersky Security Center failover cluster is deployed. Please familiarize yourself with the events that lead to the switch between the active and passive nodes.

See also:

Installing Administration Server on a Windows Server failover cluster

Upgrading Kaspersky Security Center on the Kaspersky Security Center failover cluster nodes

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.