Kaspersky Security for Virtualization 6.1 Light Agent

About Kaspersky Security for Virtualization 6.1 Light Agent

The Kaspersky Security for Virtualization 6.1 Light Agent solution, hereinafter also referred to as "Kaspersky Security", is an integrated solution that provides comprehensive protection of virtual machines against various types of information security threats, network attacks, and phishing attacks.

Kaspersky Security for Virtualization 6.1 Light Agent protects virtual machines running Linux guest operating systems. To protect virtual machines running Windows guest operating systems, use the Light Agent for Windows component included in Kaspersky Security for Virtualization 5.2 Light Agent.

Kaspersky Security protects virtual machines on the following virtualization platforms:

  • VMware vSphere.
  • XenServer.
  • Microsoft Hyper-V.
  • KVM (Kernel-based Virtual Machine).
  • Proxmox VE.
  • Basis (Skala-R).
  • HUAWEI FusionSphere.
  • Nutanix Acropolis.
  • Enterprise Cloud Platform VeiL.
  • SharxBase.
  • TIONIX Cloud Platform.
  • OpenStack.
  • ALT Virtualization Server.
  • "Brest" Virtualization Tools software package.
  • zVirt virtualization environment.
  • ROSA Virtualization Environment Management System.
  • RED Virtualization.
  • Astra Linux.
  • SpaceVM Cloud Platform.
  • Basis.DynamiX Cloud Platform.
  • VMmanager Infrastructure.
  • Numa vServer.
  • VK Cloud platform.
  • R-Virtualization server virtualization system.
  • Yandex Cloud Platform.

Some limitations apply to the installation and operation of the solution in virtual infrastructures running on the Enterprise Cloud Platform VeiL, SharxBase, "Brest" Virtualization Tools software package, zVirt Virtualization System, ROSA Virtualization, RED Virtualization, VMmanager Infrastructure, SpaceVM Cloud Platform, Basis.DynamiX Cloud Platform, R-Virtualization server virtualization system, and Yandex Cloud Platform. Please refer to the Knowledge Base for details.

The Kaspersky Security solution is optimized to support maximum performance of the virtual machines that are protected by the solution.

The solution protects virtual machines running guest server operating systems and guest desktop operating systems.

The Kaspersky Security solution can be used in multitenancy mode. This mode of using the solution allows you to protect isolated virtual infrastructures in the tenant organization or units within a single organization (hereinafter also referred to as "tenants").

The solution includes the following components:

  • Kaspersky Security Protection Server (hereinafter also "Protection Server"). The component is a service installed on a special virtual machine known as an SVM (secure virtual machine). SVMs must be deployed on hypervisors in the virtual infrastructure during installation of the Kaspersky Security solution.
  • Kaspersky Security Light Agent (hereinafter also "Light Agent"). The Light Agent component must be installed on every virtual machine that you want to protect using the Kaspersky Security solution.

    The Kaspersky Security solution uses Kaspersky Endpoint Security for Linux as the Light Agent for Linux.

  • Kaspersky Security for Virtualization Light Agent Integration Server (hereinafter also "Integration Server"). The component facilitates interaction between Kaspersky Security solution components and the virtual infrastructure.

To install and manage Kaspersky Security, you need Kaspersky Security Center, Kaspersky's remote centralized application management system.

In this Help section

Solution functions

Distribution kit

Hardware and software requirements

Page top
[Topic 254002]

Solution functions

Kaspersky Security for Virtualization 6.1 Light Agent protects virtual machines running Linux guest operating systems against various types of threats, network attacks, and phishing attacks.

To protect virtual machines running Windows guest operating systems, use Kaspersky Security 5.2 Light Agent.

The main functions for protection and control of virtual machines are provided by the functional components and tasks of Light Agent for Linux:

  • File Threat Protection prevents infection of the file system on the user device. The File Threat Protection component starts automatically when Light Agent is started and scans all files that are opened, saved, and started in real time.

    You can also scan protected devices on demand using the following scan tasks:

    • Malware Scan. Light Agent performs a malware scan of system objects on the local drives of the device, as well as any mounted and shared resources accessible over SMB and NFS. You can use this task to run a full or custom scan of the device.
    • Critical Areas Scan. Light Agent scans boot sectors, startup objects, process memory, and kernel memory.
  • Removable Drives Scan. The Removable Drives Scan component allows you to monitor the connection of removable drives to the device in real time and scan the removable drive and its boot sectors for malware. Light Agent can scan the following removable drives: CD/DVD drives, Blu-ray discs, flash drives (including USB modems), external hard drives, and floppy disks.
  • Container Scan. The Container Monitoring component lets you scan namespaces and running containers for malware in real time. Integration with Docker container management system, CRI-O framework, and Podman and runc tools is supported. Using the Container Scan task, you can scan containers and images on demand.
  • Web Threat Protection. The Web Threat Protection component lets you scan inbound traffic, prevent malicious files from being downloaded from the internet, and block phishing, adware, and other dangerous websites. Light Agent can scan protected connections.
  • Network Threat Protection. The Network Threat Protection component lets you scan inbound network traffic for actions typical of network attacks.
  • Firewall Management. The Firewall Management component lets you monitor the operating system firewall settings and filter all network activity in accordance with the network packet rules that you configured.
  • Anti-Cryptor. The Anti-Cryptor component lets you check attempts of remote devices to gain access to files in local directories over the SMB/NFS protocols and protects files from malicious remote encryption.
  • Device Control. The Device Control component lets you manage user access to the devices that are installed on or connected to the client device (for example, hard drives, cameras, or Wi-Fi modules). This lets you protect the client device from infection when external devices are connected, and prevent data loss or leaks. User access to devices is managed using access modes and access rules that you can configure.
  • Application Control. The Application Control component lets you manage the running of applications on user devices. This reduces the risk of device infection by restricting access to applications. Application launches are governed by the Application Control rules that you configured.
  • Inventory. The Inventory task provides information about all application executable files present on the client devices. This information can be useful, for example, for creating Application Control rules.
  • Behavior Detection. The Behavior Detection component allows you to monitor malicious activity of applications in the operating system. If malicious activity is detected, Light Agent can terminate the application process that performs the malicious activity.
  • System Integrity Monitoring tracks changes to files and directories of the operating system. The System Integrity Monitoring component monitors in real time the actions performed with objects in the monitoring scope specified in the component settings. Using the System Integrity Check task, you can perform an on-demand system integrity check. Scanning is performed by comparing the current state of objects included in the monitoring scope with the initial state of these objects, previously recorded as a system state snapshot.
  • Web Control. The Web Control component manages user access to web resources. This lets you economize traffic and reduce the waste of working time. When the user attempts to open a website, and access to that website is restricted by Web Control, Light Agent blocks access or displays a warning.

Before performing disinfection or deletion, Light Agent can save backup copies of files in storage on the protected virtual machine. You can restore files from backup copies, if necessary.

Light Agent for Linux supports integration with other Kaspersky solutions:

  • Integration with Kaspersky Managed Detection and Response lets you continuously search for, detect, and eliminate threats aimed at your organization. For more details, see the Kaspersky Endpoint Security for Linux Help.
  • Integration with Kaspersky Endpoint Detection and Response (KATA) facilitates protection of the IT infrastructure of organizations and prompt detection of threats, such as zero-day attacks, targeted attacks, and advanced persistent threats. For more details, see the Kaspersky Endpoint Security for Linux Help.
  • Integration with Kaspersky Endpoint Detection and Response Optimum protects the corporate IT infrastructure against threats such as exploits, ransomware, fileless attacks, and hackers using legitimate system tools to compromise devices or data. For more details, see the Kaspersky Endpoint Security for Linux Help.

The Kaspersky Security solution uses Kaspersky Endpoint Security for Linux as the Light Agent for Linux. For more information about the features of Light Agent for Linux, see the Kaspersky Endpoint Security for Linux Help.

Additional functions of the Kaspersky Security solution are provided to keep the solution components up to date and extend the solution's capabilities.

  • Activation. Using the solution under a commercial license ensures the full functionality of solution components and access to updates of the solution's databases and application modules.
  • Updating databases and application modules. Updating the solution's databases and application modules ensures up-to-date protection of virtual machines against viruses and other applications that pose a threat.
  • Using Kaspersky Security Network in the operation of solution components. Using Kaspersky's cloud knowledge base about the reputation of files, Internet resources, and software makes it possible to improve protection of virtual machines and user data, ensure faster response times to various threats, and reduce the number of false positives.
  • Reports and notifications. Various types of events occur during the operation of solution components. You can receive notifications about events and generate reports based on events.

The update functionality (including anti-virus signature updates and code base updates), as well as the KSN functionality may not be available in the solution in the territory of the USA.

Page top
[Topic 254027]

Distribution kit

For information about purchasing the solution, please visit the Kaspersky website at https://www.kaspersky.com or contact our partners.

The solution's distribution kit includes the following files:

On the Kaspersky website, you can download the files that are included in the Kaspersky Security distribution kit as well as the files necessary for installing Kaspersky Security Center.

The contents of the solution's distribution kit can vary from region to region.

Information required to activate the solution is sent by email after payment.

Page top
[Topic 254025][Topic 64743]

Requirements for Kaspersky Security Center components

To install and manage the Kaspersky Security solution, you need Kaspersky Security Center Windows or Kaspersky Security Center Linux.

Kaspersky Security Center Linux includes a version of Administration Server intended for installation on a device running the Linux operating system. Kaspersky Security Center Linux interacts with Administration Server through Kaspersky Security Center Web Console. For more information on Kaspersky Security Center Linux, please refer to the Kaspersky Security Center Linux Help.

You can use one of the following versions of the Kaspersky Security Center application:

  • Kaspersky Security Center Linux:
    • Kaspersky Security Center 15.2 Linux. Components of the Kaspersky Security solution can be managed through Kaspersky Security Center Web Console using the management web plug-in.
    • Kaspersky Security Center 15.1 Linux. Components of the Kaspersky Security solution can be administered through Kaspersky Security Center Web Console using the management web plug-in.
    • Kaspersky Security Center 15 Linux. Components of the Kaspersky Security solution can be administered through Kaspersky Security Center Web Console using the management web plug-in.
  • Kaspersky Security Center Windows:
    • Kaspersky Security Center 15.1 Windows. Components of the Kaspersky Security solution can be managed through Administration Console using the management MMC plug-in and through Kaspersky Security Center Web Console using the management web plug-in.
    • Kaspersky Security Center 14.2 Windows. Components of the Kaspersky Security solution can be managed through Administration Console using the management MMC plug-in and through Kaspersky Security Center Web Console using the management web plug-in.

The operation of Kaspersky Security requires the following Kaspersky Security Center components:

  • Administration Server.

    The following services must be configured on Administration Server:

    • The proxy activation service is used when activating the Kaspersky Security solution. The activation proxy service is configured in the properties of the Kaspersky Security Center Administration Server. If the activation proxy service is disabled, the solution cannot be activated using an activation code.
    • The KSN Proxy service facilitates data exchange between Kaspersky Security solution components and Kaspersky Security Network. The KSN Proxy service is configured in the properties of the Kaspersky Security Center Administration Server.

    For more detailed information about the activation proxy service and KSN Proxy service, please refer to the Kaspersky Security Center help.

  • Network Agent. Network Agent facilitates interaction between Administration Server and virtual machines on which Kaspersky Security solution components are installed.

    Network Agent must be installed on all virtual machines that you want to protect:

    The Network Agent does not need to be installed on SVMs because this component is included in the SVM images.

  • Kaspersky Security Center Administration Console. Regardless of the version of Kaspersky Security Center, you can use Kaspersky Security Center Web Console (hereinafter also referred to as "Web Console"). To interact with Kaspersky Security Center Windows, you can also use the MMC-based Administration Console (hereinafter also referred to as "Administration Console").

For information on installing Kaspersky Security Center components, please refer to the Kaspersky Security Center help.

Page top
[Topic 254036]

Requirements for the Integration Server installation

The device must have one of the following operating systems to support installation and operation of the Integration Server and Integration Server Console:

  • Windows Server 2022 Standard/Datacenter/Essentials
  • Windows Server 2019 Standard/Datacenter/Essentials
  • Windows Server 2016 Standard/Datacenter
  • Windows Server 2012 R2 Standard/Datacenter/Essentials
  • Windows Server 2012 Standard/Datacenter/Essentials

On the device where you want to install the Integration Server Console, the operating system must be installed in the Desktop Experience mode.

Microsoft .NET Framework 4.6.2 or higher is required to install the Integration Server and to install and run the Integration Server Console. You can install the Microsoft .NET Framework in advance, or if you have Internet access, the Kaspersky Security Component Installation Wizard will offer to install it during the installation of the Integration Server and Integration Server Console.

The device must meet the following minimum hardware requirements to support the installation and operation of the Integration Server and Integration Server Console:

  • Quad-core 2 GHz virtual processor
  • Available disk space:
    • 4 GB for the Integration Server Console
    • 4 GB for the Integration Server
  • Available RAM:
    • 4 GB for the Integration Server Console
    • 4 GB for the Integration Server

The required volume of RAM and free disk space may change depending on the size of the virtual infrastructure. To improve the performance of the Integration Server, 10 GB of free disk space is recommended.

Page top
[Topic 254037]

Requirements for the virtual infrastructure

Installation and operation of the Kaspersky Security solution is supported on the following virtualization platforms:

  • Microsoft Hyper-V platform.

    One of the following hypervisors must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

    • Microsoft Windows Server 2022 Hyper-V (Desktop experience/Core) hypervisor
    • Microsoft Windows Server 2019 Hyper-V (Desktop experience/Core) hypervisor
    • Microsoft Windows Server 2016 Hyper-V (Desktop experience/Core) hypervisor with all available updates

    The solution can be installed and run on Microsoft Windows Server (Hyper-V) hypervisors that are part of a hypervisor cluster managed by the Windows Failover Clustering service. Cluster Shared Volumes technology must be enabled on cluster nodes.

    To deploy SVMs on Microsoft Windows Server Hyper-V hypervisors, you can use a Microsoft System Center Virtual Machine Manager (referred to as Microsoft SCVMM) of one of the following versions:

    • Microsoft SCVMM 2022 with the latest updates.
    • Microsoft SCVMM 2019 with the latest updates.
    • Microsoft SCVMM 2016 with the latest updates.
  • XenServer platform

    A XenServer 8 hypervisor must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

    In a virtual infrastructure on the XenServer platform, you cannot deploy an SVM with a static IP address specified. Use dynamic IP addressing.

  • VMware vSphere platform.

    One of the following hypervisors must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

    • VMware ESXi 8.0 hypervisor with the latest updates.
    • VMware ESXi 7.0 hypervisor with the latest updates.

    A VMware vCenter Server 8.0 or 7.0 virtual infrastructure administration server with all available updates must be installed in virtual infrastructure. There is support for the installation and operation of the solution in an infrastructure managed by standalone VMware vCenter servers and by a group of VMware vCenter servers running in Linked mode.

    If you are using VMware NSX Manager in an infrastructure running the VMware vSphere platform, Kaspersky Security can assign security tags to the protected virtual machines. Kaspersky Security supports compatibility with one of the following types of VMware NSX Manager:

    • VMware NSX-T Manager from the VMware NSX-T Data Center 4.0.1 package.
    • VMware NSX-T Manager from the VMware NSX-T Data Center 3.2.0 package.

    To deploy SVMs on VMware ESXi hypervisors, you can use a Microsoft SCVMM virtual infrastructure administration server of one of the following versions:

    • Microsoft SCVMM 2022 with the latest updates.
    • Microsoft SCVMM 2019 with the latest updates.
    • Microsoft SCVMM 2016 with the latest updates.
  • KVM (Kernel-based Virtual Machine) platform.

    A KVM hypervisor based on one of the following operating systems must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

    • Debian GNU/Linux 12.0.
    • Debian GNU/Linux 11.0.
    • Ubuntu 22.04 LTS.
    • Ubuntu 20.04 LTS.
    • Red Hat Enterprise Linux Server 8.0.
    • CentOS Stream 9.

    To deploy an SVM on KVM hypervisors running the CentOS operating system, you must delete or comment out the "Defaults requiretty" line in the /etc/sudoers configuration file of the hypervisor’s operating system.

  • Proxmox VE platform.

    A Proxmox VE 8 hypervisor must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

    Only KVM-based Proxmox VE is supported. Operation of the solution on a Proxmox VE hypervisor using LXC (Linux Containers) is not supported.

  • Basis (Skala-R) platform.

    An R-Virtualization 7.0.13 hypervisor must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

    One of the following virtual infrastructure administration servers must be installed in the virtual infrastructure to support deployment and operation of an SVM on R-Virtualization hypervisors.

    • Basis.vControl 2.2.1.
    • Skala-R Management 1.98.
  • HUAWEI FusionSphere platform.

    A HUAWEI FusionCompute CNA 8.0 or later hypervisor must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

    HUAWEI FusionCompute VRM 8.0 and later virtual infrastructure administration server must be installed in the virtual infrastructure to support deployment and operation of an SVM on HUAWEI FusionCompute CNA hypervisors.

  • Nutanix Acropolis platform.

    A Nutanix AHV 6.5.1.5 hypervisor must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

    A Nutanix Prism 6.5.1.5 virtual infrastructure administration server must be installed in the virtual infrastructure to support deployment and operation of an SVM on Nutanix AHV hypervisors.

  • Enterprise Cloud Platform VeiL platform.

    A VeiL Node 5.1.2 hypervisor must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

    There are some limitations on the installation and operation of the solution in a virtual infrastructure running on the Enterprise Cloud Platform VeiL platform. Please refer to the Knowledge Base for details.

  • SharxBase platform.

    A SharxBase 5.10.x hypervisor must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

    There are some limitations on the installation and operation of the solution in a SharxBase virtual infrastructure. Please refer to the Knowledge Base for details.

  • TIONIX Cloud Platform.

    For the Kaspersky Security solution to install and run, TIONIX Cloud Platform 2.9 or 3.0 must be installed.

    The following microservices must be installed as part of the TIONIX Cloud Platform:

    • Keystone – authentication microservice.
    • Compute (Nova) – microservice used for creating virtual machine and operations with infrastructure.
    • Cinder – microservice used for operations with storages.
    • Glance – microservice used for operations with virtual machine images.
    • Neutron – microservice used for operations with networks.

    A KVM hypervisor must be installed in the virtual infrastructure.

  • OpenStack platform.

    For the Kaspersky Security solution to install and run, one of the following OpenStack platform releases must be installed: Havana, Stein, Newton, Victoria, Zed, Antelope, Bobcat.

    The following microservices must be installed as part of the OpenStack platform:

    • Keystone – authentication microservice.
    • Compute (Nova) – microservice used for creating virtual machine and operations with infrastructure.
    • Cinder – microservice used for operations with storages.
    • Glance – microservice used for operations with virtual machine images.
    • Neutron – microservice used for operations with networks.

    A KVM hypervisor must be installed in the virtual infrastructure.

  • ALT Virtualization Server.

    The ALT Virtualization Server version 10.0 platform is required for installation and operation of the Kaspersky Security solution.

    A basic hypervisor of the ALT Virtualization Server 10.0 platform (KVM-based hypervisor) must be installed as part of the platform.

  • "Brest" Virtualization Tools software package.

    "Brest" Virtualization Tools software package version 2.9 or 3.2 is required for installation and operation of the Kaspersky Security solution.

    A KVM hypervisor must be installed in the virtual infrastructure.

    There are some limitations on the installation and operation of the solution in a virtual infrastructure running on the "Brest" Virtualization Tools software package. Please refer to the Knowledge Base for details.

  • zVirt virtualization environment.

    A zVirt Node 3.x or 4.x hypervisor must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

    There are some limitations on the installation and operation of the solution in a virtual infrastructure running the zVirt Virtualization Environment. Please refer to the Knowledge Base for details.

  • ROSA Virtualization platform.

    ROSA Virtualization platform 2.1 is required for installation and operation of the Kaspersky Security solution.

    A KVM hypervisor must be installed in the virtual infrastructure.

    There are some limitations on the installation and operation of the solution in a virtual infrastructure running on the ROSA Virtualization platform. Please refer to the Knowledge Base for details.

    You can remove the limitations related to use of the Integration Server in a virtual infrastructure running on the ROSA Virtualization platform. If you want Light Agents to use the advanced SVM discovery functionality (use of the Integration Server and the extended SVM selection algorithm), you can manually add infrastructure information to the Integration Server. Please refer to the Knowledge Base for details.

  • RED Virtualization platform.

    RED Virtualization platform 7.3 is required for installation and operation of the Kaspersky Security solution.

    A KVM hypervisor must be installed in the virtual infrastructure.

    There are some limitations when installing and operating the solution in a virtual infrastructure running the RED Virtualization platform. Please refer to the Knowledge Base for details.

  • Astra Linux Platform.

    To install and run the Kaspersky Security solution, Astra Linux Special Edition RUSB.10015-01 (regular update 1.7) must be installed along with Update 2022-1221SE17MD (operational update 1.7.3.UU.1).

    A KVM hypervisor must be installed in the virtual infrastructure.

  • SpaceVM Cloud Platform.

    SpaceVM Cloud Platform 6.2 is required to install and run Kaspersky Security in a virtual infrastructure.

    There are some limitations on the installation and operation of the solution in a virtual infrastructure on the SpaceVM Cloud platform. Please refer to the Knowledge Base for details.

  • Basis.DynamiX Cloud Platform.

    Basis.DynamiX Cloud Platform 3.8.5 is required to install and run Kaspersky Security in a virtual infrastructure.

    There are some limitations on the installation and operation of the solution in a virtual infrastructure on the Basis.DynamiX Cloud platform. Please refer to the Knowledge Base for details.

  • VMmanager Infrastructure platform.

    VMmanager Infrastructure 2023.11.1-1 is required for installation and operation of the Kaspersky Security solution.

    A KVM hypervisor must be installed in the virtual infrastructure.

    There are some limitations when installing and operating the solution in a virtual infrastructure running VMmanager Infrastructure. Please refer to the Knowledge Base for details.

  • Numa vServer platform

    A Numa vServer 1.1 or later hypervisor must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security solution.

  • VK Cloud platform

    To install and run the Kaspersky Security solution, you need one of the following OpenStack platform releases: Havana, Stein, Newton, Victoria, Zed, Antelope, Bobcat.

    The following microservices must be installed as part of the VK Cloud platform:

    • Keystone – authentication microservice.
    • Compute (Nova) – microservice used for creating virtual machine and operations with infrastructure.
    • Cinder – microservice used for operations with storages.
    • Glance – microservice used for operations with virtual machine images.
    • Neutron – microservice used for operations with networks.

    A KVM hypervisor must be installed in the virtual infrastructure.

  • R-Virtualization server virtualization system.

    R-Virtualization hypervisor 7.0.13 or later must be installed in the virtual infrastructure to support installation and operation of the Kaspersky Security application.

    Some limitations apply to the installation and operation of the application in a virtual infrastructure based on the ROSA Virtualization platform. Please refer to the Knowledge Base for details.

  • Yandex Cloud Platform.

    Yandex Cloud Platform is required to install and run Kaspersky Security in a virtual infrastructure.

    There are some limitations on the installation and operation of the solution in a virtual infrastructure on the Yandex Cloud Platform. Please refer to the Knowledge Base for details.

Page top
[Topic 254038]

Requirements for SVM resources

To run the solution on an SVM, the following minimum system resources are required:

  • Dual-core virtual processor
  • 30 GB available disk space
  • 2 GB available RAM
  • Virtualized network interface with bandwidth of 100 Mbit/s
Page top
[Topic 254039]

Virtual machine requirements for installing the Light Agent for Linux

Kaspersky Endpoint Security 12.1 for Linux is used as the Light Agent for Linux as part of the Virtualization 6.1 Light Agent solution.

To install and operate the Light Agent for Linux, the virtual machine must meet the following minimum hardware requirements:

  • Core 2 Duo 1.86 GHz or faster processor
  • swap partition at least 1 GB
  • 1 GB of RAM for 32-bit operating systems, 2 GB of RAM for 64-bit operating systems
  • 4 GB of free hard disk space for installation of Kaspersky Endpoint Security for Linux and storage of temporary and log files
  • Virtualized network interface with bandwidth of 100 Mbit/s

For a list of supported guest operating systems for installing Kaspersky Endpoint Security for Linux, see the Kaspersky Endpoint Security for Linux Help.

There are limitations when Kaspersky Endpoint Security is used in Light Agent mode to protect virtual environments. Using Kaspersky Endpoint Security for Linux in Light Agent mode is not supported:

  • On devices running operating systems for the Arm architecture.
  • On devices running Astra Linux operating systems in mandatory access control and closed software environment modes.

Before installing Light Agent for Linux, the following packages must be installed on a virtual machine, depending on the virtual infrastructure:

  • In a Microsoft Hyper-V infrastructure, the Integration Services package must be installed on the virtual machines.
  • In a VMware vSphere infrastructure, the VMware Tools package must be installed on the virtual machines.
  • In a XenServer infrastructure, XenTools must be installed on the virtual machines.
  • In a HUAWEI FusionSphere infrastructure, the HUAWEI Tools package must be installed on the virtual machines.
  • In an infrastructure based on KVM, OpenStack, VK Cloud platform, TIONIX Cloud Platform, Astra Linux, or ALT Virtualization Server, QEMU Guest Agent must be installed on virtual machines.

Light Agent for Linux can protect virtual machines in an infrastructure that uses the following VDI-based solutions:

  • VMware Horizon 8.x.
  • Termidesk VDI 3.3.
  • Basis.WorkPlace 1.98.2.
  • Citrix Virtual Apps and Desktops 7 1912 LTSR with the latest updates installed.

Some limitations apply to the operation of the solution in a VDI based on Termidesk and Basis.WorkPlace.

Page top
[Topic 99618]