About Kaspersky Security for Virtualization 6.1 Agentless

Kaspersky Security for Virtualization 6.1 Agentless (hereinafter also "Kaspersky Security") is an integrated solution that protects virtual machines on the VMware ESXi hypervisor against viruses and other malware, as well as against network threats.

Kaspersky Security lets you protect virtual machines running Windows guest operating systems, including those running server operating systems, and virtual machines running Linux guest operating systems.

Kaspersky Security lets you configure the protection of virtual machines at any level of the hierarchy of VMware virtual infrastructure objects: VMware vCenter server, Datacenter object, VMware cluster, resource pool, vApp object, and virtual machine. The application supports the protection of virtual machines during their migration within a VMware DRS cluster.

In an infrastructure managed by a VMware Cloud Director server, Kaspersky Security can be used to protect isolated virtual infrastructures, such as virtual Datacenters corresponding to Cloud Director organizations. One instance of Kaspersky Security in multitenancy mode allows multiple tenants of a cloud infrastructure (tenant organizations or divisions of one organization) to independently manage the protection of their own virtual infrastructure.

Kaspersky Security includes the following components:

• File Threat Protection. Protects the file system objects of a virtual machine against infection. The component is launched at the startup of Kaspersky Security. It protects virtual machines and scans the file system of virtual machines.
• Network Threat Protection. This component lets you detect and block activity that is typical of network attacks and other suspicious network activity, and lets you scan web addressed requested by a user or application, and block access to web addresses if a threat is detected.
• Integration Server. The component facilitates interaction between Kaspersky Security components and a VMware virtual infrastructure.

Kaspersky Security features:

• Protection. Kaspersky Security scans all files that the user or an application opens, saves, or launches on a virtual machine.
  • If the file is free of malware, Kaspersky Security will grant access to the file.
  • If malware is detected in the file, Kaspersky Security will perform the action that is specified in its settings. For example, it will delete the file or block access to the file.

  Kaspersky Security protects only powered-on virtual machines that meet all the conditions for virtual machine protection.

• Scan. The application lets you perform a virus scan on files of virtual machines. Virtual machine files must be scanned regularly with new anti-virus databases to prevent the spread of malicious objects. You can perform an on-demand scan or specify a scan schedule.

  Kaspersky Security scans only virtual machines that meet all the conditions for scanning virtual machines. Kaspersky Security can scan virtual machine templates and powered-off virtual machines that have the following file systems: NTFS, FAT32, EXT2, EXT3, EXT4, XFS, BTRFS.

• Intrusion Prevention. Kaspersky Security lets you analyze network traffic of protected virtual machines and detect network attacks and suspicious network activity that may be a sign of an intrusion into the protected infrastructure. When it detects an attempted network attack on a virtual machine or suspicious network activity, Kaspersky Security can terminate the connection and block traffic from the IP address from which the network attack or suspicious network activity originated.
• Web addresses scan. Kaspersky Security lets you scan web addresses that are requested over the HTTP protocol by a user or application installed on the virtual machine. If Kaspersky Security detects a web address from one of the web address categories selected for detection, the application can block access to the web address. By default, Kaspersky Security scans web addresses to check if they are malicious, phishing, or advertising web addresses.
• Storing backup copies of files. The application allows storing backup copies of files that have been deleted or modified during disinfection. Backup copies of files are stored in Backup in a special format and pose no danger. If a disinfected file contained information that is partly or completely inaccessible after disinfection, you can attempt to save the file from its backup copy.
• Application database update. Downloading updated application databases ensures up-to-date protection of the virtual machine against viruses and other malware. You can manually run an application database update or set a schedule for updating application databases.

Kaspersky Security is administered by Kaspersky Security Center, the remote centralized Kaspersky application administration system. You can use Kaspersky Security Center to:

• Configure the application settings
• Administer the application:
  • Manage virtual machine protection by using policies
  • Manage scan tasks
  • Manage license keys for the application
• Update application databases
• Work with backup copies of files in Backup
• Generate application event reports

Kaspersky Security sends the Kaspersky Security Center Administration Server information about all events that occur during anti-virus protection and scanning of virtual machines, as well as information about events that occur when preventing intrusions and scanning web addresses.