To install Kaspersky Security for Virtualization 5.x Agentless on NSX, follow the nine steps below.
Configuration is performed in the VMware vSphere Web Client console:
Before beginning installation, make sure that you have configured the following parameters for each hypervisor in Agent VM Settings: network, storage for service virtual machines and SVM. For more information about setting parameters in Agent VM Settings, see the VMWare product documentation.
Install VMware NSX components:
The preparation status of the hypervisors will appear.
In the NSX Installation column, you will find information about the version of the NSX components installed.
To run Kaspersky Security or Virtualization 5.x Agentless in an infrastructure managed by VMware vCenter and VMware NSX Manager, deploy the Guest Introspection service on each cluster of VMware hypervisors where SVMs with the File Anti-Virus component will be deployed. As a result, Guest Introspection service virtual machines are deployed on each hypervisor in a cluster.
To deploy Guest Introspection:
The name of the selected pool will appear in the IP Assignment column.
The wizard window will close and the current status of the Guest Introspection service deployment process will appear in the Installation Status column in the VMware vSphere Web Client console.
The Guest Introspection service has been deployed.
To use the Network Threat Detection component, an active license for NSX for vSphere Advanced or NSX for vSphere Enterprise is required.
If you use a standard license for NSX for vSphere, which is installed upon connecting VMware NSX to the VMware vCenter server, the Network Service Insertion (Third Party Integration) feature, which is required for enabling network threat protection on VMware ESXi hypervisors, is unavailable.
To view information about the licenses in use:
If the licenses for NSX for vSphere Advanced or NSX for vSphere Enterprise are missing from the list, install the license using the corresponding wizard.
Kaspersky Security for Virtualization 5.x Agentless installers must be distributed on file servers via HTTP or HTTPS. You can use the built-in Windows web server IIS.
The Kaspersky Security Center components include the management plugin, the Integration Server console and the Integration Server required for interaction with vCenter and NSX. To install the components:
The components have been installed.
For detailed instructions, see this article.
Kaspersky Security for Virtualization 5.x Agentless services are registered in VMware NSX Manager by the Integration Server. The Integration Server is registered in VMware NSX Manager as Kaspersky Service Manager.
You can view the list of registered services and Service Managers in the VMware vSphere Web Client console:
The table shows:
Add all the virtual machines you want to protect with Kaspersky Security for Virtualization 5.x Agentless to the NSX Security Group. First, create the NSX Security Group and configure the rules for adding virtual machines to the group.
Virtual machines can be added to the NSX Security Group in the following ways:
You can combine these options when configuring the rules for adding virtual machines to the NSX Security Group. For example, you can select that virtual machines be added to the group dynamically according to specified parameters, and also specify VMware management objects to be excluded from the group.
To configure a NSX Security Group:
The NSX Security Groups have been configured.
To protect the virtual machines in the NSX Security Group, configure the NSX Security Policy and apply it to the NSX Security Group.
Information about the Kaspersky File Antimalware Protection service will appear in the wizard window.
Information about the Kaspersky Network Protection service will appear in the wizard window.
In the Security Policies tab, the Successful status will appear for the created policy in the Status column.
The NSX Security Policy is now applied to the NSX Security Group.
SVMs with the File Anti-Virus component are deployed on VMware ESXi hypervisors when deploying the Kaspersky File Antimalware Protection service on the VMware vCenter clusters. Deployment is performed via the VMware vSphere Web Client:
The wizard window will close and the current status of the Kaspersky File Antimalware Protection service deployment process will be shown in the Installation Status column in the VMware vSphere Web Client console.
The SVM with the File Anti-Virus component has been deployed.
The SVMs with the Network Threat Detection component are deployed on VMware ESXi hypervisors when deploying the Kaspersky Network Protection service on VMware clusters. Deployment is performed in the VMware vSphere Web Client console:
To deploy an SVM with the Network Threat Detection component:
The wizard window will close and the current status of the Kaspersky Network Protection deployment process will be shown in the Installation Status column in the VMware vSphere Web Client console.
The SVM with the Network Threat Detection component is deployed.
Release of antivirus database updates (required to protect your computer/server/mobile device)
Providing technical support over phone / web
Release of patches for the application (addressing detected bugs)
Please let us know how we can make this website more comfortable for you
Thank you for submitting your feedback. We will review your feedback shortly.
Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.
Your suggestions will help improve this article.