Kaspersky Security for Virtualization 6.2 Light Agent
6.2
English

Contents

Using Kaspersky Security Network

The KSN functionality may not be available in the solution in the territory of the USA.

To enhance the protection of virtual machines, Kaspersky Security solution components can use data received from Kaspersky users all over the world. Kaspersky Security Network is designed for getting such data.

Kaspersky Security Network (KSN) is an infrastructure of cloud services providing access to Kaspersky online knowledge base with information about the reputation of files, web resources, and software. The use of data from Kaspersky Security Network ensures faster responses by the Kaspersky Security solution to unknown threats, improves the performance of some protection components, and reduces the likelihood of false positives.

Kaspersky Security supports the following infrastructure solutions to work with Kaspersky's reputation databases:

  • Kaspersky Security Network (KSN) – A solution that receives information from Kaspersky and sends data about objects detected on user devices to Kaspersky for additional verification by Kaspersky analysts and to add to reputation and statistical databases.
  • Kaspersky Private Security Network (KPSN) – A solution that allows accessing Kaspersky's reputation databases, as well as other statistical data, without sending data to Kaspersky. KPSN is designed for corporate clients who can't use Kaspersky Security Network, for example, for the following reasons:
    • No connection of local workplaces to the Internet
    • Legal prohibition or corporate security restrictions on sending any data outside the country or the organization's local network

If you use Kaspersky Security Network, KSN services provide Kaspersky Security solution components with information about the category and reputation of scanned files, as well as information about the reputation of scanned web addresses.

Use of Kaspersky Security Network is voluntary. You can start or stop using KSN at any time.

Settings for using KSN in the operation of Kaspersky Security solution components are specified separately for each component. For information on configuring KSN for Light Agents, see the Help of the applications that you are using Light Agent mode.

It is recommended to specify the same KSN usage settings for the Protection Server and the Light Agent that interacts with this Protection Server.

Using KSN in the operation of the Protection Server

Use of KSN is enabled and disabled in the Protection Server policy properties.

If you have enabled the use of Kaspersky Security Network, by default the Protection Server uses KSN in extended mode. The KSN mode affects the amount of data that is transmitted to Kaspersky when KSN is being used.

The Protection Server's interaction with the KSN infrastructure is facilitated by the KSN Proxy service. To use KSN in Kaspersky Security operations, the KSN Proxy service must be enabled in Kaspersky Security Center. For more information about the KSN Proxy service, see the Kaspersky Security Center Help.

If the KSN Proxy service is disabled in Kaspersky Security Center, no data is exchanged between the Protection Server and KSN. If the use of KSN is enabled in the Protection Server policy, Kaspersky Security's performance may decrease. It is recommended to disable KSN usage in the Protection Server policy if the KSN Proxy service is disabled in Kaspersky Security Center.

The KSN infrastructure solution (KSN or KPSN) used by the Protection Server is defined in the properties of the Kaspersky Security Center Administration Server (in Administration Console, in the KSN proxy server section; or in Web Console, in the KSN proxy server settings section). In this section you can also configure KPSN settings. For details, please refer to the Kaspersky Security Center help.

In this Help section

About data provision when using KSN in the operation of the Protection Server

Viewing the Kaspersky Security Network Statement

Configuring the use of KSN in the operation of the Protection Server
Page top
[Topic 254188]

About data provision when using KSN in the operation of the Protection Server

For information about data provision when Light Agent use KSN, see the Help of the applications that are used in Light Agent mode.

If you use KSN in standard mode, you agree to automatically send the following data to Kaspersky:

  • Information necessary for scanning files: name and ID of the detected threat according to the Kaspersky classification, checksum of the scanned object or type of hash function, and the ID of the utilized anti-virus databases.
  • Information necessary for obtaining the reputation of web addresses: the scanned web address, type of connection protocol, utilized port number, and the web address from which the user was directed to the scanned web address.
  • General information: type and full version of the Kaspersky Security solution, information about solution components and about updates of the solution's application modules, and information about the operating system installed on the SVMs and protected virtual machines.

If you use KSN in Extended mode, you agree to automatically submit to Kaspersky all data listed in Kaspersky Security Network Statement. Files (or parts thereof) that could be exploited by hackers to harm the virtual machine or data stored in its operating system may also be sent to Kaspersky for analysis. Extended KSN is used by default. You can disable the use of extended KSN in the Protection Server policy properties.

You can view the text of the Kaspersky Security Network Statement in the Protection Server policy properties in the Kaspersky Security Network settings section.

For information about the storage, protection and destruction of statistical information that is obtained during the use of KSN and transmitted to Kaspersky, please refer to the Privacy Policy on Kaspersky website.

If you do not participate in Kaspersky Security Network, the data listed in the Kaspersky Security Network Statement is not transmitted to Kaspersky.

Page top
[Topic 254190]

Viewing the Kaspersky Security Network Statement

You can read the Kaspersky Security Network Statement in the Protection Server policy properties.

Expand all | Collapse all

How to view the Kaspersky Security Network Statement in Kaspersky Security Center Web Console

To view the Kaspersky Security Network Statement:

  1. In the main window of Kaspersky Security Center Web Console, select Assets (Devices)Policies and policy profiles.

    A list of policies opens.

  2. Select the administration group containing the SVM with the Protection Servers. To do so, click the link in the Current path field located above the list of policies and policy profiles, and select an administration group in the window that opens.

    The list displays only the policies configured for the selected administration group.

  3. Click on the name of the desired policy in the list.
  4. In the policy properties window that opens, select the Application settings tab and go to the Kaspersky Security Network settings section.
  5. Follow the Kaspersky Security Network Statement link.

This opens a window containing the text of the Kaspersky Security Network Statement.

How to view the Kaspersky Security Network Statement in Kaspersky Security Center Administration Console

To view the Kaspersky Security Network Statement:

  1. In the Kaspersky Security Center Administration Console tree, in the Managed devices folder, select the administration group containing the SVM with the Protection Servers.
  2. In the workspace, select the Policies tab.
  3. Select a Protection Server policy in the list of policies and right-click to open the Properties: <Policy name> window.
  4. In the policy properties window, select the Kaspersky Security Network settings section in the list on the left.
  5. On the right side, follow the Kaspersky Security Network Statement link.

This opens a window containing the text of the Kaspersky Security Network Statement.

Page top
[Topic 254191]

Configuring the use of KSN in the operation of the Protection Server

KSN services are used in the operation of the Protection Server if the use of KSN is enabled in the active Protection Server policy. If a policy with use of KSN enabled is inactive, KSN is not used by the Protection Server.

If you want to use KSN in the operation of the Protection Server, make sure that the KSN settings are configured in the properties of the Kaspersky Security Center Administration Server (in Administration Console, in the KSN proxy server section; in Web Console, in the KSN proxy server settings section). The KSN infrastructure type (KSN or KPSN), KSN proxy server settings, and KPSN settings are defined in the Administration Server properties. For details, please refer to the Kaspersky Security Center help.

Expand all | Collapse all

How to configure use of KSN in Kaspersky Security Center Web Console

To configure KSN:

  1. In the main window of Kaspersky Security Center Web Console, select Assets (Devices)Policies and policy profiles.

    A list of policies opens.

  2. Select the administration group containing the SVM with the Protection Server whose settings you want to configure. To do so, click the link in the Current path field located above the list of policies and policy profiles, and select an administration group in the window that opens.

    The list displays only the policies configured for the selected administration group.

  3. Click on the name of the desired policy in the list.
  4. In the policy properties window that opens, select the Application settings tab and go to the Kaspersky Security Network settings section.
  5. To enable the use of KSN, in the right part of the window do the following:
    1. Select the Use KSN check box.
    2. In the opened window, read the Kaspersky Security Network Statement.
    3. If you agree with all the terms of the Statement, select I confirm that I have fully read, understand, and accept the terms and conditions of the Kaspersky Security Network Statement and click OK.
    4. By default, KSN is used in extended mode. The KSN mode affects the amount of data that is automatically transmitted to Kaspersky when KSN is being used. If you want to disable the use of extended KSN, clear the Extended KSN mode check box.
  6. If you want to disable the use of KSN, clear the Use KSN check box.
  7. Click the Save button.

How to configure the use of KSN in Kaspersky Security Center Administration Console

To configure KSN:

  1. In the Kaspersky Security Center Administration Console tree, in the Managed devices folder, select the administration group containing the SVM with the Protection Server whose settings you want to configure.
  2. In the workspace, select the Policies tab.
  3. Select a Protection Server policy in the list of policies and right-click to open the Properties: <Policy name> window.
  4. In the policy properties window, select the Kaspersky Security Network settings section in the list on the left.
  5. To enable the use of KSN, in the right part of the window do the following:
    1. Select the Use KSN check box.
    2. In the opened window, read the Kaspersky Security Network Statement.
    3. If you agree with all the terms of the Statement, select I confirm that I have fully read, understand, and accept the terms and conditions of the Kaspersky Security Network Statement and click OK.
    4. By default, KSN is used in extended mode. The KSN mode affects the amount of data that is automatically transmitted to Kaspersky when KSN is being used. If you want to disable the use of extended KSN, clear the Extended KSN mode check box.
  6. If you want to disable the use of KSN, clear the Use KSN check box.
  7. Click the Apply button.
Page top
[Topic 254192]