Kaspersky Security for Virtualization Light Agent: Five facts

Kaspersky Lab has announced its latest virtualization security solution, Kaspersky Security for Virtualization | Light Agent, which delivers advanced protection to the VMware, Citrix, Microsoft virtualization platforms. The most important

Kaspersky Lab has announced its latest virtualization security solution, Kaspersky Security for Virtualization | Light Agent, which delivers advanced protection to the VMware, Citrix, Microsoft virtualization platforms. The most important information that you need to know about this product is provided here in just five key facts:

1.     Support for Citrix XenServer and Microsoft Hyper-V.

Our existing version of Kaspersky Security for Virtualization supports only the VMware platform. Now we have made this virtualization security solution universal by introducing support for XenServer and Hyper-V. Design requirements for Citrix and Microsoft have led to the development of a new approach to protecting virtual machines known as light-agent. It secures Xen and Hyper-V-based virtual environments, while VMware customers now have a choice of two methods: agentless and light-agent.

2.     Single license.

Businesses that purchase a license for Kaspersky Security for Virtualization will have access to both Kaspersky Security for Virtualization | Agentless and Kaspersky Security for Virtualization | Light Agent.  Regardless of which particular solution (or a combination of them) is used, IT managers will be able to control security matters for their entire virtual infrastructure from a truly unified management console; and easily manage migration from physical to virtual, or from one virtual platform to another.

The licensing options enable businesses to purchase licenses based on either the “per virtual machine” – which is based on knowing the exact amount of virtual server and desktop licenses needed – or “per core” based on the number of CPU cores. This provides the flexibility required to expand the infrastructure as needed and stay protected at all times.

3.     Being light on resources.

Too often, businesses apply security software built for physical machines to their virtual network and they end up suffering a multitude of negative consequences.  At best, this ‘agent-based’ approach leads to a wasteful use of computing resources – which is what virtualization seeks to improve in the first place – and reduces the consolidation ratio of virtual machines and overall ROI of a virtualization project.

Kaspersky Security for Virtualization | Light Agent delivers benefits that offer clear advantages to the traditional ‘agent-based’ approach.  In the light agent model, almost all resource-intensive security processing is performed by a dedicated virtual appliance at the hypervisor level.

4.     Eliminating the ‘Instant On Gap’.

With “agent-based” protection for virtual environments, users may complain about the slow performance on their virtual desktops each morning, but a real threat to virtual machines across the network is occurring behind the scenes in the form of so-called “Instant On Gap.”

This refers to the window of time after a virtual machine is created, and before the latest security updates are downloaded by the security agent on each virtual machine. Until these updates are processed, the virtual machine is vulnerable. Depending on how many users are simultaneously downloading these updates to their individual VMs, and how much data has to be downloaded, this window of vulnerability may last for minutes or even hours. While this process of updating the security databases on virtual desktops goes on, the resources of the virtual servers will be heavily strained, resulting in poor network performance and a lower return on a company’s virtualization investment.

Kaspersky Security for Virtualizaton | Light Agent is  channeling virtualized network traffic, thus VMs are fully protected by the latest security updates the moment they are created, and the need to push redundant copies of anti-malware databases across the network to each VM is eliminated.  Kaspersky Lab’s intelligent scanning also ensures the same file is not scanned multiple times, freeing up additional system resources.

5.     Additional security features

Kaspersky Security for Virtualization | Light Agent includes a small software agent on each virtual machine, far different from the resource-hogging software found in the traditional agent-based model.  This small agent enables big security capabilities, allowing Kaspersky Security for Virtualization | Light Agent to put the full power of Kaspersky Lab’s security expertise  to work protecting a virtual network, and can be deployed without rebooting.  Some of the advanced protection technologies enabled by a light agent solution include application controls and a web usage policy, device controls and Host-based Intrusion Prevention Systems along with Firewall functionality.

Light Agent also includes all of the security features found in Kaspersky Lab’s agentless solution, including heuristic file analysis and cloud-assisted intelligence via the Kaspersky Security Network for real-time information on emerging threats and malicious applications.  Kaspersky Lab will continue to offer Kaspersky Security for Virtualization | Agentless – currently available only for VMware environments – as an effective solution for data centers or server environments that don’t access the Internet, and situations where steadily-high consolidation ratios and automatic protection of every new VM are paramount.

Today, Kaspersky Security for Virtualization | Light Agent is available upon request for evaluation to customers and partners in the United States, and will be publicly available for purchase on April 22 in the United States, Russia, United Kingdom, Germany, Australia and the Middle East. Full commercial availability for all global regions will occur during the next several weeks.

Tips

Securing home security

Security companies offer smart technologies — primarily cameras — to protect your home from burglary, fire and other incidents. But what about protecting these security systems themselves from intruders? We fill this gap.