Kaspersky Agentless Virtualization Security

KasperskyAgentless Virtualization Security

Kaspersky Security for Virtualization Agentless has been specifically designed to protect software-defined data centers built on the VMware vSphere platform, including support for NSX technologies. The solution delivers advanced security capabilities with near-zero impact on platform efficiency so you benefit from an industry-leading anti-malware solution while retaining high consolidation ratios.

  • Specifically designed for VMware security

    • Native integration with VMware NSX

      The tight integration of Kaspersky Security for Virtualization Agentless with the VMware vSphere and NSX platforms means that the infrastructure and security layers work together in close co-operation, bringing improved levels of automation and protection to software-defined data centers. Anti-malware scans, as well as network attack blocking functionality, are offloaded to dedicated security virtual appliances (also known as Security Virtual Machines or SVMs) and delivered to each VM from the moment it’s powered on.

      • Next Gen anti-malware protection, featuring multiple machine learning-powered technology layers, is delivered instantly to every virtual machine (VM) managed by VMware NSX, with no need to install any agent on the VM.
      • Full, flexible network threat detection capabilities are also delivered to every virtual host managed by the VMware NSX platform, helping to protect your virtualized infrastructure from the most advanced network-based threats and even zero-day vulnerabilities.
    • Automated deployment for VMware NSX

      Tight VMware NSX integration enables the fully automated deployment of security appliances (main Secure Virtual Machines (SVMs) or Network Threat Detection SVMs). These pop up on the hypervisor automatically, based on the security polices applied to each VM.

    • Security policy integration

      Tight integration with VMware NSX means that each VM receives precise security capabilities as defined by your corporate policies.

      In a dynamically changing IT landscape, it’s important to ensure that your security policy is attached to a particular VM function - not to a precise location - so that individual security capabilities travel with each VM from host to host. The VMware NSX platform and its security policies enable this functionality, consolidating all security settings (network, AV, etc.) into one policy. We further boost the VMware NSX platform’s security management efficiency by incorporating the anti-malware and network attack blocking security policies available in our Agentless solution.

      This feature fully supports the building and scaling of perfectly balanced software-defined data centers.

    • Security tags integration

      Kaspersky Security for Virtualization Agentless and the VMware NSX platform now exchange security tags, which can change based on specific rules (e.g. malware detected inside a VM). This constant interaction between the infrastructure and its security means the software-defined data center can react in real time to any security incident, automatically triggering the reconfiguration of the entire virtual infrastructure if necessary.

    Automated Security and Monitoring

    • Full infrastructure scan – for security even when offline

      No ‘traditional’ security solution can perform an agentless anti-malware scan of a VM that’s offline. Kaspersky Security for Virtualization Agentless introduces advanced functionality that scans all VMs running Windows or Linux OS with the following file systems: NTFS, FAT32, EXT2, EXT3, EXT4, XFS and BTRFS - whether they’re online or offline. This includes VM templates used for on-demand VM spawning. The result is more effective on-demand scanning and better security coverage across your entire infrastructure.

    • Advanced SNMP-based monitoring

      Kaspersky Security for Virtualization Agentless can be installed with an SNMP-agent. This monitors and sends extensive information about the SVM's health status to third-party SNMP monitoring tools like Zabbix and Nagios. SNMP counters include general SVM metrics (CPU, RAM, etc.), as well as specific metrics.

    • Security task orchestration according to your needs

      Routine scanning can be performed on all VMs according to your own pre-set schedule. Kaspersky Security for Virtualization Agentless automatically avoids the simultaneous scanning of large numbers of machines, to help ease the load on your systems.

    • Fully supports VMware vMotion

      With full support for VMware vMotion, Kaspersky Security for Virtualization Agentless ensures that security is not interrupted when a workload is moved from one ESXi host to another. If the new host has the necessary licenses, the security will automatically transfer along with the workload – and all security settings and policies will remain exactly as you configured them.

    • Seamlessly integrates with VMware vCenter Server

      Kaspersky Security for Virtualization Agentless receives information about VMs from the VMware vCenter Server, including a list of all VMs and all relevant parameters. As well as giving IT administrators a higher level of visibility, this close integration with vCenter Server ensures that protection is automatically provided whenever your IT team configures a new VM.

    • Cloud-assisted protection against the latest threats – including zero-days

      The cloud-based Kaspersky Security Network (KSN) identifies new threats and delivers the most recent threat intelligence in real time. With an identification time as quick as 0.02 seconds, KSN helps protect you against zero-day threats.

    The Right Balance of Protection and Performance

    • Reduces the load on your systems for better consolidation and performance

      Kaspersky Security for Virtualization Agentless has been designed to protect virtual servers with optimum efficiency and minimal impact on hypervisor performance. So your servers are protected while retaining all the benefits of virtualization.

      Offloading resource-heavy tasks such as anti-malware scans and storing security intelligence databases substantially reduces the strain of doubling-up functionality on every virtual host, including Hypervisor I/O, CPU, Memory and Storage.

    • [NEW] Detects attacks on the network level, now with Network Threat Detection

      Kaspersky’s Network Threat Detection System monitors network traffic for signs of activity typical of network attacks. On detecting an attack, it blocks the attacking computer. It also detects suspicious network activities that may be a side effect of a network intrusion into the protected infrastructure. Exclusion rules can be configured to scan or block specific IP addresses. A traffic processing mode can be selected for Network Threat Detection, to block th