Special considerations when converting policies and tasks if the application is upgraded
The converted policies and tasks use the values from the settings of policies and tasks of the previous version of Kaspersky Security. Settings that were absent from the policies and tasks of the previous version of the application take the default values.
Selecting the protected infrastructure for a policy
Policies are converted as follows depending on the protected infrastructure selected in the policy of the previous version of the application:
- If a protected infrastructure was selected and protection profiles were assigned to virtual infrastructure objects, conversion will result in the creation of a policy for one VMware vCenter Server. The protected infrastructure selected in the policy and the assignment of protection profiles to virtual infrastructure objects are retained.
- If the protected infrastructure was not selected, the conversion will result in the creation of a policy for entire protected infrastructure. The main protection profile is assigned to all objects of the virtual infrastructure.
It is recommended to change the protected infrastructure or the location of this policy within the structure of administration groups so that the protected infrastructure selected for the policy matches the location of the policy:
- If the policy is located in the group that contains the "VMware vCenter Agentless" cluster, the VMware vCenter Server corresponding to this cluster must be selected as the protected infrastructure for the policy.
- If the policy is located in the Managed devices folder or in the group that contains the "VMware vCloud Director Agentless" cluster, the entire protected infrastructure must be selected as the protected infrastructure for the policy.
Select action automatically option
The Select action automatically option is absent from converted policies and tasks. If this option was selected in a policy or task of the previous version of the application, the following action is selected in the converted policy or task:
- Action on threat detection when protecting virtual machines (policy): Disinfect. Delete if disinfection fails.
- Action on threat detection when scanning virtual machines (task):
- For powered on virtual machines: Disinfect. Delete if disinfection fails.
- For powered off virtual machines and virtual machine templates: Block.
- Action on network attack detection (policy): Terminate connection and block traffic from sender's IP address.
- Action on suspicious network activity detection (policy): Terminate connection.
- Action on detection of a dangerous or undesirable web address (policy): Block.
Web Addresses Scan
If Web Addresses Scan was enabled in a policy of the previous version of the application, the Web Addresses Scan settings in the converted policy take the following values:
- Analysis by using the database of malicious web addresses – enabled.
- Analysis by using the database of phishing web addresses – enabled, if it was enabled in the policy of the previous version of the application.
- Scanning web addresses to check if they belong to the category of web addresses that are used for showing advertisements or are associated with the distribution of adware – enabled, if analysis by using the database of malicious web addresses was enabled in the policy of the previous version of the application.
- Scanning web addresses to check if they belong to the category of web addresses associated with the distribution of legitimate applications that could be exploited to harm a virtual machine or user data – disabled.
If Web Addresses Scan was disabled in a policy of the previous version of the application, it is also disabled in the converted policy.
Case of characters in file extensions
The Network paths are case sensitive parameter is missing from converted policies. When protecting virtual machines running Windows operating systems, Kaspersky Security is not case sensitive regarding the characters in the extensions of files that are to be included in the protection scope.
Main protection profile
In converted policies, the protection profile that is generated automatically when a policy is created is called the "main protection profile". It was called the "root protection profile" in policies of Kaspersky Security for Virtualization 4.0 Service Pack 1 Maintenance Release 1 Agentless or earlier versions.
Special considerations when converting tasks
Converted custom scan tasks use the task scope that was specified in tasks of the previous version of the application.
Converted tasks use the run schedule that was specified in tasks of the previous version of the application.