Kaspersky Security for Virtualization Light Agent

Kaspersky Security for Virtualization | Light Agent delivers the latest security technologies and multi-layered protection for virtual servers and/or VDI in hybrid environments. It’s optimized to help you achieve high consolidation ratios, boosting the return on your investment (ROI) in VMware vSphere, Microsoft Hyper-V, Citrix XenServer or KVM virtualized environments.

  • Optimized security for virtual environments

    • An unmatched combination of protection and ‘virtualization-aware’ technologies

      Kaspersky Security for Virtualization Light Agent combines Kaspersky Lab’s most advanced anti-malware and network protection technologies in a solution that’s been specifically developed for virtual environments. While traditional security products require a full security agent to be installed on each VM (Virtual Machine), Kaspersky Security for Virtualization Light Agent only requires one dedicated SVM (Security Virtual Machine) to be installed on each virtual host. Each VM then only needs a very small software agent – or ‘Light Agent’.

    • Advanced anti-malware protection

      Kaspersky Security for Virtualization | Light Agent delivers on-access and on-demand anti-malware protection for your VMs. Kaspersky Lab’s dedicated SVM combines signature-based technologies and heuristic analysis for the rigorous protection of VM file systems, including protection against complex, memory-resident malware.

    • Preserves the performance of virtual servers and desktops

      Kaspersky Security for Virtualization | Light Agent protects your virtual environment – including virtual servers and VDI (Virtual Desktop Infrastructure) - with no significant impact on hypervisor performance. You can effectively protect your systems and sensitive corporate data, while maintaining high consolidation ratios and quality of service for your users.

    • Protection for Linux and Windows Servers

      Kaspersky Security for Virtualization is the perfect solution for hybrid data centers, delivering advanced security capabilities to any virtual server regardless of the operating system running inside it. Kaspersky Security for Virtualization fully supports a huge number of Microsoft Windows Server and Linux Server operating systems, allowing you to build data centers as heterogeneous as your corporate IT strategy dictates, while we seamlessly deliver the right security options to each part of your IT landscape.

    • Reduces the load on your computing resources – so each host can do more

      With its unique architecture, Kaspersky Security for Virtualization | Light Agent reduces the load on each virtual host, including the following resources:

      • Hypervisor I / O
      • CPU
      • Memory
      • Storage


    • Eliminates anti-malware ‘storms’

      With only one SVM updating on each virtual host, Kaspersky Security for Virtualization | Light Agent helps to eliminate anti-malware 'Update Storms' and 'Scanning Storms'. Peaks in resource consumption are also avoided through intelligent scan task orchestration. The SVM automatically creates On-Demand Scanning queues, redistributing scan tasks over time in response to the current hypervisor load. The SVM’s ability to prioritize tasks intelligently also solves the problem of the ‘noisy neighbor’ - On-Access scan tasks are always prioritized over On-Demand to minimize the impact of individual VM scans on the responsiveness of neighboring VMs.

    • Protection tailored to Microsoft, Citrix, VMware & KVM

      Kaspersky Security for Virtualization | Light Agent supports native virtualization technologies within Microsoft Hyper-V, Citrix XenServer and VMware vSphere, as well as KVM. The solution provides protection from the most advanced threats, leveraging Kaspersky Lab’s threat intelligence expertise, advanced technologies and unbeatable performance.

    • Flexible licensing options – simplified licensing that saves you money

      Kaspersky Security for Virtualization | Light Agent offers a choice of ‘per VM or ‘per core’ licensing – so you can choose the option that’s most cost-effective for your business. For large Data Centers and IaaS (Infrastructure as a Service) providers, the number of VMs will continually fluctuate – so ‘per core’ licensing can offer big benefits.

    Multi-layered security for VDI

    • Native support for Citrix XenDesktop

      Kaspersky Security for Virtualization | Light Agent delivers outstanding, multi-layered, granular protection for VDI (Virtual Desktop Infrastructure) with without compromizing performance. The solution supports VMware, Microsoft and Citrix virtualization platforms and fully supports Citrix XenDesktop.

      As well as file-level anti-malware capabilities, Kaspersky Security for Virtualization | Light Agent delivers security technologies that are particularly valuable in protecting virtual desktops:

      • Mail Anti-Malware scans incoming and outgoing mail on the user’s machine.
      • Web Anti-Malware intercepts and blocks the execution of potentially dangerous scripts on web pages.


    • The Only Security Solution for VMware Horizon

      Kaspersky Security for Virtualization | Light Agent works seamlessly with the VMWare Horizon desktop virtualization platform that runs on VMware vSphere, delivering outstanding, multi-layered, granular protection for VDI with minimal impact on user experience and responsiveness.

    • Supports the rapid provisioning of VDI machines

      Kaspersky Security for Virtualization | Light Agent fully supports linked and full cloning. Thanks to the pre-installed lightweight agent, provisioning a new VM just involves cloning a template. After cloning is complete, the new machine will be automatically protected by the SVM. This simplifies VDI management, eliminating the need to update security products on the VDI image.

    • Anti-Ransomware for your VDI

      System Watcher technology built into Kaspersky Security for Virtualization | Light Agent monitors the behavior of applications running inside each virtual desktop. If any form of suspicious behavior, such as cryptor or locker activity, is detected, the activity is blocked and any malicious changes are automatically rolled back, so your critical data remains secure. Your VDI users won’t even be aware that anything’s happened.

    • Automatic Exploit Prevention (AEP)

      To swiftly overcome the dangers posed by unpatched vulnerabilities, Kaspersky Security for Virtualization | Light Agent incudes a technology called Automatic Exploit Prevention (AEP).

      AEP specifically monitors the most frequently targeted applications in VDI environments – including Adobe Reader, Internet Explorer, Microsoft Office, Java and many more – delivering an extra layer of security monitoring and protection against unknown threats.

    • Flexible control tools for VDI

      Award-winning endpoint controls – including Application Control, Web Control and Device Control – add a further layer of protection against malware, making it easy to apply corporate security policies right across your virtual and physical infrastructure.

      Kaspersky Lab’s control technologies are particularly valuable in securing VDI environments.

    • Application Control

      Flexible Application Control tools let you dictate which applications are allowed to launch on which VMs. This prevents unnecessary exposure to risk and wasted resources due to running superfluous software.

      You can choose to operate a Default Allow policy, allowing all applications not on your blacklist to run, or a Default Deny policy that blocks all programs not on your whitelist of safe applications.

      Kaspersky’s Application Control also includes:

      • Application Startup Control – monitoring and controlling each user’s attempts to launch applications
      • Application Privilege Control – registering applications and regulating their activity according to the rules you’ve set. These rules can control whether an application is allowed to access operating system resources and the user’s personal data.


    • Web Control

      Web Control lets you manage Internet usage, blocking VM access to social networks, music, video, non-corporate web email and websites containing inappropriate content. Different control policies can be set for different job roles, and total blocks, or blocking during specific periods of the working day, can be applied.

    • Device Control

      As users can connect to their VDI machine from anywhere, using any device, it’s important to make sure the VM is not exposed to extra threats introduced through insecure USB devices. This technology allows you to specify which removable devices are granted access to individual VMs. It’s easy to apply control policies to a range of devices, including removable drives, printers and non-corporate network connections. For VMware installations, this technology complements and enhances existing Horizon USB Redirection capabilities.

    • Silent Mode for even lighter-weight protection

      The Kaspersky Security for Virtualization Light Agent user interface can now be disabled (by offloading it) on any VM. This can be of benefit with, for example, desktop virtualization on Windows Server OS when Remote Desktop or Terminal Services are enabled, or for application virtualization based on Citrix XenApp.

    Security for Virtual Networks Across your Entire Infrastructure

    • Multi-layered protection for your network

      Kaspersky Security for Virtualization | Light Agent protects against external and internal network attacks – including threats that may be hidden in non-transparent virtual traffic. Every VM is protected by host-based network security which includes Kaspersky Lab’s HIPS, firewall and Network Attack Blocker technologies.

    • Host-based Intrusion Prevention System (HIPS) and personal firewall

      HIPS – working together with Kaspersky Lab’s two-way firewall – controls both inbound and outbound traffic on your network. Flexible tools let you control security according to a wide choice of parameters, including settings for an individual port, individual IP addresses or a specific application’s network activity.

    • Network Attack Blocker

      Kaspersky’s Network Attack Blocker technology monitors hypervisor network traffic and checks for the presence of any activity which could indicate or presage a network attack. On detection, the network attack is automatically blocked.

    • Improved protection versus perimeter-based appliances

      Kaspersky’s virtual machine-based security delivers protection which sits much closer to the virtual workload to be secured than is possible with perimeter-based security appliances. This approach is particularly effective in securing non-transparent virtualization traffic against internal network infections, such as the Conficker Worm.

    A Finely Balanced Combination of Security Technologies

    • Eliminating unnecessary scans

      Virtual environments – especially VDI – often include many similar VMs each accessing identical files, so some security products waste time and resources running multiple scans of the same file. Kaspersky’s Shared Cache feature effectively shares the results of file scans, helping to minimize the overall load on your IT infrastructure.

    • Shared Cache

      Whenever a file is accessed on a VM, Kaspersky Security for Virtualization | Light Agent will scan the file to ensure it’s safe, then store the verdict in the Shared Cache. If the same file is accessed on another VM on the same virtual host, Kaspersky Security for Virtualization | Light Agent automatically knows it’s unnecessary to perform a further scan. The file will only be scanned again if it has changed, or if the user manually requests a scan.

    • Local Cache

      A further enhancement to cache-based methods of file-scanning optimization. Stored locally within the operating memory of a protected VM, this cache eliminates unnecessary network usage – no need to check the Shared Cache on the SVM if there is a valid verdict in the Local Cache.

    • Redundancy for SVMs (Security Virtual Machines)

      The solution architecture is constructed so that SVMs can back one other up, eliminating single-points-of-failure in infrastructures of any size. In the event of significant changes in virtualized infrastructure, the Light Agent on the VM can reconnect to a neighboring SVM almost immediately. This ensures continuous real-time protection for the entire virtualized environment, regardless of changes at infrastructure level.

    • Autonomous operation

      This feature allows the Light Agent to operate in autonomous mode for a short period. In this mode, technologies including Self Defense, Automatic Exploit Prevention and other behavioral defensive mechanisms continue to protect the VM. In addition, a local queue of files requiring anti-malware checking is created, ready for when normal operation is resumed. This approach ensures that every single file is inspected, regardless of circumstances.

    • System Watcher technology

      Kaspersky’s System Watcher technology monitors the behavior of applications running on VMs. If System Watcher detects suspicious behavior, that activity will be blocked and any malicious changes automatically rolled back.

    • Self-defense for Light Agents

      This built-in mechanism protects Kaspersky Security for Virtualization itself against malware that may try to modify or block its functions, delete any components (e.g. antivirus databases, quarantined files, trace files), terminate the application of its services or uninstall them. Self-Defense also prevents the modification or deletion of Kaspersky Security for Virtualization | Light Agent system registry keys inside the guest OS.

    • Built-in self-monitoring

      The Security Virtual Machine (SVM) constantly and autonomously monitors its own operation, automatically restarting its scan server service if this is halted or disrupted for any reason. This ensures that the scanning engine is available and ready to handle anti-malware scans at all times.

    • Kaspersky Security Network (KSN)

      The cloud-based Kaspersky Security Network (KSN) identifies new threats and provides automatic updates to the security solution. Identifying new malware in as little as 0.02 seconds, KSN enables Kaspersky Security for Virtualization | Light Agent to protect your business-critical environment against even zero-day threats.

    Fast to configure and easy to manage

    • Parallel installation and deployment

      SVMs can be deployed onto several virtualization hosts simultaneously. This dramatically decreases the time needed to get the security solution up and running within a virtualized infrastructure, regardless of size.

    • Multi-networking

      The broader your infrastructure, the more network segments you have. From a networking perspective, some complexity of infrastructure and its topology is the norm. But regardless of complexity levels, you need full security protection in place and running efficiently, covering the entire network infrastructure. Kaspersky Security for Virtualization | Light Agent operates seamlessly in enterprise infrastructures running multiple logical networks on different hypervisor hosts and platforms.

    • Multicast: to use or not to use

      Some companies allow the use of multicast transmission within their network infrastructures, allowing Light Agents to discover and connect to an SVM without any additional network configuration.

      If your corporate IT policy prohibits the use of multicasts, Kaspersky Security for Virtualization | Light Agent can be configured in a more robust and direct way, using Unicast to discover the SVM. This technique also means that a static pool of SVMs for Light Agents can be defined.

      Choose whichever option best suits your environment.

    • Easy to deploy and manage

      After the dedicated SVM has been installed on the virtual host, Light Agents can easily be distributed onto every VM – either manually or according to an automatic routine set up by the administrator.

      Different security settings can easily be applied to different VMs – so specific security functions can be excluded if they are not relevant to an individual VM or group of machines.

    • Exceptions or enforcement management

      Kaspersky Security for Virtualization | Light Agent now offers a wider list of applications from different software vendors for use when specifying exceptions or configuring an enforced scanning policy.

    • One centralized management console for all physical, virtual and mobile devices

      Kaspersky Security for Virtualization | Light Agent includes Kaspersky Security Center – Kaspersky Lab’s easy-to-use management interface - letting you configure and control a wide range of Kaspersky Lab security and systems management technologies via a single console. Kaspersky Security Center manages all your security across:

      • Virtual environments, including:
        • Microsoft Hyper-V
        • Citrix XenServer
        • VMware vSphere (both in Agentless and Light Agent options)
        • KVM hypervisor
      • Physical devices, including:
        • Laptops
        • Desktops
        • Servers
      • Mobile devices, including:
        • Smartphones
        • Tablets


    • VMware vSphere

      • VMware vSphere 6.5 with VMware vCenter 6.5
      • VMware vSphere 6.0 with VMware vCenter 6.0
      • VMware vSphere 5.5 with VMware vCenter 5.5
      • VMware vSphere 5.1 with VMware vCenter 5.1
      • Deployment via System Center Virtual Machine Manager (SCVMM) 2016 available
      • Deployment via System Center Virtual Machine Manager (SCVMM) 2012 R2 available
    • Microsoft Hyper-V

      • Microsoft Windows Server 2016 Hyper-V role (Full or Server Core mode)
      • Microsoft Windows Server 2012 R2 Hyper-V role (Full or Server Core mode)
      • Deployment via System Center Virtual Machine Manager (SCVMM) 2016 available
      • Deployment via System Center Virtual Machine Manager (SCVMM) 2012 R2 available
    • Citrix XenServer

      • Citrix XenServer 7.0
      • Citrix XenServer 6.5 SP1
      • Deployment via System Center Virtual Machine Manager (SCVMM) 2016 available
      • Deployment via System Center Virtual Machine Manager (SCVMM) 2012 R2 available
    • KVM (Kernel-based Virtual Machine)

      • Red Hat Enterprise Linux Server 7 patch 1
      • Ubuntu Server 14.04 LTS
      • CentOS 7
    • VDI platforms

      • VMware Horizon View 7
      • Citrix XenDesktop 7.9 or Citrix XenDesktop 7.11
      • Citrix Provisioning Services 7.9 or Citrix Provisioning Services 7.11
    • Windows-based guest operating systems

      • Windows 10 (including LTSB / RS1) (32 / 64-bit)
      • Windows 8.1 Update 1 (32 / 64-bit)
      • Windows 7 Service Pack 1 (32 / 64-bit)
      • Windows Server 2016 all editions (Full or Server Core mode) (64-bit)
      • Windows Server 2012 R2 all editions (Full or Server Core mode) (64-bit)
      • Windows Server 2012 all editions (Full or Server Core mode) (64-bit)
      • Windows Server 2008 R2 Service Pack 1 all editions (Full or Server Core mode) (64-bit)
      • Windows Server 2008 Service Pack 2 all editions (Full or Server Core mode) (64-bit)
    • Linux-based guest operating systems

      • Debian GNU / Linux 8.5 (32 / 64-bit)
      • Ubuntu Server 14.04 LTS (32 / 64-bit)
      • Ubuntu Server 16.04 LTS (32 / 64-bit)
      • CentOS 6.8 (64-bit)
      • CentOS 7.2 (64-bit)
      • Red Hat Enterprise Linux Server 6.7 (64-bit)
      • Red Hat Enterprise Linux Server 7.2 (64-bit)
      • SUSE Linux Enterprise Server 12 SP1 (64-bit)
A part of

    Kaspersky Security for Virtualization

    Not sure which Security Solution is right for your business?