About Kaspersky Security for Virtualization 4.0 Agentless
Kaspersky Security for Virtualization 4.0 Service Pack 1 Agentless (hereinafter also referred to as "Kaspersky Security") is an integrated solution that protects virtual machines on a VMware ESXi hypervisor against viruses and other malware (hereinafter collectively referred to as "malware"), as well as network threats.
Kaspersky Security lets you protect virtual machines running Windows guest operating systems, including server operating systems, as well as virtual machines running Linux guest operating systems.
Kaspersky Security protects virtual machines running Linux operating systems only if you are using the VMware NSX for vSphere 6.3.1 platform.
Kaspersky Security makes it possible to configure the protection of virtual machines at any level of the hierarchy of VMware inventory objects: VMware vCenter server, Datacenter object, VMware cluster, resource pool, vApp object, and virtual machine. The application supports the protection of virtual machines during their migration within a VMware DRS cluster.
Kaspersky Security includes the following components:
- File Anti-Virus. Protects the file system objects of a virtual machine against infection. The component is launched at the startup of Kaspersky Security. It protects virtual machines and scans the file system of virtual machines.
- Network Threat Detection. Scans network traffic of virtual machines to detect and block activity that is typical of network attacks, and checks web addresses visited by the user against a database of malicious web addresses to block access to malicious web addresses.
The Network Threat Detection component can be installed only in an infrastructure managed by a VMware vCenter Server and VMware NSX Manager.
Kaspersky Security features:
- Protection. Kaspersky Security scans all files that the user or an application opens, saves, or launches on a virtual machine.
- If the file is free of malware, Kaspersky Security will grant access to the file.
- If malware is detected in the file, Kaspersky Security will perform the action that is specified in its settings; for example, it will delete or block the file.
Kaspersky Security protects only enabled virtual machines that meet the requirements imposed on protected virtual machines.
- Scan. The application scans virtual machine files for malware. Virtual machine files must be scanned regularly with new anti-virus databases to prevent the spread of malicious objects. You can perform an on-demand scan or specify a scan schedule.
Kaspersky Security scans only virtual machines that meet the requirements imposed on protected virtual machines. Kaspersky Security can scan powered off virtual machines that have an NTFS or FAT32 file system.
- Network Attack Blocker. The application scans the network traffic of virtual machines for activity typical of network attacks. On detecting an attempted network attack targeting a virtual machine, Kaspersky Security can block the IP address from which the network attack originated.
- Web addresses scan. Kaspersky Security scans web addresses that are requested over the HTTP protocol by a user or application installed on the virtual machine and checks them against the database of malicious web addresses. On detecting a web address in the database of malicious web addresses, the application can block access to this web address.
- Storing backup copies of files. The application allows storing backup copies of files that have been deleted or modified during disinfection. Backup copies of files are stored in Backup in a special format and pose no danger. If a disinfected file contained information that is partly or completely inaccessible after disinfection, you can attempt to save the file from its backup copy.
- Updating anti-virus databases. The application downloads updated anti-virus databases. Updates keep the virtual machine protected against viruses and other malware at all times. You can run anti-virus database updates manually or specify an update schedule for anti-virus databases.
Kaspersky Security is administered by Kaspersky Security Center, the remote centralized Kaspersky Lab application administration system.
You can use Kaspersky Security Center to do the following:
- Configure the application settings
- Administer the application:
- Manage the protection of virtual machines
- Manage scan tasks
- Manage keys for the application
- Update anti-virus databases of the application
- Work with backup copies of files in Backup
- Generate application event reports
Kaspersky Security sends the Kaspersky Security Center Administration Server information about all events occurring during the protection and scanning of virtual machines, as well as information about events that occur during scanning of web addresses and when detecting activity that is typical of network attacks.