Kaspersky Lab has today announced its latest virtualisation security solution, Kaspersky Security for Virtualization | Light Agent. The product delivers advanced protection to not only the VMware platform, which accounts for 47 per cent of the market[2], but now also the Citrix (18 per cent) and Microsoft (24 per cent) platforms. The new light agent technology is Kaspersky Lab’s first ever security solution optimised specifically for Microsoft Hyper-V and Citrix XenServer customers, and will provide VMware customers with a choice of agentless or light-agent protection. The protection and performance benefits of Kaspersky Lab’s light agent solution offer the ‘best of both worlds’ over existing agentless and agent-based virtualisation security models.
Kaspersky Security for Virtualization | Light Agent will be available for purchase in the UK on April 22.
Quick Fact
– Kaspersky Security for Virtualization | Light Agent is Kaspersky Lab’s first solution specifically designed for Citrix and Microsoft virtualisation platforms
– Both the new Light Agent and existing Agentless solutions will be offered to customers through a single purchased license of the Kaspersky Security for Virtualization product
– Kaspersky Lab’s new Light Agent solution brings extra security features, including application controls and web usage policy enforcement, to virtualisation environments
– The Kaspersky Security for Virtualization product will be offered in flexible license packages, making it easier for growing businesses to secure future deployments
The Light Agent Performance Advantage
Building and maintaining a virtual network requires specialised software and expertise which differ greatly from the tools and training needed to manage a physical network of endpoints and servers. But too often, businesses apply security software built for physical machines to their virtual network, and suffer a multitude of negative consequences. At best, this ‘agent-based’ protection leads to a wasteful use of computing resources – which is what virtualisation seeks to improve in the first place – and can reduce the consolidation ratio of virtual machines and overall ROI of a virtualisation project.
While users complain about slow performance on their virtual desktops each morning, a real threat to virtual machines across the network is occurring behind the scenes in the form of an ‘Instant On Gap’. This refers to the window of time after a virtual machine is created, and before the latest security updates are downloaded by the security agent on each virtual machine. Until these updates are processed, the virtual machine is vulnerable and depending on how many users are simultaneously downloading these updates to their individual VMs, and how many days worth of security updates there are to process, this window of vulnerability can drag on for minutes, or even hours. While this process of updating the security databases on virtual desktops drags on, the resources of the virtual servers will be heavily strained, resulting in poor network performance and a lower return on a company’s virtualisation investment.
Kaspersky Security for Virtualization | Light Agent delivers benefits that offer clear advantages to the traditional agent-based approach. In the light agent model, almost all resource-intensive security processing is performed by a dedicated virtual appliance at the hypervisor level. By channeling virtualised network traffic and files through this up-to-date appliance, VMs are fully protected by the latest security updates the instant they are created, and the need to push redundant copies of anti-malware databases across the network to each VM is eliminated. Kaspersky Lab’s intelligent scanning also ensures the same file is not scanned multiple times, freeing up additional system resources.
The Light Agent Protection Advantage
Just as the light agent approach offers better performance than ‘agent-based’ security, a light agent approach will also offer improved protection over ‘agentless’ security. Agentless security models offer performance advantages by having 100 per cent of security tasks performed away from the virtual machine by a dedicated virtual appliance, but this limits the software’s ability to perform advanced security management and network protection tasks on virtual endpoints. An agentless security system effectively protects file-based activity, but cannot protect against web-born malware, such as worms or other advanced threats, which can penetrate the system processes of virtual endpoints and spread across a network. This is where a light agent approach strikes the ideal balance of performance and protection.
Kaspersky Security for Virtualization | Light Agent includes a small software agent on each virtual machine, far different from the resource-hogging software found in the traditional agent-based model. This small agent enables big security capabilities, allowing Kaspersky Security for Virtualization | Light Agent to put the full power of Kaspersky Lab’s security expertise to work guarding a virtual network, and can be deployed without rebooting. Some of the advanced protection technologies enabled by a light agent solution include:
– Application Controls
– Device Controls
– Web Usage Policies
– Host-based Intrusion Prevention Systems (HIPS) and Firewall
Kaspersky Security for Virtualization | Light Agent also includes all of the security capabilities found in Kaspersky Lab’s agentless solution, including heuristic file analysis and cloud-assisted intelligence via the Kaspersky Security Network for real-time information on emerging threats and malicious applications. Kaspersky Lab will continue to offer Kaspersky Security for Virtualization | Agentless – currently available only for VMware environments – as an effective solution for data centers or server environments that don’t access the Internet, and situations where steadily-high consolidation ratios and automatic protection of every new VM are paramount.
“Driven by the research of our security experts, we’re on a mission to educate businesses about virtualisation security risks, and provide them with options for protecting their network,” said Nikolay Grebennikov, Chief Technology Officer, Kaspersky Lab. “There is no ‘one-size-fits-all’ solution for any network, so by offering a combination of virtualisation security options for the three largest virtual platforms in the world, Kaspersky Lab is ensuring our customers stay protected while getting the most from their virtualisation investment.”
For more details about Kaspersky Security for Virtualization | Light Agent, please visit Kaspersky Lab’s B2B Security Blog.
Management and Licensing
Kaspersky Lab’s virtualisation security products offer a combination of security technologies, ease-of-management, and platform compatibility that is unmatched by any other vendor. Using the Kaspersky Security Center administration console, Kaspersky Security for Virtualization is managed from the same screen as Kaspersky Lab’s security solutions for physical machines. This gives IT managers a complete view of the physical and virtual network for managing security challenges and accomplishing daily administration tasks, without the need to toggle different interfaces. Whether using Kaspersky Security for Virtualization | Agentless, Kaspersky Security for Virtualization | Light Agent – or a combination of both applications – IT managers can control their entire Kaspersky Lab security solution from a truly unified management console, and easily manage any migration from physical to virtual, or from one virtual platform to another.
Kaspersky Lab offers a unified license for its virtualisation security products, so businesses that purchase a license for Kaspersky Security for Virtualization will have access to both Kaspersky Security for Virtualization | Agentless and Kaspersky Security for Virtualization | Light Agent. Flexible licensing options enable businesses to purchase licenses based on either the ‘per virtual machine’ – which is based on knowing the exact amount of virtual server and desktop licenses needed – or ‘per core’ based on the number of CPU cores found in a customer’s virtualisation hardware, which provides businesses with flexible room to expand their network as needed.
System Requirements
Kaspersky Security for Virtualization | Light Agent is ready to operate on the VMware ESXi 5.1 and 5.5 hypervisors; Microsoft Hyper-V Server 2008 R2 / 2012 hypervisor; and Citrix XenServer 6.0.2 / 6.1 hypervisor. For a full list of supported operating systems per hypervisor type, please visit the Kaspersky Security for Virtualization | Light Agent product page.
Today, Kaspersky Security for Virtualization | Light Agent is available upon request for evaluation to customers and partners in the United States, and will be publicly available for purchase on April 22 in the United States, Russia, United Kingdom, Germany and Australia.
[2]Data Center Survey, August 2013
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.