Kaspersky Security for Virtualization 6.0 Agentless
6.0
English

Contents

Application database update

Update functionality (including antivirus signature updates and codebase updates) may not be available in the program in the United States.

The application databases contain the computer security threats descriptions which allow to detect the malicious code in the scanned objects, descriptions of currently known types of network attacks and signs of intrusions, and the databases of malicious and phishing web addresses.

Application database updates ensure that the protection of virtual machines is up to date. New viruses and other types of malware appear worldwide on a daily basis. To enable Kaspersky Security to quickly detect threats, you need to update the application databases regularly.

Database updates require a current license for using the application.

An update source is a resource which contains updates for databases and application software modules of Kaspersky applications. The update source for Kaspersky Security is the storage of the Kaspersky Security Center Administration Server.

To download an update package from the Administration Server storage successfully, an SVM needs to have access to the Kaspersky Security Center Administration Server.

If application databases have not been updated for a long time, the size of the update package may be large (up to several dozen megabytes). Downloading this update package may generate additional load on the network.

Kaspersky Security Center lets you automatically distribute application database updates and install them on SVMs. This can be done using the following tasks:

  • Download updates to the storage task. This task downloads the update package from the update source to the Kaspersky Security Center Administration Server storage.
  • Application database update task. This task lets you distribute application database updates and install them on SVMs as soon as an update package is downloaded to the Administration Server repository.

In this Help section

Configuring automatic application database updates

Creating an application database update task

Rolling back the last application database update

Creating an update rollback task
Page top
[Topic 57670]

Configuring automatic application database updates

To configure automatic updates of application databases:

  1. Make sure that a download updates to the storage task exists in Kaspersky Security Center.

    The download updates to the storage task is created automatically by the Kaspersky Security Center Initial Configuration Wizard. If the download updates to the storage task has been removed from the list of Administration Server tasks, you can create a new task. See Kaspersky Security Center documentation for more information.

  2. Make sure that an application database update task has been created in Kaspersky Security Center.

    The application database update task can be created automatically after installing the Kaspersky Security main administration plug-in. You can use this task to update the application databases.

    If the task has not been created, create it.

    The application database update task runs according to a schedule. You can view the task results and, if necessary, manually start the task.

Kaspersky Security checks the integrity of application databases during updates. If this check is unsuccessful, the application database update task ends with an error and Kaspersky Security continues to use the previous set of anti-virus databases.

Page top
[Topic 57682]

Creating an application database update task

To create an application database update task:

  1. In the Kaspersky Security Center Administration Console, select the folder or administration group in which you want to create the task.

    If you selected the Managed devices folder or an administration group containing a KSC cluster, select the Tasks tab in the workspace.

  2. Click the New task button to start the New Task Wizard.
  3. At the first step of the Wizard, select the following type of task: Kaspersky Security for Virtualization 6.0 AgentlessUpdate. Proceed to the next step of the New Task Wizard.
  4. If you started the New Task Wizard from the Tasks folder, specify the method for selecting the SVMs on which the task must be run:
    • Click the Select network devices detected by Administration Server button if you want to select SVMs from the list of devices detected by Administration Server while polling the local area network.
    • Click the Specify device addresses manually or import from list button if you want to specify the addresses of SVMs manually or import the list of SVMs from a file. Addresses are imported from a TXT file with a list of addresses of SVMs, with each address in a separate row.

      If you import a list of addresses from file or specify the addresses manually and the SVMs are identified by name, the list of SVMs for which the task is being created can be supplemented only with those SVMs whose details have already been included in the Administration Server database upon connection of SVMs or following a poll of the local area network.

    • Click the Assign task to a device selection button if the task must be run on all SVMs that are part of a selection based on a predefined criterion. For details on creating a selection of devices, please refer to the Kaspersky Security Center documentation.
    • Click the Assign task to an administration group button if the task must be run on all SVMs within an administration group.

      Depending on the specified method of SVM selection, perform one of the following operations in the window that opens:

      • In the list of detected devices, specify the SVMs on which the task will be run. To do so, select check boxes in the list on the left of the name of the relevant SVMs.
      • Click the Add or Add IP range button and specify the addresses of SVMs.
      • Click the Import button, and in the window that opens select the TXT file containing the list of SVM addresses.
      • Click the Browse button and in the opened window specify the name of the selection containing the SVMs on which the task will be run.
      • Click the Browse button and select an administration group or manually enter the name of an administration group.

    Proceed to the next step of the New Task Wizard.

  5. In Scheduled launch field, select When new updates are downloaded to the repository. Configure the remaining task launch schedule settings. For more information about the task launch schedule settings, please refer to the Kaspersky Security Center documentation.

    Proceed to the next step of the New Task Wizard.

  6. In the Name field, enter the name of the application database update task and proceed to the next step of the New Task Wizard.
  7. If you want the task to start as soon as the New Task Wizard finishes, select the Run task when the wizard is complete check box.

    Exit the New Task Wizard.

The created update rollback task appears in the list of tasks. The task will start every time an update package is downloaded to the Administration Server repository, and will distribute and install application database updates on SVMs.

After Kaspersky Security has been installed or upgraded, SVMs relay information to Kaspersky Security Center regarding the type of the databases required for the operation of the application. If Kaspersky Security Center has not yet downloaded the necessary databases to the storage when the database update task is started, the task could end with an error. If this is the case, you can manually start the download updates to the storage task (for details, please refer to the Kaspersky Security Center documentation), wait for it to complete, and then manually start the database update task.

Page top
[Topic 57673]

Rolling back the last application database update

After the first update of the application databases, the option of rolling back to the previous set of the databases becomes available.

Every time an update is started on an SVM, Kaspersky Security creates a backup copy of the existing application databases before proceeding to update them. This enables you to revert to the previous version of the application databases, if necessary. The update rollback feature is used if the new application database version contains an invalid signature that causes Kaspersky Security to block a safe application.

To roll back the latest application database update:

  1. Create an update rollback task. You can create a task for all SVMs, for the SVMs of one KSC cluster, or for an individual SVM.
  2. Start an update rollback task.
Page top
[Topic 59322]

Creating an update rollback task

To create an update rollback task:

  1. In the Kaspersky Security Center Administration Console, select the folder or administration group in which you want to create the task.

    If you selected the Managed devices folder or an administration group containing a KSC cluster, select the Tasks tab in the workspace.

  2. Click the New task button to start the New Task Wizard.
  3. At the first step of the Wizard, select the following type of task: Kaspersky Security for Virtualization 6.0 AgentlessRollback. Proceed to the next step of the New Task Wizard.
  4. If you started the New Task Wizard from the Tasks folder, specify the method for selecting the SVMs on which the task must be run:
    • Click the Select network devices detected by Administration Server button if you want to select SVMs from the list of devices detected by Administration Server while polling the local area network.
    • Click the Specify device addresses manually or import from list button if you want to specify the addresses of SVMs manually or import the list of SVMs from a file. Addresses are imported from a TXT file with a list of addresses of SVMs, with each address in a separate row.

      If you import a list of addresses from file or specify the addresses manually and the SVMs are identified by name, the list of SVMs for which the task is being created can be supplemented only with those SVMs whose details have already been included in the Administration Server database upon connection of SVMs or following a poll of the local area network.

    • Click the Assign task to a device selection button if the task must be run on all SVMs that are part of a selection based on a predefined criterion. For details on creating a selection of devices, please refer to the Kaspersky Security Center documentation.
    • Click the Assign task to an administration group button if the task must be run on all SVMs within an administration group.

      Depending on the specified method of SVM selection, perform one of the following operations in the window that opens:

      • In the list of detected devices, specify the SVMs on which the task will be run. To do so, select check boxes in the list on the left of the name of the relevant SVMs.
      • Click the Add or Add IP range button and specify the addresses of SVMs.
      • Click the Import button, and in the window that opens select the TXT file containing the list of SVM addresses.
      • Click the Browse button and in the opened window specify the name of the selection containing the SVMs on which the task will be run.
      • Click the Browse button and select an administration group or manually enter the name of an administration group.

    Proceed to the next step of the New Task Wizard.

  5. In the Scheduled launch field, select Manually. Configure the remaining task launch schedule settings. For more information about the task launch schedule settings, please refer to the Kaspersky Security Center documentation.

    Proceed to the next step of the New Task Wizard.

  6. In the Name field, enter the name of the update rollback task and proceed to the next step of the New Task Wizard.
  7. If you want the task to start as soon as the New Task Wizard finishes, select the Run task when the wizard is complete check box.

    Exit the New Task Wizard.

The created update rollback task appears in the list of tasks.

Page top
[Topic 59323]