About Kaspersky Security for Virtualization 6.1 Agentless
December 13, 2023
Kaspersky Security for Virtualization 6.1 Agentless (hereinafter also "Kaspersky Security") is an integrated solution that protects virtual machines on the VMware ESXi hypervisor against viruses and other malware, as well as against network threats.
Kaspersky Security lets you protect virtual machines running Windows guest operating systems, including those running server operating systems, and virtual machines running Linux guest operating systems.
Kaspersky Security includes the following components:
- File Threat Protection. Protects the file system objects of a virtual machine against infection. The component is launched at the startup of Kaspersky Security. It protects virtual machines and scans the file system of virtual machines.
- Network Threat Protection. This component lets you detect and block activity that is typical of network attacks and other suspicious network activity, and lets you scan web addressed requested by a user or application, and block access to web addresses if a threat is detected.
- Integration Server. The component facilitates interaction between Kaspersky Security components and a VMware virtual infrastructure.
The File Threat Protection and Network Threat Protection components are installed on SVMs that are deployed on VMware ESXi hypervisors within the infrastructure of the anti-virus protection provider.
Kaspersky Security features:
- Protection. Kaspersky Security scans all files that the user or an application opens, saves, or launches on a virtual machine.
- If the file is free of malware, Kaspersky Security will grant access to the file.
- If malware is detected in the file, Kaspersky Security will perform the action that is specified in its settings. For example, it will delete the file or block access to the file.
Kaspersky Security can protect only powered-on virtual machines.
- Scan. The application lets you perform a virus scan on files of virtual machines. Virtual machine files must be scanned regularly with new anti-virus databases to prevent the spread of malicious objects. You can perform an on-demand scan or specify a scan schedule.
Kaspersky Security can scan powered-on virtual machines, virtual machine templates, and powered-off virtual machines that have the following file systems: NTFS, FAT32, EXT2, EXT3, EXT4, XFS, BTRFS.
- Intrusion Prevention. Kaspersky Security lets you analyze network traffic of protected virtual machines and detect network attacks and suspicious network activity that may be a sign of an intrusion into the protected infrastructure. When it detects an attempted network attack on a virtual machine or suspicious network activity, Kaspersky Security can terminate the connection and block traffic from the IP address from which the network attack or suspicious network activity originated.
Intrusion prevention settings are defined by the anti-virus protection provider.
- Web addresses scan. Kaspersky Security lets you scan web addresses that are requested over the HTTP protocol by a user or application installed on the virtual machine. If Kaspersky Security detects a web address from one of the web address categories selected for detection, the application can block access to the web address. By default, Kaspersky Security scans web addresses to check if they are malicious or phishing web addresses.
Web address scan settings are defined by the anti-virus protection provider.
- Storing backup copies of files. The application allows storing backup copies of files that have been deleted or modified during disinfection. If a disinfected file contained information that became partially or completely inaccessible after disinfection, the file can be restored from its backup copy.
All actions taken on backup copies of files are performed by the anti-virus protection provider.