- About Kaspersky Security for Virtualization 6.1 Light Agent
- What’s new
- Solution architecture
- Preparing to install the solution
- Files required for installing the solution
- Downloading SVM images using the wizard
- Configuring the ports to use
- Accounts for installing and using the solution
- Configuring the use of secure cryptographic algorithms, ciphers, and protocols
- Configuring rules for moving virtual machines to administration groups
- Installing the Kaspersky Security solution
- Installing the Integration Server and Integration Server Console
- Deploying SVMs using the Integration Server Console
- Selecting an action
- Selecting infrastructure for SVM deployment
- Selecting the SVM image
- Selecting the number of SVMs for deployment (infrastructures based on OpenStack)
- Specifying SVM settings
- Specifying SVM settings (infrastructures based on OpenStack)
- Configuring SVM network settings (infrastructures based on OpenStack)
- Configuring IP address settings for SVM
- Specifying Kaspersky Security Center connection settings
- Creating the configuration password and the root account password
- Starting SVM deployment
- Starting SVM deployment (infrastructures based on OpenStack)
- SVM deployment
- Finishing SVM deployment
- Installing Kaspersky Security web plug-ins
- Installing Kaspersky Security MMC plug-ins
- Automatically creating tasks and a default policy for the Protection Server
- Preparing the Protection Server for operation
- About installing Kaspersky Security Center Network Agent on virtual machines
- About installing Light Agent for Linux
- About installing Light Agent on a virtual machine template
- Preparing Light Agents for operation
- Displaying virtual machines and SVMs in Kaspersky Security Center
- Viewing the list of SVMs connected to the Integration Server
- Updating Kaspersky Security from the previous version
- Removing the Kaspersky Security solution
- Application management framework
- About managing the solution using Kaspersky Security Center
- About Kaspersky Security management plug-ins
- Starting and closing Kaspersky Security Center Web Console
- Managing the solution using Kaspersky Security Center policies
- Managing the solution using tasks
- About access rights to the settings of policies and tasks in Kaspersky Security Center
- About Integration Server Console
- Connecting to the Integration Server via Integration Server Console
- Viewing Integration Server settings in the Integration Server Console
- Licensing Kaspersky Security for Virtualization 6.1 Light Agent
- About the End User License Agreement
- About data provision
- About the license
- About the License Certificate
- About license key
- About the activation code
- About the key file
- About subscription
- License-specific solution functionality
- About activating Kaspersky Security for Virtualization 6.1 Light Agent
- Procedure for activating the solution
- Renewing a license
- Renewing subscription
- Viewing information about the license keys used in Kaspersky Security Center
- Starting and stopping Kaspersky Security
- Virtual machine protection status
- Connecting SVMs and Light Agents to the Integration Server
- Connecting Light Agents to SVMs
- Protecting large infrastructures
- Updating Kaspersky Security databases and application modules
- Using Kaspersky Security Network
- Additional Protection Server settings
- Reports and notifications
- SVM reconfiguration using the Integration Server Console
- Selecting an action
- Selecting SVM for reconfiguration
- Entering the configuration password
- Editing SVM network settings
- Editing SVM network settings (infrastructures based on OpenStack)
- Changing SVM IP settings
- Changing Kaspersky Security Center connection settings
- Changing the configuration password and root account settings
- Starting SVM reconfiguration
- Starting SVM reconfiguration (infrastructures based on OpenStack)
- SVM reconfiguration
- Finishing SVM reconfiguration
- Configuring Integration Server settings
- Replacing the Integration Server and SVM certificates
- SNMP monitoring of SVM status
- Checking the integrity of solution components
- Using Kaspersky Security for Virtualization 6.1 Light Agent in multitenancy mode
- Deploying a tenant protection infrastructure
- Configuring the Integration Server connection settings to the Kaspersky Security Center Administration Server
- Creating a tenant and virtual Administration Server
- Configuring SVM location and Protection Server settings
- Configuring settings for SVM discovery by Light Agents and general tenant protection settings
- Installing a Light Agent on tenant virtual machines
- Registering tenant virtual machines
- Activating a tenant
- Registering existing tenants and their virtual machines
- Enabling and disabling tenant protection
- Getting information about tenants
- Getting tenant protection reports
- Removing virtual machines from the protected infrastructure
- Removing tenants
- Using Integration Server REST API in multi-tenancy scenarios
- Deploying a tenant protection infrastructure
- Contacting Technical Support
- How to get technical support
- Technical Support via Kaspersky CompanyAccount
- Getting information for Technical Support
- Protection Server and Light Agent dump files
- Trace files of the Kaspersky Security Components Installation Wizard
- Trace files of the Integration Server and Integration Server Console
- Trace files of the tool for managing Integration Server and SVM certificates
- Trace files of SVMs, Light Agent, and Kaspersky Security management plug-ins
- The SVM Management Wizard log
- Using the utilities and scripts from the Kaspersky Security distribution kit
- About remotely diagnosing a device using Kaspersky Security Center
- Appendices
- Using the klconfig script API to define SVM configuration settings
- Executing configuration commands
- Using the SVM first startup script
- Configuring SVM configuration settings
- Description of commands
- accept_eula_and_privacypolicy
- apiversion
- checkconfig
- connectorlang
- dhcp
- dhcprenew
- dns
- dnslookup
- dnssearch
- dnsshow
- getdnshostname
- gethypervisordetails
- hostname
- listpatches
- manageservices
- nagent
- network
- ntp
- passwd
- permitrootlogin
- productinstall
- reboot
- resetnetwork
- rollbackpatch
- setsshkey
- settracelevel
- test
- timezone
- version
- Settings in the ScanServer.conf file
- Object ID values for SNMP
- How to remove duplicate virtual machines from the list of managed devices in Kaspersky Security Center
- How to restore the Integration Server database and settings from a backup copy
- Using the klconfig script API to define SVM configuration settings
- Sources of information about the solution
- Glossary
- Activation code
- Active key
- Administration Server
- Application activation
- Backup
- Backup copy of a file
- Compound file
- Database of malicious web addresses
- Database of phishing web addresses
- Desktop key
- End User License Agreement
- Heuristic Analysis
- Integration Server
- Kaspersky CompanyAccount
- Kaspersky Security databases
- Kaspersky Security Network (KSN)
- Key file
- Key with a limitation on the number of processor cores
- Key with a limitation on the number of processors
- Keylogger
- License
- License certificate
- License key (key)
- Light Agent
- OLE object
- OpenStack domain
- OpenStack project
- Phishing
- Protected virtual machine
- Reserve key
- Server key
- Signature Analysis
- Startup objects
- SVM
- SVM Management Wizard
- Update source
- Information about third-party code
- Trademark notices
Configuring the settings for connecting Light Agents to the Integration Server
You can use the Web Console or the Administration Console to configure the connection of Light Agents for Linux to the Integration Server in a Light Agent policy.
Configure the connection of the Light Agent to the Integration Server:
- In the main window of Kaspersky Security Center Web Console, select Assets (Devices) → Policies and policy profiles.
A list of policies opens.
- Select the administration group containing the virtual machine with the Light Agent whose settings you want to configure. To do so, click the link in the Current path field located above the list of policies and policy profiles, and select an administration group in the window that opens.
The list displays only the policies configured for the selected administration group.
- Click on the name of the Kaspersky Endpoint Security for Linux policy in the list.
- In the policy properties window that opens, select the Application settings tab and go to Light Agent mode → Integration Server connection settings.
- The window displays the current connection settings. Click the Edit button and specify the following settings in the Connection to the Integration Server window that opens:
- Address
IP address in IPv4 format or fully qualified domain name (FQDN) of the device on which the Integration Server is installed.
If the address is specified as a NetBIOS name, localhost or 127.0.0.1, connection to the Integration Server completes with an error.
- Port
Port for connecting to the Integration Server.
By default, port number 7271 is specified.
- Address
- Click Test in the Connection to the Integration Server window.
Kaspersky Security web plug-in verifies the SSL certificate received from the Integration Server. If the certificate contains an error or is not trusted, a corresponding message is displayed in the Connection to the Integration Server window. You can view information about the received certificate. If there are problems with the SSL certificate, it is recommended to make sure that the utilized data transfer channel is secure. To continue connecting to the Integration Server, select the Ignore option.
- Specify the password of the Integration Server administrator (password of the
adminaccount) and click the Test button in the Connection to the Integration Server window.The connection to the Integration Server is established.
After connecting to the Integration Server with administrator rights, the policy automatically receives the password of the
agentaccount, which is used to connect Light Agents to the Integration Server. The password is stored in encrypted form.If a connection to the Integration Server cannot be established, an error is displayed in the window. Check the connection settings you have specified.
Information about Integration Server connection errors may be saved in the Integration Server trace file (if you enabled the logging of information).
- Click OK in the Connection to the Integration Server window.
- Click the Save button.
Configure the connection of the Light Agent to the Integration Server:
- In the Kaspersky Security Center Administration Console tree, in the Managed devices folder, select the administration group containing the virtual machine with the Light Agent whose settings you want to configure.
- In the workspace, select the Policies tab.
- Select a Kaspersky Endpoint Security policy in the list of policies and double-click to open the Properties: <Policy name> window.
- In the policy properties window, select the Connection to the Integration Server section in the list on the left.
- The right side of the window displays the current connection settings. Click the Edit button and specify the following settings in the Connection to the Integration Server window that opens:
- Address
IP address in IPv4 format or fully qualified domain name (FQDN) of the device on which the Integration Server is installed.
If the device on which Kaspersky Security Center Administration Console is installed is part of a domain, the field indicates the domain name of this device by default.
If the device on which the Kaspersky Security Center Administration Console is installed is not part of a domain or the Integration Server is installed on another device, the field must be filled in manually.
If the address is specified as a NetBIOS name, localhost or 127.0.0.1, connection to the Integration Server completes with an error.
- Port
Port for connecting to the Integration Server.
By default, port number 7271 is specified.
- Address
- Click OK in the Connection to the Integration Server window.
- If the device hosting the Kaspersky Security Center Administration Console does not belong to a domain or your account does not belong to the KLAdmins local or domain group or to the local administrator group, the Authentication on the Integration Server window opens. Specify the password of the Integration Server administrator (password of the
adminaccount) and click the OK button. After connecting to the Integration Server with administrator rights, the policy automatically receives the password of theagentaccount, which is used to connect Light Agents to the Integration Server. The password is stored in encrypted form.Kaspersky Security MMC plug-in verifies the SSL certificate received from the Integration Server. If the certificate contains an error or is not trusted, the Verify Integration Server certificate window opens. You can view the details of the certificate received. If there are problems with the SSL certificate, it is recommended to make sure that the utilized data transfer channel is secure. To continue connecting to the Integration Server, click the Ignore button. The received certificate will be installed as a trusted certificate on the device where the Kaspersky Security Center Administration Console is installed.
The capability to connect to the Integration Server is tested. If the connection test failed or a connection to the Integration Server could not be established, an error is displayed in the policy properties window. Check the connection settings you have specified.
Information about Integration Server connection errors may be saved in the Integration Server trace file (if you enabled the logging of information).
You can obtain information about the status of the connection of Light Agent for Linux to the Integration Server using the Kaspersky Endpoint Security for Linux command kesl-control --viis-info. For more details, see the Kaspersky Endpoint Security for Linux Help.