In this section, SVM refers to an SVM with the Network Threat Protection component.
An SVM with the Network Threat Protection component protects virtual machines on the VMware ESXi hypervisors. Kaspersky Security protects only virtual machines that meet all the conditions for virtual machine protection against network threats.
The Network Threat Protection component of Kaspersky Security performs the following functions:
Kaspersky Security can scan traffic from IP addresses in IPv4 and IPv6 format.
The settings that SVMs apply for virtual machine network threat protection are defined by using policies. Kaspersky Security starts protecting virtual machines only after you have configured network threat protection settings in the active policy.
If Kaspersky Security is installed in the infrastructure managed by VMware NSX-V Manager, the standard traffic processing mode and the monitoring mode are provided for network protection. If monitoring mode is used and Kaspersky Security detects signs of intrusions or attempts to access dangerous or undesirable web addresses, it does not take any actions to prevent the threats, but only sends information about the detected threats to Kaspersky Security Center Administration Server.
You can configure exclusions from Network Threat Protection as follows:
Information about events that occur during protection of virtual machines against network threats is transmitted to the Kaspersky Security Center Administration Server and logged in a report.
Descriptions of currently known types of network attacks, signs of intrusions, and the databases of malicious and phishing web addresses are included in the application databases and are updated during application database updates.