Kaspersky Security for Virtualization Agentless has been specifically designed to protect software-defined data centers built on the VMware vSphere platform, including support for NSX technologies. The solution delivers advanced security capabilities with near-zero impact on platform efficiency so you benefit from an industry-leading anti-malware solution while retaining high consolidation ratios.
The tight integration of Kaspersky Security for Virtualization Agentless with the VMware vSphere and NSX platforms means that the infrastructure and security layers work together in close co-operation, bringing improved levels of automation and protection to software-defined data centers. Anti-malware scans, as well as network attack blocking functionality, are offloaded to dedicated security virtual appliances (also known as Security Virtual Machines or SVMs) and delivered to each VM from the moment it’s powered on.
Tight VMware NSX integration enables the fully automated deployment of security appliances (main Secure Virtual Machines (SVMs) or Network Threat Detection SVMs). These pop up on the hypervisor automatically, based on the security polices applied to each VM.
Tight integration with VMware NSX means that each VM receives precise security capabilities as defined by your corporate policies.
In a dynamically changing IT landscape, it’s important to ensure that your security policy is attached to a particular VM function - not to a precise location - so that individual security capabilities travel with each VM from host to host. The VMware NSX platform and its security policies enable this functionality, consolidating all security settings (network, AV, etc.) into one policy. We further boost the VMware NSX platform’s security management efficiency by incorporating the anti-malware and network attack blocking security policies available in our Agentless solution.
This feature fully supports the building and scaling of perfectly balanced software-defined data centers.
Kaspersky Security for Virtualization Agentless and the VMware NSX platform now exchange security tags, which can change based on specific rules (e.g. malware detected inside a VM). This constant interaction between the infrastructure and its security means the software-defined data center can react in real time to any security incident, automatically triggering the reconfiguration of the entire virtual infrastructure if necessary.
No ‘traditional’ security solution can perform an agentless anti-malware scan of a VM that’s offline. Kaspersky Security for Virtualization Agentless introduces advanced functionality that scans all VMs running Windows or Linux OS with the following file systems: NTFS, FAT32, EXT2, EXT3, EXT4, XFS and BTRFS - whether they’re online or offline. This includes VM templates used for on-demand VM spawning. The result is more effective on-demand scanning and better security coverage across your entire infrastructure.
Kaspersky Security for Virtualization Agentless can be installed with an SNMP-agent. This monitors and sends extensive information about the SVM's health status to third-party SNMP monitoring tools like Zabbix and Nagios. SNMP counters include general SVM metrics (CPU, RAM, etc.), as well as specific metrics.
Routine scanning can be performed on all VMs according to your own pre-set schedule. Kaspersky Security for Virtualization Agentless automatically avoids the simultaneous scanning of large numbers of machines, to help ease the load on your systems.
With full support for VMware vMotion, Kaspersky Security for Virtualization Agentless ensures that security is not interrupted when a workload is moved from one ESXi host to another. If the new host has the necessary licenses, the security will automatically transfer along with the workload – and all security settings and policies will remain exactly as you configured them.
Kaspersky Security for Virtualization Agentless receives information about VMs from the VMware vCenter Server, including a list of all VMs and all relevant parameters. As well as giving IT administrators a higher level of visibility, this close integration with vCenter Server ensures that protection is automatically provided whenever your IT team configures a new VM.
The cloud-based Kaspersky Security Network (KSN) identifies new threats and delivers the most recent threat intelligence in real time. With an identification time as quick as 0.02 seconds, KSN helps protect you against zero-day threats.
Kaspersky Security for Virtualization Agentless has been designed to protect virtual servers with optimum efficiency and minimal impact on hypervisor performance. So your servers are protected while retaining all the benefits of virtualization.
Offloading resource-heavy tasks such as anti-malware scans and storing security intelligence databases substantially reduces the strain of doubling-up functionality on every virtual host, including Hypervisor I/O, CPU, Memory and Storage.
Kaspersky’s Network Threat Detection System monitors network traffic for signs of activity typical of network attacks. On detecting an attack, it blocks the attacking computer. It also detects suspicious network activities that may be a side effect of a network intrusion into the protected infrastructure. Exclusion rules can be configured to scan or block specific IP addresses. A traffic processing mode can be selected for Network Threat Detection, to block the detected threats. Kaspersky Security for Virtualization Agentless provides this network-level functionality together with support for VMware vCloud Networking and Security or VMware NSX.
Comprehensive policies can be created for all KSC clusters. These can define settings to protect all VMs within the protected infrastructure of every KSC cluster, i.e. all VMs managed by all VMware vCenter servers.
With just one instance of the security appliance protecting all the VMs running on a single host, Kaspersky Security for Virtualization Agentless helps to eliminate anti-malware 'update storms' and 'scanning storms'.
When a file is accessed on a VM, Kaspersky Security for Virtualization Agentless automatically scans the file to ensure that it’s safe, then stores the verdict in a shared cache. When that same file is accessed on another VM on the same virtual host, the security solution knows that another scan is unnecessary. The file will only be re-scanned if it’s been changed, or if the user runs a manual scan. This saves resources – especially in virtual desktop (VDI) environments, where many VMs use identical sets of OS and application files.
Kaspersky’s shared cache technology helps enhance IT performance and reduce the load on your computing infrastructure, so you can reallocate resources to other tasks without compromising security levels.
Kaspersky Security Center, included in Kaspersky Security for Virtualization Agentless, provides a single unified management console for controlling a wide range of Kaspersky Lab security technologies. You can manage the protection of virtual, physical and mobile devices, and enforce consistent security policies across your entire IT estate – all from the one console.
During deployment, there’s no need to reboot any machines or put the host server into maintenance mode. This helps maintain productivity for your users – vitally important for data centers committed to achieving ‘five nines’ (99.999%) uptime or better.
Kaspersky Security for Virtualization Agentless is managed from the same Kaspersky Security Center that manages regular endpoints. KSC makes it easy to generate detailed reports, giving administrators greater visibility of events and completed tasks. Because Kaspersky Security Center lets you manage a wide range of security applications, you can produce reports covering all the virtual, physical and mobile devices being protected by Kaspersky Lab security technologies.
Kaspersky Security for Virtualization Agentless offers a choice of ‘per virtual machine’ or ‘per CPU’ licensing – letting you choose the option that’s most cost-effective for your business. For large data centers and IaaS (Infrastructure as a Service) providers, the number of virtual machines regularly fluctuates, so ‘per CPU’ licensing offers big benefits.