For the Kaspersky Security solution to function, constant interaction between the Light Agent and the Protection Server is required. If there is no connection to the Protection Server, the Light Agent cannot transfer file fragments to the Protection Server for scanning, and scanning is not performed. If Light Agent loses a connection to the Protection Server for more than 5 minutes while running scan tasks, the scan tasks stop and return an error.
To interact with the Protection Server, the Light Agent establishes and maintains a connection to the SVM on which this Protection Server is installed.
Light Agent can connect only to an SVM on which the version of the Protection Server is compatible with the version of the Light Agent. Kaspersky Endpoint Security for Linux 12.0 used in Light Agent mode can connect to an SVM with version 6.0.
To connect to an SVM, Light Agent must receive information about the SVMs to which a connection can be made. Light Agent selects an available SVM that is optimal for connection according to the SVM selection algorithm.
Regardless of the algorithm used in selecting SVMs, Light Agents also take into account the following parameters:
Bear in mind that the availability of some Light Agent functions depends on the license edition used to activate the solution on the SVM to which the Light Agent is connected. Functionality available under an Enterprise license is available in Light Agent only if Light Agent is connected to an SVM using the solution under an Enterprise license. When you disconnect Light Agent from the current SVM and connect to an SVM with a different license edition, the scope of functionality available in Light Agent changes. To prevent Light Agents from switching between SVMs with different license editions, you can use connection tags or lists of SVMs available for connection.
You can obtain information about the status of the connection of Light Agent for Linux to an SVM on a protected virtual machine using the Kaspersky Endpoint Security for Linux command kesl-control --svm-info
. For more information about Kaspersky Endpoint Security for Linux commands, see the Kaspersky Endpoint Security for Linux Help.
Information about the loss and restoration of the connection of the Light Agent and SVM can be saved as events in Kaspersky Security Center.
Using virtual machine snapshots taken on a running guest OS (live snapshots) is not recommended for SVMs and virtual machines with Light Agent installed. Restoring from such snapshots results in loss of the connection between Light Agents and the SVMs and degrades the performance of the virtual infrastructure. You can use virtual machine snapshots taken on a running guest OS only if the "Notify only" mode is enabled in the Light Agent settings. For more details, see the Kaspersky Endpoint Security for Linux Help.