Connecting the Sensor component to the Central Node

When the Sensor component is added, a configuration package is generated on the Central Node, containing the certificate and configuration data for the Sensor component. The added component is connected using the web interface of the Sensor component. The web interface of the component lets you upload a configuration package and connect the component in the following ways:

• Using a communication data package.

  In this case, the configuration package is saved as a file in which the certificate is password-protected. This file is called a communication data package. The communication data package must be uploaded to the web interface of the Sensor component. After uploading the communication data package, the Sensor component automatically connects to the Central Node on which the communication data package was created.

• Automatically over the network.

  In this case, the configuration package is sent over the network to the specified IP address of the server with the Sensor component. The Sensor processes the configuration package, generates a certificate signing request (CSR) based on it, and sends this request to the Central Node component. After receiving the CSR, the fingerprint of the CSR is displayed in the web interface of Kaspersky Anti Targeted Attack Platform as a sequence of characters. The same fingerprint is displayed at the same time in the web interface of the Sensor component. You must make sure that the fingerprints are identical before terminating the connection.

If the connection between the Central Node and Sensor components is established outside of a trusted medium, to protect the connection from traffic interception, you need to use external cryptographic information protection facilities that support encryption algorithms approved in your country. If the components are connected by a trusted medium, for example, a patch cord within a server rack that precludes third-party access, using external cryptographic information protection facilities is not necessary.

Adding and connecting the Sensor component automatically over the network

To connect the Sensor component automatically over the network:

1. Select the Sensor servers section in the window of the application web interface.
2. Click Add sensor.

   This opens the Adding a new sensor window.

3. Go to the Automatically over the network tab.
4. In the Sensor name field, enter a name for the Sensor component that you want to connect.

   After the connection to the Central Node is established, the title of the browser tab with the web interface page of the component displays the name that you configure at this step.

5. In the Server address field, enter the IP address of the Central Node server to which you want to connect the Sensor component.
6. In the Sensor IP address field, enter the IP address of the server with the Sensor component that you want to connect to the Central Node component.

   The application establishes a connection with the server on which the Sensor component is installed, and a prompt is displayed in the web interface of the application asking you to confirm the fingerprint of the received certificate signing request.

7. In a browser on any computer that allows access to the Sensor server, in the address bar of the browser, enter: https://<IP address of the Sensor server>:<9443>.

   The web interface of the Sensor component is displayed in the browser. The web interface displays a message with information about the fingerprint of the certificate signing request that was sent to the Central Node component.

8. Make sure that the character sequences representing the fingerprint of the certificate request are identical in the web interfaces of the Sensor and Central Node components.
9. In the application web interface, click the button to confirm the received fingerprint of the certificate signing request.

The Sensor component is connected to the Central Node component, after which the connection information in the web interfaces of the Sensor and Central Node components.

Connecting the Sensor component using a communication data package

To connect the Sensor component using a communication data package:

1. Select the Sensor servers section in the window of the application web interface.
2. Click Add sensor.

   This opens the Adding a new sensor window.

3. In the Sensor name field, enter a name for the Sensor component that you want to connect.

   After the connection to the Central Node is established, the title of the browser tab with the web interface page of the component displays the name that you configure at this step.

4. In the Server address field, enter the IP address of the Central Node server to which you want to connect the Sensor component.
5. In the Sensor IP address field, enter the IP address of the server with the Sensor component that you want to connect to the Central Node component.
6. In the Encryption of certificate in communication data package section, set the certificate protection password that you want to use.

   The password must satisfy the following requirements:

   • Contains 8 to 256 ASCII characters.
   • Contains one or more uppercase letters of the Latin alphabet.
   • Contains one or more lowercase letters of the Latin alphabet.
   • Contains one or more numerals.
   • Does not contain four or more identical characters in a row.
7. Click Create communication data package. Your browser saves the downloaded file. Depending on your browser's settings, a window may be displayed on your screen in which you can specify the path and name of the downloaded file.
8. In a browser on any computer that allows access to the Sensor server, in the address bar of the browser, enter: https://<IP address of the Sensor component>:<9443>.
9. On the sensor web interface page, click Select file.

   This opens the standard browser window for selecting a file.

10. Specify the path to the communication data package.
11. Click the open file button.
12. After the file finishes uploading, enter the password for the certificate that you set at step 6 of these instructions.

    The Sensor component is connected to the Central Node component, after which the connection information in the web interfaces of the Sensor and Central Node components.