Checking system integrity by schedule or on demand

You can use the integrity check task to check system integrity on protected virtual machines.

You can create and configure the integrity check task for protected virtual machines that are part of an administration group through Kaspersky Security Center. You can also configure the integrity check task for one virtual machine in the local interface of Light Agent for Windows.

For successful completion of the task, the baseline must fully match the integrity check scope when the integrity check task is started. If the composition of objects whose state was recorded in the baseline differs from the composition of objects that are within the integrity check scope, the integrity check task ends with an error.

To check the system integrity on virtual machines through Kaspersky Security Center:

  1. Open Kaspersky Security Center Administration Console.
  2. Do one of the following:
    • Select the Managed devices folder in the console tree to create a task for virtual machines belonging to all administration groups. In the workspace, select the Tasks tab.
    • If you want to create a task for all virtual machines in an administration group, select the folder with the name of this group in the Managed devices folder of the console tree. In the workspace, select the Tasks tab.
    • Open the Tasks folder in the console tree to create a task for one or several virtual machines.
  3. Click the Create task button to launch the New Task Wizard.
  4. At the first step of the Wizard, select the type of task. To do so, in the Kaspersky Security for Virtualization 5.0 Light Agent for Windows list, select Integrity check.

    Proceed to the next step of the New Task Wizard.

  5. If you started the New Task Wizard from the Tasks folder, specify the method of selecting the virtual machines for which you are creating the task. You can select virtual machines from the list of virtual machines discovered by the Administration Server, manually specify the addresses of virtual machines, import a list of virtual machines from a file, or specify a previously configured selection of devices (for details, please refer to the Kaspersky Security Center documentation). Depending on the specified method of selection of virtual machines, perform one of the following operations in the window that opens:
    • In the list of detected virtual machines, specify the virtual machines for which you want to create the task. To do so, select check boxes in the list on the left of the name of the relevant virtual machine.
    • Click the Add or Add IP range button and enter the addresses of virtual machines manually.
    • Click the Import button, and in the window that opens select a TXT file with the list of addresses of virtual machines.
    • Click the Select button and in the opened window specify the name of the selection containing the virtual machines for which you want to create the task.

    Proceed to the next step of the New Task Wizard.

  6. In the Scheduled launch field, select Manually.

    Proceed to the next step of the New Task Wizard.

  7. In the Name field, enter the name of the integrity check task.

    Proceed to the next step of the New Task Wizard.

  8. If you want the task to start as soon as the New Task Wizard finishes, select the Run task when the wizard is complete check box.

    When the task is run with the default settings, the application performs an integrity check in Full scan mode (all attributes of files and file contents are analyzed when checking for modifications in files).

    Finish the wizard.

    The created custom scan task appears in the list of tasks.

  9. If you want the application to analyze only the attributes of files and not file contents when checking for modifications in files, change the task settings as follows:
    1. Double-click to open the properties window of the created task.
    2. Go to the Settings section and select the Quick Scan option.
    3. Click OK.
  10. Start the integrity check task.

Integrity check runs on each virtual machine that you specified in task settings. You can view the task results in Kaspersky Security Center.

To check the system integrity on a virtual machine in the local interface of Light Agent for Windows:

  1. If necessary, configure the settings of the integrity check task. To do this, perform the following actions:
    1. On the protected virtual machine, open the application settings window.
    2. In the left part of the window, in the Scheduled tasks section, select the Integrity check section.

      The right part of the window displays the integrity check task settings.

      If the Integrity check section is absent, this means that the display and management of local tasks is denied by the policy for all protected virtual machines of the administration group. You can enable or disable the display and management of local tasks in the Light Agent for Windows policy (Application settings subsection in the Advanced settings) section.

    3. Select the scan mode:
      • Full scan – all attributes of files and file contents are analyzed when checking for modifications in files. This option is selected by default.
      • Quick scan – only the attributes of files are analyzed when checking for modifications in files; file contents are not checked.
    4. If necessary, change the task run mode. You are advised to use the Manually run mode. This mode is selected by default.
    5. To save changes, click the Save button.
  2. Start the integrity check task.
Page top