Kaspersky Security for Virtualization | Light Agent

Kaspersky Security for Virtualization | Light Agent delivers the latest security technologies and multi-layered protection in a form that’s optimized to help you achieve high consolidation ratios and to boost return on investment (ROI) in your VMware vSphere, Microsoft Hyper-V, Citrix XenServer or KVM virtualized environment regardless of whether you are running virtual servers or desktops.

A part of:

Security for Virtualization

Security for Virtualization

  • Optimized security for hybrid virtual environments
  • An unmatched combination of protection and ‘virtualization-aware’ technologies

    Kaspersky Security for Virtualization | Light Agent combines Kaspersky Lab’s most advanced anti-malware and network protection technologies in a solution that’s been specifically developed for virtual environments. While traditional security products require a full security agent to be installed on each VM (Virtual Machine), Kaspersky Security for Virtualization | Light Agent only requires one dedicated SVM (Security Virtual Machine) to be installed on each virtual host. Each VM then only needs a very small software agent – or ‘Light Agent’.

  • Advanced anti-malware protection

    Kaspersky Security for Virtualization | Light Agent delivers on-access and on-demand anti-malware protection for your VMs. Kaspersky Lab’s dedicated SVM combines signature-based technologies and heuristic analysis for the rigorous protection of VM file systems, including protection against complex, memory-resident malware.

  • Preserves the performance of virtual servers and desktops

    Kaspersky Security for Virtualization | Light Agent protects your virtual environment – including virtual servers and VDI (Virtual Desktop Infrastructure) - with no significant impact on hypervisor performance. You can effectively protect your systems and sensitive corporate data, while maintaining high consolidation ratios and quality of service for your users.

  • Reduces the load on your computing resources – so each host can do more

    With its unique architecture, Kaspersky Security for Virtualization | Light Agent reduces the load on each virtual host, including the following resources:

    • Hypervisor I/O
    • CPU
    • Memory
    • Storage
  • Eliminates anti-malware ‘storms’

    With only one SVM updating on each virtual host, Kaspersky Security for Virtualization | Light Agent helps to eliminate anti-malware 'Update Storms' and 'Scanning Storms'. Peaks in resource consumption are also avoided through intelligent scan task orchestration. The SVM automatically creates On-Demand Scanning queues, redistributing scan tasks over time in response to the current hypervisor load. The SVM’s ability to prioritize tasks intelligently also solves the problem of the ‘noisy neighbor’ - On-Access scan tasks are always prioritized over On-Demand to minimize the impact of individual VM scans on the responsiveness of neighboring VMs.

  • Protection tailored to Microsoft, Citrix, VMware & KVM

    Kaspersky Security for Virtualization | Light Agent supports native virtualization technologies within Microsoft Hyper-V, Citrix XenServer and VMware vSphere, as well as KVM. The solution provides protection from the most advanced threats, leveraging Kaspersky Lab’s threat intelligence expertise, advanced technologies and unbeatable performance.

  • Flexible licensing options – simplified licensing that saves you money

    Kaspersky Security for Virtualization | Light Agent offers a choice of ‘per VM or ‘per core’ licensing – so you can choose the option that’s most cost-effective for your business. For large Data Centers and IaaS (Infrastructure as a Service) providers, the number of VMs will continually fluctuate – so ‘per core’ licensing can offer big benefits.

  • Multi-layered security for VDI
  • Native support for Citrix XenDesktop

    Kaspersky Security for Virtualization | Light Agent delivers outstanding, multi-layered, granular protection for VDI (Virtual Desktop Infrastructure) with without compromizing performance. The solution supports VMware, Microsoft and Citrix virtualization platforms and fully supports Citrix XenDesktop.

    As well as file-level anti-malware capabilities, Kaspersky Security for Virtualization | Light Agent delivers security technologies that are particularly valuable in protecting virtual desktops:

    • Mail Anti-Malware scans incoming and outgoing mail on the user’s machine.
    • Web Anti-Malware intercepts and blocks the execution of potentially dangerous scripts on web pages.
  • The Only Security Solution for VMware Horizon

    Kaspersky Security for Virtualization | Light Agent works seamlessly with the VMWare Horizon desktop virtualization platform that runs on VMware vSphere, delivering outstanding, multi-layered, granular protection for VDI with minimal impact on user experience and responsiveness

  • Supports the rapid provisioning of VDI machines

    Kaspersky Security for Virtualization Light Agent fully supports linked and full cloning. Thanks to the pre-installed lightweight agent, provisioning a new VM just involves cloning a template. After cloning is complete, the new machine will be automatically protected by the SVM. This simplifies VDI management, eliminating the need to update security products on the VDI image.

  • Anti-Ransomware for your VDI

    System Watcher technology built into Kaspersky Security for Virtualization Light Agent monitors the behavior of applications running inside each virtual desktop. If any form of suspicious behavior, such as cryptor or locker activity, is detected, the activity is blocked and any malicious changes are automatically rolled back, so your critical data remains secure. Your VDI users won’t even be aware that anything’s happened.

  • Automatic Exploit Prevention (AEP)

    To swiftly overcome the dangers posed by unpatched vulnerabilities, Kaspersky Security for Virtualization | Light Agent incudes a technology called Automatic Exploit Prevention (AEP).

    AEP specifically monitors the most frequently targeted applications in VDI environments – including Adobe Reader, Internet Explorer, Microsoft Office, Java and many more – delivering an extra layer of security monitoring and protection against unknown threats.

  • Flexible control tools for VDI

    Award-winning endpoint controls – including Application Control, Web Control and Device Control – add a further layer of protection against malware, making it easy to apply corporate security policies right across your virtual and physical infrastructure.

    Kaspersky Lab’s control technologies are particularly valuable in securing VDI environments.

  • Application Control

    Flexible Application Control tools let you dictate which applications are allowed to launch on which VMs. This prevents unnecessary exposure to risk and wasted resources due to running superfluous software.

    You can choose to operate a Default Allow policy, allowing all applications not on your blacklist to run, or a Default Deny policy that blocks all programs not on your whitelist of safe applications.

    Kaspersky’s Application Control also includes:

    • Application Startup Control – monitoring and controlling each user’s attempts to launch applications
    • Application Privilege Control – registering applications and regulating their activity according to the rules you’ve set. These rules can control whether an application is allowed to access operating system resources and the user’s personal data.
  • Web Control

    Web Control lets you manage Internet usage, blocking VM access to social networks, music, video, non-corporate web email and websites containing inappropriate content. Different control policies can be set for different job roles, and total blocks, or blocking during specific periods of the working day, can be applied.

  • Device Control

    As users can connect to their VDI machine from anywhere, using any device, it’s important to make sure the VM is not exposed to extra threats introduced through insecure USB devices. This technology allows you to specify which removable devices are granted access to individual VMs. It’s easy to apply control policies to a range of devices, including removable drives, printers and non-corporate network connections. For VMware installations, this technology complements and enhances existing Horizon USB Redirection capabilities.

  • Security for Virtual Networks Across your Entire Infrastructure
  • Multi-layered protection for your network

    Kaspersky Security for Virtualization | Light Agent protects against external and internal network attacks – including threats that may be hidden in non-transparent virtual traffic. Every VM is protected by host-based network security which includes Kaspersky Lab’s HIPS, firewall and Network Attack Blocker technologies.

  • Host-based Intrusion Prevention System (HIPS) and personal firewall

    HIPS – working together with Kaspersky Lab’s two-way firewall – controls both inbound and outbound traffic on your network. Flexible tools let you control security according to a wide choice of parameters, including settings for an individual port, individual IP addresses or a specific application’s network activity.

  • Network Attack Blocker

    Kaspersky’s Network Attack Blocker technology monitors hypervisor network traffic and checks for the presence of any activity which could indicate or presage a network attack. On detection, the network attack is automatically blocked.

  • Improved protection versus perimeter-based appliances

    Kaspersky’s virtual machine-based security delivers protection which sits much closer to the virtual workload to be secured than is possible with perimeter-based security appliances. This approach is particularly effective in securing non-transparent virtualization traffic against internal network infections, such as the Conficker Worm.

  • A Finely Balanced Combination of Security Technologies
  • Eliminating unnecessary scans

    Virtual environments – especially VDI – often include many similar VMs each accessing identical files, so some security products waste time and resources running multiple scans of the same file. Kaspersky’s Shared Cache feature effectively shares the results of file scans, helping to minimize the overall load on your IT infrastructure.

  • Shared Cache

    Whenever a file is accessed on a VM, Kaspersky Security for Virtualization | Light Agent will scan the file to ensure it’s safe, then store the verdict in the Shared Cache. If the same file is accessed on another VM on the same virtual host, Kaspersky Security for Virtualization | Light Agent automatically knows it’s unnecessary to perform a further scan. The file will only be scanned again if it has changed, or if the user manually requests a scan.

  • Local Cache

    A further enhancement to cache-based methods of file-scanning optimization. Stored locally within the operating memory of a protected VM, this cache eliminates unnecessary network usage – no need to check the Shared Cache on the SVM if there is a valid verdict in the Local Cache.

  • Redundancy for SVMs (Security Virtual Machines)

    The solution architecture is constructed so that SVMs can back one other up, eliminating single-points-of-failure in infrastructures of any size. In the event of significant changes in virtualized infrastructure, the Light Agent on the VM can reconnect to a neighboring SVM almost immediately. This ensures continuous real-time protection for the entire virtualized environment, regardless of changes at infrastructure level.

  • Autonomous operation

    This feature allows the Light Agent to operate in autonomous mode for a short period. In this mode, technologies including Self Defense, Automatic Exploit Prevention and other behavioral defensive mechanisms continue to protect the VM. In addition, a local queue of files requiring anti-malware checking is created, ready for when normal operation is resumed. This approach ensures that every single file is inspected, regardless of circumstances.

  • System Watcher technology

    Kaspersky’s System Watcher technology monitors the behavior of applications running on VMs. If System Watcher detects suspicious behavior, that activity will be blocked and any malicious changes automatically rolled back.

  • Self-defense for Light Agents

    This built-in mechanism protects Kaspersky Security for Virtualization itself against malware that may try to modify or block its functions, delete any components (e.g. antivirus databases, quarantined files, trace files), terminate the application of its services or uninstall them. Self-Defense also prevents the modification or deletion of Kaspersky Security for Virtualization | Light Agent system registry keys inside the guest OS.

  • Built-in self-monitoring

    The Security Virtual Machine (SVM) constantly and autonomously monitors its own operation, automatically restarting its scan server service if this is halted or disrupted for any reason. This ensures that the scanning engine is available and ready to handle anti-malware scans at all times.

  • Kaspersky Security Network (KSN)

    The cloud-based Kaspersky Security Network (KSN) identifies new threats and provides automatic updates to the security solution. Identifying new malware in as little as 0.02 seconds, KSN enables Kaspersky Security for Virtualization | Light Agent to protect your business-critical environment against even zero-day threats.

  • Fast to configure and easy to manage
  • Parallel installation and deployment

    SVMs can be deployed onto several virtualization hosts simultaneously. This dramatically decreases the time needed to get the security solution up and running within a virtualized infrastructure, regardless of size.

  • Multi-networking

    The broader your infrastructure, the more network segments you have. From a networking perspective, some complexity of infrastructure and its topology is the norm. But regardless of complexity levels, you need full security protection in place and running efficiently, covering the entire network infrastructure. Kaspersky Security for Virtualization | Light Agent operates seamlessly in enterprise infrastructures running multiple logical networks on different hypervisor hosts and platforms.

  • Multicast: to use or not to use

    Some companies allow the use of multicast transmission within their network infrastructures, allowing Light Agents to discover and connect to an SVM without any additional network configuration.

    If your corporate IT policy prohibits the use of multicasts, Kaspersky Security for Virtualization | Light Agent can be configured in a more robust and direct way, using Unicast to discover the SVM. This technique also means that a static pool of SVMs for Light Agents can be defined.

    Choose whichever option best suits your environment.

  • Easy to deploy and manage

    After the dedicated SVM has been installed on the virtual host, Light Agents can easily be distributed onto every VM – either manually or according to an automatic routine set up by the administrator.

    Different security settings can easily be applied to different VMs – so specific security functions can be excluded if they are not relevant to an individual VM or group of machines.

  • Exceptions or enforcement management

    Kaspersky Security for Virtualization | Light Agent now offers a wider list of applications from different software vendors for use when specifying exceptions or configuring an enforced scanning policy.

  • One centralized management console for all physical, virtual and mobile devices

    Kaspersky Security for Virtualization | Light Agent includes Kaspersky Security Center – Kaspersky Lab’s easy-to-use management interface - letting you configure and control a wide range of Kaspersky Lab security and systems management technologies via a single console. Kaspersky Security Center manages all your security across:

    • Virtual environments, including:
      • Microsoft Hyper-V
      • Citrix XenServer
      • VMware vSphere (both in Agentless and Light Agent options)
      • KVM hypervisor
    • Physical devices, including:
      • Laptops
      • Desktops
      • Servers
    • Mobile devices, including:
      • Smartphones
      • Tablets
  • VMware vSphere
    • VMware vSphere 6.0 with VMware vCenter 6.0
    • VMware vSphere 5.5 with VMware vCenter 5.5
    • VMware vSphere 5.1 with VMware vCenter 5.1
  • Microsoft Hyper-V
    • Microsoft Windows Server 2012 R2 Hyper-V role (Full or Server Core mode)
  • Citrix XenServer
    • Citrix XenServer 6.5 SP1
    • Citrix XenServer 6.2 SP1
  • KVM (Kernel-based Virtual Machine)
    • Ubuntu Server 14.04 LTS
    • CentOS 7
  • Supporter VDI platforms
    • VMware Horizon View 6.2
    • Citrix XenDesktop 7.5
    • Citrix Provisioning Services 7.5
  • Supported Windows-based guest operating systems
    • Windows 10 Professional/Enterprise (32-bit / 64-bit)
    • Windows 8.1 Professional/Enterprise (32-bit / 64-bit)
    • Windows 7 Professional SP1 (32-bit / 64-bit)
    • Windows 7 Enterprise (32-bit / 64-bit)
    • Windows Server 2012 R2 (64-bit)
    • Windows Server 2012 (64-bit)
    • Windows Server 2008 R2 Standard SP1 (64-bit)

Kaspersky Security for Virtualization | Light Agent

Kaspersky Security for

Superior, flexible and efficient protection for virtual server and desktop environments, offering both light agent and agentless approaches.

Kaspersky Security for
Virtualization - Feature Guide

Light agent or agentless? A feature guide to Kaspersky Security for Virtualization

Understanding the

A white paper exploring why a specialized security solution for virtual environments is essential.

Not sure which Security Solution is right for your business?