Kaspersky Security for Virtualization 6.0 Agentless
6.0
English

Contents

Report types

You can use reports to obtain information about the operation of Kaspersky Security, such as details on protection deployment, protection status, performance of started tasks, and detected threats.

Kaspersky Security Center offers a selection of reports that contain information on the operation of Kaspersky Security:

  • Kaspersky application versions report. Details of application versions installed on client devices (SVMs and the computer on which the Administration Server and the Kaspersky Security Center Administration Console are installed).
  • Protection deployment report. Contains details on the deployment of application components.
  • Most infected devices report. Contains information about virtual machines that are found to contain the largest number of infected files.
  • Threats report. Contains information about viruses and malware that were detected on virtual machines, and information about operations performed by the Kaspersky Security on the files in which the threats were detected.
  • Key usage report. Contains information about license keys added to the application.
  • Errors report. Contains information about errors that occurred during application operation.
  • Anti-virus database usage report. Contains information on the versions and status of application databases used on SVMs.
  • Network attack report. Contains information about registered network attacks on virtual machines and suspicious network activity in the traffic of protected virtual machines that have been detected by the Network Threat Protection component.
  • Web Control report. Contains information about requests by users or applications to access dangerous or undesirable web addresses registered by the Network Threat Protection component.
  • Protection status report. Contains information about the protection status of virtual machines.

Kaspersky Security does not provide a report on hardware registry. You can look up information on the hardware of SVMs in the VMware vSphere Web Client console.

Each report consists of a summary table and a table with detailed information. You can configure the content of fields shown in each table.

This Guide describes how to work with reports of Kaspersky Security Center 11.

For details on managing reports, see the Kaspersky Security Center documentation.

In this section:

Kaspersky application versions report

Protection deployment report

Most infected devices report

Threats report

Errors report

Anti-virus database usage report

Network attack report

Web Control report

Protection status report
Page top
[Topic 57685]

Kaspersky application versions report

The Kaspersky application versions report contains information about the versions of Kaspersky Security components that are installed on SVMs and versions of Kaspersky Security Center components that are installed on client devices (SVMs and the devices on which the Kaspersky Security Center Administration Server and/or the Kaspersky Security Center Network Agent are installed).

It contains the following consolidated information:

  • Application. Name of the installed Kaspersky Security component or Kaspersky Security Center component. For Kaspersky Security components, the field shows Kaspersky Security for Virtualization 6.0 Agentless or Kaspersky Security for Virtualization 6.0 Agentless (for tenants).
  • Version number. Version number of the installed Kaspersky Security component or Kaspersky Security Center component.
  • Devices. For Kaspersky Security components, the number of SVMs on which Kaspersky Security components are installed is displayed; for Kaspersky Security Center, the number of devices on which the Kaspersky Security Center Network Agent and/or Administration Server are installed is displayed.
  • Groups number. For Kaspersky Security components, the number of administration groups that include the SVMs is displayed; for Kaspersky Security Center, this field displays the number of administration groups that include devices on which the Kaspersky Security Center Network Agent and/or Administration Server are installed.

    The row below contains the following consolidated information:

    • Total applications. The total number of different versions of Kaspersky Security components and Kaspersky Security Center components installed on client devices.
    • Installations. The total number of installations of these components on the client devices.
    • Devices. The total number of client devices on which Kaspersky Security components and Kaspersky Security Center components are installed.
    • Groups number. The total number of administration groups that include these client devices.

The report contains the following detailed information:

  • Application. Name of the installed Kaspersky Security component or Kaspersky Security Center component. For Kaspersky Security components, the field shows Kaspersky Security for Virtualization 6.0 Agentless or Kaspersky Security for Virtualization 6.0 Agentless (for tenants).
  • Version number. Version number of the installed Kaspersky Security component or Kaspersky Security Center component.
  • Group. For Kaspersky Security components, the name of the administration group that includes the SVM with the installed Kaspersky Security component is displayed; for Kaspersky Security Center, the name of the administration group that includes the device on which the Kaspersky Security Center Network Agent and/or Administration Server are installed is displayed.
  • Device. For Kaspersky Security components, the name of the SVM on which the component is installed is displayed; for Kaspersky Security Center components, the name of the device on which the Kaspersky Security Center Network Agent and/or Administration Server are installed is displayed.
  • Installed. The date and time of installation of the Kaspersky Security component or the Kaspersky Security Center component on the client device.
  • Last visible. The date and time when the client device was last visible on the enterprise LAN.
  • Previous connection to Administration Server. The date and time of the client device's last connection to the Kaspersky Security Center Administration Server.
  • IP address. For Kaspersky Security components, the IP address of the SVM on which the component is installed is displayed; for Kaspersky Security Center components, the IP address of the device on which the Kaspersky Security Center Network Agent and/or Administration Server are installed is displayed.
  • DNS name. For Kaspersky Security components, the domain name of the SVM on which the component is installed is displayed; for Kaspersky Security Center components, the name of the device on which the Kaspersky Security Center Network Agent and/or Administration Server are installed is displayed.
Page top
[Topic 62101]

Protection deployment report

The protection deployment report contains information on the Kaspersky protection components installed on the Kaspersky Security Center client devices (on SVMs and the computer on which the Kaspersky Security Center Network Agent is installed).

It contains the following consolidated information:

  • Protection components. Possible options for installing Kaspersky applications and components on client devices:
    • Network Agent and anti-virus protection are installed
    • Network Agent only is installed
    • Network Agent and anti-virus protection are not installed
  • Devices. The number of SVMs and computers on which the specified components and applications are installed.

    In the row below, the Devices field shows the total number of SVMs and computers on which Kaspersky protection components are installed.

The report contains the following detailed information:

  • Group. The name of the administration group that includes the SVM with the installed Kaspersky Security component, or the name of the administration group that includes the computer on which the Kaspersky Security Center Network Agent is installed.
  • Device. The name of the SVM with the installed Kaspersky Security component or the name of the computer on which the Kaspersky Security Center Network Agent is installed.
  • Network Agent version. The version of Kaspersky Security Center Network Agent installed on the client device.
  • Security application name. The name of the installed application providing anti-virus protection. For Kaspersky Security, the field shows Kaspersky Security for Virtualization 6.0 Agentless.
  • Security application version. The version of the installed application providing anti-virus protection.
Page top
[Topic 62103]

Most infected devices report

The most infected devices report contains information about the protected virtual machines that are found to contain the largest number of infected files during scanning.

The Period field displays the period of time covered by the data included in the report. By default, the report contains for the last 30 days, including the report generation date.

It contains the following consolidated information:

  • Device. The name of the protected virtual machine on which the object was detected, and the path to the virtual machine in the virtual infrastructure.
  • Objects infected. The total number of objects detected on the protected virtual machine in the reporting period.
  • Different objects. The number of different objects that have been detected on the protected virtual machine in the reporting period.
  • First attempted run blocked. The date and time of the first detection of the object on the protected virtual machine.
  • Last attempted run blocked. The date and time of the last detection of the object on the protected virtual machine.
  • Last visible. The date and time of the last event associated with the protected virtual machine on which the object was detected.
  • IP address. The IP address of the protected virtual machine on which the object was detected.
  • NetBIOS name, DNS name. The name of the protected virtual machine on which the object was detected, and the path to the virtual machine in the virtual infrastructure.

    In the line below, the Devices infected field specifies the number of protected virtual machines found to contain the largest number of infected files during scanning. The Groups infected field always displays a 0, because protected virtual machines cannot belong to Kaspersky Security Center administration groups.

The report contains detailed information about each instance of detection:

  • Device. The name of the protected virtual machine on which the object was detected, and the path to the virtual machine in the virtual infrastructure.
  • Detected object. The name of the object that has been detected on the protected virtual machine.
  • Detected at. The date and time of object detection on the protected virtual machine.
  • Path to file. The path to the protected virtual machine file in which the object has been detected.
  • Object type. The type of object detected.
  • Action. The result of the action taken by Kaspersky Security on the detected object.
  • Application. The name of the application providing anti-virus protection. For Kaspersky Security, the field shows Kaspersky Security for Virtualization 6.0 Agentless or Kaspersky Security for Virtualization 6.0 Agentless (for tenants).
  • Version number. The version number of the application providing anti-virus protection.
  • Last visible. The date and time of the last event associated with the protected virtual machine on which the object was detected.
  • IP address. The IP address of the protected virtual machine on which the object was detected.
  • NetBIOS name, DNS name. The name of the protected virtual machine on which the object was detected, and the path to the virtual machine in the virtual infrastructure.
  • Component. The name of the component that detected the threat. Possible values: Scan task, File Threat Protection.
  • Detection technology. The technology used for detecting the threat. Possible values: Expert analysis, Automatic analysis, Cloud analysis.
Page top
[Topic 62104]

Threats report

The threats report contains information on viruses and other malware detected on protected virtual machines, as well as the details of the results of the actions performed on the files in which the threats were detected.

The Period field displays the period of time covered by the data included in the report. By default, the report contains for the last 30 days, including the report generation date.

It contains the following consolidated information:

  • Detected object. The name of the object that has been detected on protected virtual machines.
  • Object type. The type of object detected.
  • Objects infected. The total number of the specified objects detected on all protected virtual machines during the reporting period.
  • As rated by KSN. The number of objects detected with KSN.
  • Different files. The number of files containing the detected object.
  • Devices infected. The number of protected virtual machines on which the specified objects have been detected.
  • First attempted run blocked. The date and time of the first detection of the object on the protected virtual machines.
  • Last attempted run blocked. The date and time of the last detection of the object on the protected virtual machines.

    The row below contains the following consolidated information:

    • Different objects. The total number of different objects detected on all protected virtual machines during the reporting period.
    • Different files. The total number of files containing detected objects on all protected virtual machines.
    • Devices infected. The total number of protected virtual machines on which the objects were detected in the reporting period.
    • Groups infected. The total number of Kaspersky Security Center administration groups that include the devices on which the objects were detected. This field always displays a 0, because protected virtual machines cannot belong to Kaspersky Security Center administration groups.

The report contains the following detailed information about each instance of threat detection:

  • Device. The name of the protected virtual machine on which the object was detected, and the path to the virtual machine in the virtual infrastructure.
  • Detected object. The name of the object that has been detected on the protected virtual machine.
  • Detected at. The date and time of object detection on the protected virtual machine.
  • File path. The path to the file containing the detected object on the protected virtual machine.
  • Object type. The type of object detected.
  • Action. The result of the action taken by Kaspersky Security on the detected object.
  • Application. The application that detected the object.
  • Version number. The version number of the application that detected the object.
  • Last visible. The date and time of the last event associated with the protected virtual machine on which the object was detected.
  • IP address. The IP address of the protected virtual machine on which the object was detected.
  • NetBIOS name, DNS name. The name of the protected virtual machine on which the object was detected, and the path to the virtual machine in the virtual infrastructure.
  • Component. The name of the component that detected the threat. Possible values: Scan task, File Threat Protection.
  • Detection technology. The technology used for detecting the threat. Possible values: Expert analysis, Automatic analysis, Cloud analysis.
Page top
[Topic 62105]

Errors report

The errors report contains information about errors that occurred in application operation.

The Period field displays the period of time covered by the data included in the report. By default, the report contains for the last 30 days, including the report generation date.

It contains the following consolidated information:

  • Error type. The type of error detected in the operation of the application. For example: Task ended with an error.
  • Number of errors. The number of registered errors of the specified type.
  • Number of products. The number of applications in which the error of this type has been detected.
  • Devices. The number of SVMs on which the specified type of error was registered, or the number of protected virtual machines on which the specified type of error was registered during a scan or protection.
  • Groups number. The number of administration groups that include the SVMs on which the specified type of error was detected. For errors detected during a scan or protection of the virtual machines, 0 is displayed, because protected virtual machines cannot belong to Kaspersky Security Center administration groups.
  • First detection time. The date and time of the first detection of the error.
  • Last detection time. The date and time of the last detection of the error.

    The row below contains the following consolidated information:

    • Total errors. The total number of errors detected in the reporting period.
    • Error types. The total number of error types detected in the reporting period.
    • Devices. The total number of SVMs on which the errors were registered and number of protected virtual machines where the errors were registered during a scan or protection.
    • Groups number. The total number of administration groups that include SVMs on which the errors were detected. The errors detected during a scan or protection of the virtual machines, are not considered when counting the number of groups, because protected virtual machines cannot belong to Kaspersky Security Center administration groups.

The report contains the following detailed information about each error:

  • Group. The name of the administration group that includes the SVM on which the error was registered. For errors detected during a scan or protection of the virtual machines, N/A is displayed, because protected virtual machines cannot belong to Kaspersky Security Center administration groups.
  • Device. The name of the SVM on which the error was registered, or the name of the protected virtual machine on which the error was detected during a scan or protection.
  • Application. The name of the application in which the error was registered.
  • Error type. Error type. For example: Task ended with an error.
  • Error description. Detailed error description.
  • Detected. The date and time when the error occurred.
  • Task. The task during which the error was registered. If the error is not related to task execution, N/A is displayed.
  • IP address. The IP address of the SVM on which the error was registered, or the IP address of the protected virtual machine on which the error was registered during a scan or protection.
  • Last visible. The date and time when the SVM was last visible on the enterprise LAN, or the date and time of the last event associated with the protected virtual machine.
  • Last connection to Administration Server. The date and time of the last connection between the SVM on which the error was registered and the Kaspersky Security Center Administration Server.
  • NetBIOS name. The name of the protected virtual machine on which the error was registered during a scan or protection.
  • DNS name. The domain name of the SVM on which the error was registered, or the name of the protected virtual machine on which the error was registered during a scan or protection, and the path to it in the virtual infrastructure.
Page top
[Topic 62106]

Anti-virus database usage report

The anti-virus database usage report contains information about the versions and status of the application databases that are used on SVMs.

It contains the following consolidated information:

  • Created. The date and time of creation of the application databases that are used on SVMs.
  • Number of records. The number of records in the databases.
  • Devices. The number of SVMs on which these databases are used.
  • Groups number. The number of administration groups that include the SVMs with the utilized application databases.
  • Anti-virus database status. Information on whether the application databases used on SVMs are considered up-to-date. The databases on SVMs are considered up-to-date, if the date and time of their release matches the date and time of release of the databases in the storage of Kaspersky Security Center Administration Server.

    The row below contains the following consolidated information:

    • Total number of database sets used. The total number of the application database sets used on SVMs.
    • Up to date. The number of application databases with “up-to-date” status used on SVMs.
    • Updated during last 24 hours. The total number of the databases updated on SVMs over the last 24 hours.
    • Updated during last 3 days. The total number of the databases updated on SVMs over the last 3 days.
    • Updated during last 7 days. The total number of the databases updated on SVMs over the last 7 days.
    • Updated more than a week ago. The total number of the databases updated on SVMs more than 7 days ago.

The report contains the following detailed information:

  • Group. The name of the administration group that includes the SVMs with the utilized databases.
  • Device. The name of the SVM.
  • Application. The name of the application installed on the SVM.
  • Version number. The number of the application version installed on the SVM.
  • Created. The date and time of creation of the application databases that are used on SVMs.
  • Number of records. The number of records in the databases.
  • IP address. The IP address of the SVM.
  • DNS name. The domain name of the SVM containing the utilized databases.
  • Last visible. The date and time when an SVM was last visible on the corporate LAN.
  • Last connection to Administration Server. The date and time of the last connection between the SVM and the Kaspersky Security Center Administration Server.
  • Anti-virus database status. Information on whether the application databases used on SVMs are considered up-to-date. The databases on SVMs are considered up-to-date, if the date and time of their release matches the date and time of release of the databases in the storage of Kaspersky Security Center Administration Server.
  • Network Agent version. The version of Kaspersky Security Center Network Agent installed on the SVM containing the utilized databases.
Page top
[Topic 62107]

Network attack report

The network attack report contains information about registered network attacks targeting the protected virtual machines and about suspicious network activity detection that may be a sign of an intrusion into the protected infrastructure.

By default, the template of the network attack report is not included in the list of report templates on the Reports tab. Use the Report Template Wizard to add a network attack report template to the list of templates (see the Kaspersky Security Center documentation for details). After the Wizard finishes, the newly created report template will be added to the list on the Reports tab.

The Period field displays the period of time covered by the data included in the report.

It contains the following consolidated information:

  • Attack. The type of network attack or suspicious network activity.
  • Attacks count. The number of registered network attacks or suspicious network activities of this type.
  • Attacking addresses. The number of IP addresses from which network attacks have been registered or which showed the suspicious network activity of this type.
  • Devices attacked. The number of protected virtual machines whose traffic displayed activity typical of network attacks or suspicious network activity of this type.
  • Groups attacked. Kaspersky Security always displays 1 in this field, because all protected virtual machines are assigned to one "pseudohosts" conditional group. The "pseudohosts" group does not belong to administration groups and is not displayed in the Kaspersky Security Center Administration Console. Protected virtual machines cannot belong to administration groups, because they are not considered as client devices of Kaspersky Security Center.
  • First attempted run blocked. The date and time of the first detection of the activity typical of network attacks or suspicious network activity of this type.
  • Last attempted run blocked. The date and time of the last detection of the activity typical of network attacks or suspicious network activity of this type.

    The row below contains the following consolidated information:

    • Attacks count. The number of registered network attacks or suspicious network activities of all types.
    • Various attacks. The number of types of registered network attacks or suspicious network activities.
    • Attack IPs. The total number of IP addresses from which network attacks have been registered or which showed the suspicious network activity.
    • Devices attacked. The total number of protected virtual machines whose traffic displayed activity typical of network attacks or suspicious network activity.
    • Groups attacked. Kaspersky Security always displays 1 in this field, because all protected virtual machines are assigned to one "pseudohosts" conditional group. The "pseudohosts" group does not belong to administration groups and is not displayed in the Kaspersky Security Center Administration Console. Protected virtual machines cannot belong to administration groups, because they are not considered as client devices of Kaspersky Security Center.
    • First attempted run blocked. The date and time of the first detection of the activity typical of network attacks or suspicious network activity of all types.
    • Last attempted run blocked. The date and time of the last detection of the activity typical of network attacks or suspicious network activity of all types.

The report contains the following detailed information on each detection of the activity typical of network attacks or suspicious network activity:

  • Group. Kaspersky Security always displays pseudohosts in this field, because all protected virtual machines are assigned to one "pseudohosts" conditional group. Protected virtual machines cannot belong to administration groups, because they are not considered as client devices of Kaspersky Security Center.
  • Device. The name of the protected virtual machine in whose traffic the network attack or suspicious network activity was registered.
  • Attacking address. The number of the IP address from which the network attack have been registered or which showed the suspicious network activity.
  • Attack time. The date and time of the network attack or suspicious network activity detection.
  • Attack. The type of network attack or suspicious network activity.
  • Protocol. Connection protocol, in which network attack or suspicious network activity was detected.
  • Port. The number of the port targeted by the network attack or which showed the suspicious network activity.
  • Last visible. The date and time of the last event associated with the protected virtual machine in whose traffic the network attack or suspicious network activity was registered.
  • IP address. The IP address of the protected virtual machine in whose traffic the network attack or suspicious network activity was registered.
  • NetBIOS name, DNS name. The name of the protected virtual machine in whose traffic the network attack or suspicious network activity was registered, and the path to the virtual machine in the virtual infrastructure.
  • Version number. The version number of the Network Threat Protection component of Kaspersky Security.
  • Attacked interface address. The IP address on which the network attack was attempted.
Page top
[Topic 57678]

Web Control report

The Web Control report contains information about attempts by users or applications installed on protected virtual machines to access dangerous or inadvisable web addresses that belong to the web address categories selected for detection.

The Period field displays the period of time covered by the data included in the report. By default, the report contains for the last 30 days, including the report generation date.

It contains the following consolidated information:

  • Result. The result of the action taken by Kaspersky Security when it detects an attempt to access a dangerous or undesirable web address.
  • Rule. The network rule applied by the application when it takes action in response to a detected attempt to access a dangerous or undesirable web address. Possible values for Kaspersky Security:
    • Kaspersky Security for Virtualization Agentless: Attempt to access a malicious web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access a phishing web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access an advertising web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access a web address from the "Other" category
  • Attempts. Number of attempts to access a dangerous or undesirable web address.
  • User accounts. The number of protected virtual machines from which attempts were made to access a dangerous or undesirable web address.
  • Web address. The number of dangerous or undesirable web addresses for which access attempts were detected.
  • Devices. The number of protected virtual machines from which attempts were made to access a dangerous or undesirable web address.
  • Administration groups. Kaspersky Security always displays 1 in this field, because all protected virtual machines are assigned to one "pseudohosts" conditional group. The "pseudohosts" group does not belong to administration groups and is not displayed in the Kaspersky Security Center Administration Console. Protected virtual machines cannot belong to administration groups, because they are not considered as client devices of Kaspersky Security Center.
  • First attempt. The date and time of the first attempt to access a dangerous or undesirable web address.
  • Last attempt. The date and time of the last attempt to access a dangerous or undesirable web address.

    The row below contains the following consolidated information:

    • Rules. The number of network rules that determine which action the application takes when it detects an attempt to access a dangerous or undesirable web address. For Kaspersky Security, the value in this field is: 4.
    • Blocked attempts. The number of attempts to access dangerous or undesirable web addresses blocked by Kaspersky Security.
    • Warnings. The number of attempts to access dangerous or undesirable web addresses that were allowed according to the application settings.
    • Blocked web addresses. The number of dangerous or undesirable web addresses that were blocked by Kaspersky Security.
    • Web addresses with warnings. The number of dangerous or undesirable web addresses that were allowed to be accessed according to the application settings.
    • Blocked users. The number of protected virtual machines from which attempts were made to access blocked web addresses.
    • Warned users. The number of protected virtual machines for which Kaspersky Security allowed access to dangerous or undesirable web addresses.
    • First blocked attempt. The date and time of the first attempt to access a dangerous or undesirable web address that was blocked by Kaspersky Security.
    • Last blocked attempt. The date and time of the last attempt to access a dangerous or undesirable web address that was blocked by Kaspersky Security.
    • First warning. The date and time of the first attempt to access a dangerous or undesirable web address that was allowed according to the application settings.
    • Last warning. The date and time of the last attempt to access a dangerous or undesirable web address that was allowed according to the application settings.

The report contains the following detailed information for each attempt to access a dangerous or undesirable web address:

  • Result. The result of the action taken by Kaspersky Security when it detects an attempt to access a dangerous or undesirable web address.
  • Rule. The network rule applied by the application when it takes action in response to a detected attempt to access a dangerous or undesirable web address. Possible values for Kaspersky Security:
    • Kaspersky Security for Virtualization Agentless: Attempt to access a malicious web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access a phishing web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access an advertising web address
    • Kaspersky Security for Virtualization Agentless: Attempt to access a web address from the "Other" category
  • User account. The IP address of the protected virtual machine from which an attempt was made to access a dangerous or undesirable web address.
  • Web address. The dangerous or undesirable web address for which an access attempt was detected.
  • Time. The date and time when an attempt to access a dangerous or undesirable web address was detected.
  • Group. Kaspersky Security always displays pseudohosts in this field, because all protected virtual machines are assigned to one "pseudohosts" conditional group. The "pseudohosts" group does not belong to administration groups and is not displayed in the Kaspersky Security Center Administration Console. Protected virtual machines cannot belong to administration groups, because they are not considered as client devices of Kaspersky Security Center.
  • Device. The name of the protected virtual machine from which an attempt was made to access a dangerous or undesirable web address, and the path to the virtual machine in the virtual infrastructure.
  • Version number. The version number of the Kaspersky Security Network Threat Protection component that detected the attempt to access a dangerous or undesirable web address.
  • Last visible on the network. The date and time of the last event associated with the protected virtual machine from which an attempt was made to access a dangerous or undesirable web address.
  • IP address. The IP address of the protected virtual machine from which an attempt was made to access a dangerous or undesirable web address.
  • NetBIOS name, DNS name. The name of the protected virtual machine from which an attempt was made to access a dangerous or undesirable web address, and the path to the virtual machine in the virtual infrastructure.
  • As rated by KSN. The information about whether the attempt to access a dangerous or undesirable web address was detected using KSN. Possible values: Yes or No.
Page top
[Topic 71186]

Protection status report

Protection status report contains details on the security application status (Kaspersky Security) installed on the client devices of Kaspersky Security Center (SVM) and details on the protection status of the virtual machines.

You can use a protection status report to obtain information about problems in virtual infrastructure protection. By default, the report displays devices with Critical and Warning statuses. If necessary, you can configure the report to include the information on devices with OK status in the report properties window of the Settings section.

It contains the following consolidated information:

  • Status. The status of the client device (SVM) or virtual machine protection status.
  • Reason. The reason(s) why the current status was assigned.
  • Unprotected devices. The number of SVMs and virtual machines that have the specified reason for being assigned the status.
  • Group number. The number of administration groups that include the SVMs that have the specified reason for being assigned the client device status. The number of administration groups that include the SVMs protecting the virtual machines is shown for virtual machines that have the specified reason for being assigned the protection status.

    In the row below, the Unprotected devices field indicates the total number of SVMs and virtual machines added to the report. The Group number field displays the number of administration groups that include the SVMs added to the report, and SVMs protecting the virtual machines added to the report.

The report contains the following detailed information on SVMs and on virtual machines added to the report:

  • Status. The status of the client device (SVM) or virtual machine protection status.
  • Group. The name of the administration group that includes the SVM, for SVMs added to the report. The name of the administration group that includes the SVM protecting the virtual machine, for virtual machines added to the report.
  • Device. The name of the SVM or name of the virtual machine.
  • Last connection to Administration Server. The date and time of the last connection between the SVM and the Kaspersky Security Center Administration Server, for SVMs added to the report. For virtual machine, added to the report, N/A is displayed.
  • Reason. Reason why the current client device status was assigned for the SVM or why the protection status was assigned for virtual machine.
  • Device status defined by application. The reason for assignment of the status, if Kaspersky Security Center received the device status from a managed application, meaning from Kaspersky Security.
  • IP address. The IP address of the SVM or of the virtual machine. If the IP address could not be determined (for example, when the virtual machine is powered off), the report shows 0.0.0.0.
  • Last visible. The date and time of the SVM's last connection to the Kaspersky Security Center Administration Server or the date and time of the last event related to the virtual machine.
  • NetBIOS name. The name of the virtual machine and the path to it in the virtual infrastructure.
  • DNS name. The domain name of the SVM or the name of the virtual machine and the path to it in the virtual infrastructure.
  • Operating system. Operating system installed on the SVM or on the virtual machine.
  • Anti-virus database release date. The date and time of the release of the application databases currently installed on the SVM, for SVMs added to the report. The date and time of the release of the application databases currently installed on the SVM protecting the virtual machine, for virtual machines added to the report.
  • Last full scan. Date and time when the last Full Scan task was finished.
Page top
[Topic 127579]