December 13, 2023
Information on virtual infrastructure protection status is displayed in Kaspersky Security Center using on of the following methods:
- By the client device status (OK, Critical, Warning). In the case of Kaspersky Security for Virtualization 6.1 Agentless, a client device of Kaspersky Security Center is an SVM. Protected virtual machines are not considered client devices from the perspective of Kaspersky Security Center because the Kaspersky Security Center Network Agent is not installed on them. When problems are detected in the Kaspersky Security application operation or in the protection of virtual machines, the status of the SVM that protects those virtual machines changes.
The Kaspersky Security Center client device status may change to Critical or Warning for the following reasons:
- The status changes according to the rules defined in Kaspersky Security Center. For example, the status changes if a security application is not installed on the device, a virus scan has not been performed in a long time, anti-virus databases are out of date, or the license has expired. For more details about the reasons for status changes and configuring status assignment conditions, please refer to the Kaspersky Security Center documentation.
- Kaspersky Security Center receives the device status from the managed application, i.e. Kaspersky Security.
Kaspersky Security Center must be configured to receive the device status from the managed application. To ensure that this function is enabled, in the properties of the Managed devices folder, in the Device status section, make sure that the Device status defined by the application check boxes are selected in the lists of conditions for the Critical and Warning statuses.
Kaspersky Security may change the SVM status to Critical or Warning in the following cases:
- The application is not activated or problems associated with the license key or license are detected (for example, the key is in the denylist).
- The SVM is not connected to the Integration Server or there were problems receiving information about the protected virtual infrastructure.
- Problems and limitations have been detected in KSN operation (an error occurred when connecting to KSN, temporary restriction on use of KSN is enabled, KSN settings in the policy do not match the KSN settings in the properties of the Kaspersky Security Center Administration Server).
- Application databases are missing or an error occurred when downloading them.
- Errors were detected in application components (for example, a virus scan is not being performed, errors were detected in Network Attack Blocker functionality or suspicious network activity was detected, web addresses scan is not being performed).
- Problems were detected in the interaction between an SVM and network data storage (if the use of network data storage is configured for the SVM).
For details on client device statuses, see the Kaspersky Security Center documentation. Information on the client device (SVM) statuses can be viewed in the device list of the Kaspersky Security Center Administration Console and in the protection status report.
- By the virtual machines protection status. Information on the virtual machines protection status can be viewed in protection status report.
Protected virtual machines are not considered as client devices of Kaspersky Security Center, and cannot be assigned the client device status. The report shows the protection status, assigned to the virtual machine by Kaspersky Security Center based on the information received from the SVM, protecting this virtual machine.
Virtual machine protection status can be changed to Critical or Warning, if the following information is received from the SVM:
- The virtual machine has "not protected" status. Information on the virtual machine status (protected, not protected, powered off) can be viewed in the list of virtual machines within the KSC cluster protected infrastructure.
- A virus scan has not been performed in a long time on the virtual machine.
- The application databases have not been updated for a long time on the SVM, protecting the virtual machine.