Kaspersky Security for Virtualization 6.0 Agentless
6.0
English

Contents

SNMP Monitoring of SVM status

You can receive information about the status of SVMs deployed in the virtual infrastructure by using any network management system that utilizes the SNMP protocol. An SVM is installed with an SNMP agent that can send information about the status of the SVM to the network management system of your organization.

SNMP Agent can relay the following information about the status of SVMs with the File Threat Protection component:

  • Information about RAM usage by the ksvmain process (as a percentage of the maximum value that, when reached, causes the application to restart)
  • The number of protected virtual machines running desktop operating systems and the number of protected virtual machines running server operating systems.

    The count of protected virtual machines includes all virtual machines that were under the protection of the application over the last 30 days, even if those virtual machines are currently powered off.

  • Information about whether virtual machine scan tasks are currently running on the SVM
  • If scan tasks are running, information about the number of virtual machines that are currently waiting to be scanned, and the number of virtual machines that are being simultaneously scanned
  • Information about the status of services of the File Threat Protection component on SVMs: On (services are running) or Off (services are not running)

For SVMs with the Network Threat Protection component, SNMP Agent can transmit information about RAM usage by the nsmain process (as a percentage of the maximum value that, when reached, causes the application to restart).

This data is specific to the application and such information is contained in the MIB files named KSV-MIB.txt and KSVNS-MIB.txt that are supplied together with the application. You can use these files to receive additional information from SVMs. You can also use other MIB files to receive the necessary information from SVMs.

You can restrict the list of IP addresses to which the SNMP Agent relays SVM status information to prevent unauthorized access to the SNMP service.

In this Help section

Enabling and disabling SNMP Monitoring

Restricting the list of recipients of SVM status information
Page top
[Topic 90273]

Enabling and disabling SNMP Monitoring

SNMP Monitoring is enabled and disabled in the policy settings. If SNMP Monitoring is enabled in the active policy that determines the SVM operation settings, the SNMP agent installed on an SVM transmits information about the status of the SVM to the SNMP monitoring system of your organization.

If the policy that enables SNMP monitoring is inactive, information about the status of SVMs is not relayed.

To enable or disable SNMP Monitoring:

  1. In the Kaspersky Security Center Administration Console, open the properties of the policy that determines the SVM operation settings:
    1. In the console tree, select the folder or administration group in which the policy was created.
    2. In the workspace, select the Policies tab.
    3. Select a policy in the list of policies and double-click the policy to open the Properties: <Policy name> window.
  2. In the policy properties window, select the SNMP monitoring settings section.
  3. Do one of the following:
    • Select the Enable SNMP monitoring of the SVM status check box if you want to receive SVM status information.
    • Clear the Enable SNMP monitoring of the SVM status check box if you want to disable SVM status monitoring.
  4. In the Properties: <Policy name> window, click OK.
Page top
[Topic 60312]

Restricting the list of recipients of SVM status information

You can restrict the list of IP addresses to which the SNMP Agent relays SVM status information to prevent unauthorized access to the SNMP service.

To create a list of IP addresses to which SVM status information is relayed:

  1. In the Kaspersky Security Center Administration Console, open the properties of the policy that determines the SVM operation settings:
    1. In the console tree, select the folder or administration group in which the policy was created.
    2. In the workspace, select the Policies tab.
    3. Select a policy in the list of policies and double-click the policy to open the Properties: <Policy name> window.
  2. In the policy properties window, select the SNMP monitoring settings section.
  3. Select the Enable SNMP monitoring of the SVM status check box if SNMP monitoring is disabled.
  4. Select the Transmit information only to indicated IP addresses check box.
  5. Click the Add button or press the INSERT key and enter an IP address in IPv4 format or an IP subnet addresses as follows: <IP address in IPv4 format>/<subnet mask prefix length>.
  6. In the Properties: <Policy name> window, click OK.
Page top
[Topic 71367]