What’s new

New features in Kaspersky Security for Virtualization 6.0 Agentless include:

• New operation mode for the application – multitenancy mode. In an infrastructure managed by a VMware vCloud Director server, Kaspersky Security can be used to protect isolated virtual infrastructures, such as virtual Datacenters corresponding to vCloud Director organizations. In multitenancy mode, one instance of the application installed in the anti-virus protection provider's infrastructure allows multiple tenants of a cloud infrastructure (tenant organizations or divisions of one organization) to independently manage the protection of their own virtual infrastructure.

  Virtual Administration Servers of Kaspersky Security Center are used to manage protection of tenants. The provider's administrator creates a separate virtual Administration Server for each tenant and provides the tenant's administrator with access to it. The tenant's administrator can use the virtual Administration Server and administration plug-in for tenants to manage File Threat Protection of their virtual infrastructure. The provider handles management of network protection, application database updates, application activation, and management of file copies placed in Backup.

• Extended functionality of the Network Threat Protection component:
  • When scanning web addresses, Kaspersky Security can use information about the reputation of web resources received from Global KSN.
  • You can now scan web addresses to check if they belong to advertising web addresses category, or to the category of web addresses associated with the distribution of legitimate applications that could be exploited to harm a virtual machine or user data.
  • You can now view the list of network threat sources that were blocked as a result of operation of each SVM with the Network Threat Protection component. In this list you can unblock traffic from selected IP addresses without waiting for them to be automatically unblocked.
• The capabilities for scanning and protecting virtual machines have been expanded:
  • Support of environment variables added to the lists of exclusions from scanning and protection. The scan tasks and policies now allow to set the path to the objects excluded from the scan scope or protection scope using Windows environment variables.
  • The scan tasks now allow to select the action that Kaspersky Security performs when it detects infected files on powered off virtual machines or virtual machine templates. You can configure separate actions to be taken when a threat is detected on powered on virtual machines and when a threat is detected on powered off virtual machines.
• A policy provides a new method for assigning file protection settings to objects of the protected infrastructure (only for a virtual infrastructure managed by one VMware vCenter Server). You can assign file protection settings by mapping protection profiles to NSX Profile Configurations.
• There is now the capability to use network data storage for storing backup copies of files that have been moved to Backups on SVMs. To prevent deletion of backup copies of files when deleting or updating SVMs, you can configure the use of network data storage for SVMs. If the use of network data storage is enabled, backup copies of files are stored on SVMs and in the network data storage.
• You now have the capability to check the integrity of application components by using the integrity check tool.