Enabling protection of virtual machines
December 13, 2023
By default, Kaspersky Security does not protect virtual machines. After installing Kaspersky Security, you must enable protection of virtual machines by using a policy.
If the application is operating in multitenancy mode, protection of the virtual infrastructure of tenants against file threats requires that you create a tenant policy on each virtual Administration Server of Kaspersky Security Center corresponding to the tenant organization. A tenant policy can be created by the provider's administrator or the tenant's administrator. The settings for protecting the virtual infrastructure of tenants against network threats are determined by the main policy whose scope includes the virtual machines of the tenant.
File Threat Protection
To protect a virtual machine against file threats, you need to assign a protection profile to the virtual machine. A virtual machine that has no assigned protection profile is excluded from protection.
A protection profile can be assigned to virtual infrastructure objects, including virtual machines, either directly or by mapping a protection profile to NSX Vendor Template / NSX Profile Configuration (depending on VMware NSX Manager type you use: VMware NSX-T Manager or VMware NSX-V Manager).
You can assign the main protection profile that is generated automatically when a policy is created, or create and assign additional protection profiles if you want to use different protection settings for different virtual infrastructure objects. Profiles are assigned in policy properties.
Kaspersky Security protects only those virtual machines that meet all the conditions for virtual machine protection from file threats.
Network Threat Protection
To protect a virtual machine against network threats, you need to configure the settings for Intrusion Prevention and/or Web Addresses Scan in the properties of the policy whose scope includes the virtual machine.
Kaspersky Security protects only those virtual machines that meet all the conditions for virtual machine protection from network threats.