When the protected virtual machine is started together with Kaspersky Security, real-time protection of the virtual machine is automatically enabled and continues uninterrupted. Real-time protection involves scanning files of a protected virtual machine for malware when they are accessed. When the user or any application accesses a file on a protected virtual machine (for example, reads or writes it), Kaspersky Security intercepts the operation on the file.
In addition to real-time protection, you must regularly run a virus scan of the protected virtual machine to check for viruses and other malware in order to prevent the spread of malware that have not been detected by the application, for example, due to a low security level setting or for other reasons. A virus scan is vital to virtual machine security.
VM low-resource mode is enabled on Windows devices with Light Agent and Kaspersky Security Center Network Agent installed. This is a special mode that pauses Network Agent database updates as well as Vulnerability and Required Update Search (see the Kaspersky Security Center Help for details). This reduces the number of running processes, stops the device from establishing new network connections to get update files and pauses update-related file operations. This economy of resources is especially important for infrastructures where a large number of virtual machines with Light Agent and Kaspersky Security Center Network Agent installed are deployed from VM templates. The optimization thus applies to entire groups of devices, which reduces the load on the hypervisor.
Scan tasks are employed to scan virtual machines.
Virus scan tasks in Kaspersky Security Center
After Kaspersky Security MMC plug-ins are installed, the following scan tasks are automatically created in Kaspersky Security Center:
While performing the Virus scan task, Kaspersky Security performs a virus scan of the areas of the protected virtual machine that are specified in the task settings. Task is managed in Kaspersky Security Center.
Scan tasks in the local interface of Light Agent for Windows
Protected virtual machines that have the Light Agent for Windows component installed can employ the following scan tasks that can be configured through the local interface of Light Agent for Windows:
The Full Scan and Critical Areas Scan tasks are somewhat different than the others. For these tasks, it is not recommended to edit the scan scope.
After scan tasks start, their completion progress is displayed in the field next to the name of the running scan task, in the Manage tasks section on the Protection and Control tab of the main application window.
Information on the scan results and events that have occurred during the performance of scan tasks is logged in the application reports.
Scan tasks for Light Agent for Linux
Protected virtual machines that have the Light Agent for Linux component installed can employ the following scan tasks that can be managed from the command line: