Result of installation of the Kaspersky Security administration plug-ins and Integration Server

Installation of the Kaspersky Security main administration plug-in and Integration Server components includes the following:

1. In the Kaspersky Security Center Administration Console, the following link is created for starting the Integration Server Console: Manage Kaspersky Security for Virtualization 6.0 Agentless. The link is displayed in the workspace of the Administration Server node on the Monitoring tab in the Deployment section.
2. When the Kaspersky Security Center Administration Console is started for the first time after the administration plug-in is installed, the Managed Application Quick Start Wizard starts and creates the default main policy and tasks in the Managed devices folder of the main Administration Server. The Wizard can also be started manually.
3. The Kaspersky Security main administration plug-in appears in the list of installed administration plug-ins in the properties of the Kaspersky Security Center Administration Server.

Installation of the Kaspersky Security administration plug-in for tenants results in the following:

1. When the Kaspersky Security Center Administration Console is started for the first time after the administration plug-in is installed, the Managed Application Quick Start Wizard starts and creates the default tenant policy in the Managed devices folder of the main Administration Server. The Wizard can also be started manually.
2. The Kaspersky Security administration plug-in for tenants appears in the list of installed administration plug-ins in the properties of the Kaspersky Security Center Administration Server.

Viewing the list of installed administration plug-ins

To view the list of installed administration plug-ins:

1. In the Kaspersky Security Center Administration Console, select the Administration Server node.
2. Open the Administration Server properties window in one of the following ways:
   • Select Properties in the context menu of the node.
   • In the workspace in the Administration Server section, click the Administration Server properties link.

   The Properties: Administration Server window opens.

3. In the Administration Server properties window in the Additional section, select the Information about the installed application administration plug-ins subsection.

   The Kaspersky Security main administration plug-in of Kaspersky Security for Virtualization 6.0 Agentless is displayed in the list of installed administration plug-ins in the right part of the window.

   If you installed the Kaspersky Security administration plug-in for tenants, Kaspersky Security for Virtualization 6.0 Agentless (for tenants) is also displayed.

Starting the Quick Start Wizard for the managed application

When the Kaspersky Security Center Administration Console starts for the first time after the Kaspersky Security main administration plug-in is installed, the Quick Start Wizard for the managed application is automatically started. The Wizard will result in the creation of a default main policy, application database update task, and Full Scan task for virtual machines that are not part of a vCloud Director organization in the Managed devices folder of the main Administration Server of Kaspersky Security Center.

If you also installed the Kaspersky Security administration plug-in for tenants, the Quick Start Wizard for the managed application is started again and automatically creates a default tenant policy in the Managed devices folder of the main Administration Server.

A default tenant policy is not created automatically on a virtual Administration Server of Kaspersky Security Center.

If the Quick Start Wizard for the managed application was not started automatically, it is recommended to start it manually. Default policies let you register events and display protected virtual machines in the Kaspersky Security Center Administration Console immediately after installing the application.

To manually start the Initial Configuration Wizard:

1. In the Kaspersky Security Center Administration Console, select the Administration Server node.
2. In the context menu of the node, select All Tasks → Managed Application Quick Start Wizard.
3. In the window of the welcome screen, click Next.
4. At the next step, select the managed application: Kaspersky Security for Virtualization 6.0 Agentless and click Next.
5. Wait for the Wizard to finish and close the Wizard window.
6. If you use the application in a multitenancy mode, repeat steps 1–3, and select the managed application at the next step: Kaspersky Security for Virtualization 6.0 Agentless (for tenants). Then click Next.
7. Wait for the Wizard to finish and close the Wizard window.

Default policies and tasks

As a result of the Initial Configuration Wizard for the managed application, the following policies and tasks are created in the Managed devices folder of the main Kaspersky Security Center Administration Server.

Default main policy

This policy is displayed in the workspace of the Managed devices folder of the main Administration Server on the Policies tab and is named KSV Agentless 6.0 default policy.

Default policy settings take the following values:

• File Threat Protection disabled (a protection profile is not assigned to objects of the protected infrastructure).
• SNMP monitoring of the status of SVMs is disabled.
• Use of Backup is enabled. Storage period for backup copies of files is 30 days.
• Use of Kaspersky Security Network is disabled.
• Network Threat Protection is disabled.

If you want to use the default main policy for virtual machine protection, you need to enable anti-virus protection and configure Network Threat Protection in this policy.

All settings of the default main policy can be redefined in nested policies (all "locks" are open).

The availability of a default main policy lets you use the following capabilities of Kaspersky Security Center immediately after SVM deployment and before you manually create a policy:

• Display the list of protected virtual machines in KSC cluster properties.
• Register events that occur during scans and protection of virtual machines that are not part of vCloud Director organizations.
• Display information about the virtual machines whose protection involves the use of license keys in a key report.
• Display information about protected virtual machines in a protection status report.

If you want to delete the default main policy, make sure that one of the policies created by you is applied on all SVMs. If the main policy is not applied on an SVM, Kaspersky Security Center does not register this SVM's events that occur during scans and protection of virtual machines that are not part of vCloud Director organizations, and does not display these virtual machines in reports.

Default tenant policy

This policy is created only on the main Kaspersky Security Center Administration Server if you installed the Kaspersky Security administration plug-in for tenants.

This policy is displayed in the workspace of the Managed devices folder of the main Administration Server on the Policies tab and is named KSV Agentless 6.0 (for tenants) default policy.

The settings of this policy are not used directly for the protection of virtual machines. However, the settings of the main protection profile and KSN usage settings configured in this policy may be inherited in tenant policies located in nested administration groups, for example, in the Managed devices folder of the virtual Administration Server.

If you want to centrally enable the use of KSN for protection of all virtual machines of tenants, you need to first obtain the consent of tenants to send KSN usage information and other information to Kaspersky depending on the KSN usage mode that you selected (standard KSN or extended KSN).

All settings of the default tenant policy can be redefined in nested policies (all "locks" are open).

There must be a tenant policy in the Managed devices folder of the main Administration Server of Kaspersky Security Center to register events that occur during scans and protection of virtual machines of tenants, and to display virtual machines of tenants within the protected infrastructure of the KSC cluster and in the list of virtual machines protected by SVMs.

In the default tenant policy, you can configure the settings for notifications about events that occur during scans and protection of virtual machines of tenants.

Application database default update task

This task is displayed in the workspace of the Managed devices folder of the main Administration Server on the Tasks tab and is named Program database update.

The task is started each time an update package is downloaded to the storage of Kaspersky Security Center Administration Server, and it lets you update the databases on all SVMs.

Default Full Scan task

This task is displayed in the workspace of the Managed devices folder of the main Administration Server on the Tasks tab and is named Default Full Scan task.

This task lets you scan all virtual machines that are within the entire protected infrastructure but are not part of a vCloud Director organization.

The settings of the full scan task take the following values:

• Security level – Recommended:
  • Archive scanning is disabled.
  • Scanning of self-extracting archives and embedded OLE objects is enabled.
  • Kaspersky Security does not scan compound files larger than 8 MB.
  • File scan duration is unlimited.
  • Kaspersky Security scans files of virtual machines to detect viruses, worms, Trojans, malicious tools, auto-dialers, adware, and multi-packed files.
• Kaspersky Security automatically attempts to disinfect infected files. If disinfection fails, the application deletes such files. If deletion fails, Kaspersky Security blocks the infected files.
• Kaspersky Security does not scan powered-off virtual machines, virtual machine templates, or files on optical drives.
• The scan task ends 120 minutes after the task was started.
• Scan task exclusions are not defined.

You can manually run this task.