- Anti-malware protection and IDS/IPS for virtual servers and VDI
- Security for VMware, Citrix, Microsoft and KVM platforms
- Powerful yet lightweight security for XenDesktop and Horizon
- Works in harness with your infrastructure, empowering its capabilities
- Perfectly balanced protection with no impact on performance
Agentless security integrated with VMware NSX
Native integration of Kaspersky Security for Virtualization Agentless with the VMware vSphere and NSX platforms means infrastructure and security layers work in harness, bringing new levels of automation and protection to software-defined data centers. Anti-malware scans and signature and heuristic analyses, as well as network attack blocking functionality, are offloaded to powerful security appliances (SVMs) and delivered to each VM the moment it’s powered on.
Anti-malware for any virtual platform
Kaspersky’s award-winning anti-malware engine delivers automatic, real-time protection to every virtual machine (VM) – on-access and on-demand – on most popular virtualization platforms, including VMware vSphere, Microsoft Hyper-V, Citrix XenServer and KVM.
Kaspersky Security for Virtualization is more than just ‘designed for’ virtualization platforms: it utilizes the core technologies of those platforms to optimize the security capabilities of both platform and security solution. With Kaspersky Security for Virtualization, your infrastructure and security solution work in harness for maximum effectiveness.
Advanced network protection & IDS/IPS
Kaspersky Security for Virtualization also provides network protection functionality. Depending on the configuration, this is delivered either via a dedicated SVM (Security Virtual Machine) or through guest machine-based mechanisms. In the latter, a flexible Application Firewall allows network governance not only at protocol, but also at applications level. Network Attack Blocker is a compact yet powerful IDS/IPS system capable of recognizing and blocking both known and unknown network-based attacks, including those using specific exploits.
For Windows Servers in Full and Server Core Modes
Kaspersky Security for Virtualization supports Windows Server operating systems running both in Full and in Server Core mode. This is particularly important now that businesses are deploying more and more critical infrastructure servers with no UI in Server Core mode (e.g., Domain Controllers, DHCP, DNS).
Multi-layered security for VDI environments
Outstanding multi-layered protection for VMware Horizon and Citrix XenDesktop, impacting neither end-user experience nor VDI platform responsiveness.
Our lightweight solution delivers superior security for VDI, providing protection against advanced threats including crypto-malware and zero-day exploits, as well as unpatched vulnerabilities. We achieve this by layering threat detection and blocking technologies (including heuristics, behavior analysis and Automatic Exploit Prevention or AEP) over traditional file-level protection. Additional proactive security layers like Web, Device and Application Controls further promote significantly increased resilience to attack.
Avoid Resource Duplication
A dedicated SVM (Security Virtual Machine) installed onto the hypervisor means that file scanning tasks can be offloaded, minimizing any impact on VM operations and performance.
Peaks in resource consumption are also reduced via Intelligent Scan Task Orchestration, automating queues by grouping and prioritizing scan tasks on multiple VMs.
In large-scale environments, files are often duplicated across multiple VMs. Unlike legacy security products, which scan each instance of the file on every VM, Kaspersky Security for Virtualization includes Shared Cache technology. A single instance of multiple identical files is scanned and the verdict is stored in the shared cache, significantly reducing scanning activity and improving overall VM performance.
Integration Server for better efficiency
The Kaspersky Security for Virtualization Agentless Integration Server supports interaction between the VMware vCenter Server and the SVM. This server obtains information about the VMware protected infrastructure – both the hypervisors and the VMs deployed on them. A single Integration Server can be connected to several VMware vCenter Servers to obtain even more information from your VMware based virtual infrastructure, optimising data retrieval processes to help conserve platform resources.
As the Kaspersky Security for Virtualization Light Agent Integration Server transmits information from the SVM to Light Agents installed on each protected virtual machine, the Integration Server can be used to provide information about SVMs to Light Agents if Multicast cannot be used.
Central management console
Kaspersky Security Center gives administrators a ‘single-pane-of-glass’ view of all the endpoints being protected by Kaspersky security technologies – including virtual servers and desktops as well as physical and mobile devices.
Integration with the cloud-based Kaspersky Security Network (KSN) proactively defends virtual servers and desktops against emerging global malware; new threats can be identified in as little as 0.02 seconds.
Protecting Your Investment
Because Kaspersky Security for Virtualization has been specifically developed to protect virtual machines (VMs), it helps businesses maintain a high machine density and high performance – protecting your virtualization ROI while eliminating update and scanning ‘storms’, together with Windows of Vulnerability or ‘instant-on’ gaps.
Thanks to integration capabilities with most popular virtualization platforms, including VMware NSX, our security solution ensures that infrastructure and it security solution work in harness for optimum effectiveness. Our top priority is to deliver the best protection capabilities, which are properly balanced with advanced performance characteristics.
Preserves virtualization platform performance
To ensure your investment in virtualization keeps delivering the financial returns predicted, maintaining security without adversely impacting resources and consolidation ratios is critical. Kaspersky Security for Virtualization delivers a far lighter resource footprint than traditional solutions, optimizing file-level scanning tasks, fine-tuning protection technologies and orchestrating scanning tasks to preserve virtualization platform performance.
Instead of a traditional security agent installed on every virtual machine, Kaspersky Security for Virtualization offers a more efficient way to protect your virtualized environment – placing less load on processors, memory, storage and I/O:
- Microsoft Hyper-V, Citrix XenServer, KVM and VMware vSphere environments can be secured through a single Security Virtual Machine (SVM) on each virtual host, and a very lightweight agent installed on each VM.
- Alternatively, VMware vSphere environments can also be secured with an agentless security solution – so just one instance of the security software protects every VM running on each virtualization host.
Enhances VDI end-user experience
Our solution architecture dramatically enhances the experience of your end-users, promoting improved VDI security without compromising performance or important parameters like log-on time and boot time.
Kaspersky Lab’s latest award-winning anti-malware engine combines signature-based, proactive and cloud-assisted technologies, to deliver superior detection rates – including protection against zero-day threats.
Unified management and full visibility
A single, unified administration console lets your IT team centrally manage the security of all your VMs, together with the Kaspersky Lab security products running on your physical infrastructure and mobile devices. By making it easier for your team to manage hybrid environments –combining virtual, physical and mobile platforms – Kaspersky Lab helps you to roll out virtualization projects at your own pace.
Security cost optimization
Because we offer you a choice of ‘per VM’ (including ‘per desktop’ and ‘per server’) or ‘per core’ licensing options, you can choose the most cost-effective licensing model for your business needs. Choose our agentless security solution, move forward with our light agent solution, or use a combination of both – one license fits all.