Kaspersky Lab has received patent 9009836 for its Security Architecture for Virtual Machines. The patent was granted by the US Patent and Trademark Office and describes technology designed to provide virtual machines with fully-fledged protection against cyberthreats, without compromising their performance.
The patented technology covers the combination of a dedicated security virtual machine and light agents installed on other virtual machines within the infrastructure. The dedicated machine is equipped with a security module and serves as a security solution for all the other machines. The patent protects the hypervisor-agnostic method of communication between the dedicated machine and the light agents. This method enables agents to not only send data direct to the security module for analysis and to execute its instructions, but also to provide advanced instruments for protection or remediation if needed. This would be impossible using an agentless approach.
In virtual environments, each virtual machine is allocated exactly the amount of RAM and CPU power that it needs. Reducing the resources required by each virtual machine means, therefore, that more machines can be launched on the same hardware. By today’s standards, conventional cybersecurity solutions take up limited resource. However, if a traditional security solution is running on each of the multiple virtual machines launched in an infrastructure, then security tasks consume quite a lot of the available computing power. Using this newly patented technology helps to dramatically reduce that load. Moreover, the installed agent provides more reliable protection than the popular agentless approach: it offers access to memory and deep system processes, and taps additional security technologies such as web control, application control and device control.
“One of the main benefits of virtualization technology is its more efficient use of resources. Conventional information security tools are not designed to work on virtual machines. This newly patented technology helps to reliably protect virtual environments without compromising their effectiveness. Moreover, this technology is currently the only truly specialized security tool for some virtualization platforms,” says Matvey Voytov, Corporate Products Group Manager at Kaspersky Lab.
Kaspersky Lab’s patented Security Architecture for Virtual Machines technology is implemented in Kaspersky Security for Virtualization | Light Agent. This solution protects servers and virtual workstations in environments such as Microsoft Hyper-V, Citrix XenServer and VMware vSphere. In particular, this product implements state-of-the-art anti-malware technologies, deep scanning of system processes and memory, web control, application control, device control, among many other features.