Almost three quarters (73%) of companies are relying on standard Endpoint Security-class solutions to protect their virtual environments, which could lead to reduced performance and create an excessive load on their systems, according to a survey from Kaspersky Lab. A third of businesses (34%) remain unaware that specialized security products exist.
According to the findings of a recent survey, only 27% of companies use security solutions which are specifically adapted for virtual environments. Of these, nearly half (48%) use agent-based solutions. Specialized agentless and light-agent solutions are still uncommon and are used in only 35% and 15% of cases respectively.
In using Endpoint Security-class solutions on virtual machines, a number of issues can arise. For example, anti-malware scanning and updating databases on multiple machines simultaneously can have a negative effect on the quality of service, create excessive loads on the infrastructure or even lead to service failure.
To prevent this from happening, specialized solutions can be used that minimize the load on each protected machine, says Kaspersky. This involves the heaviest components of the solutions, namely the scanning engine and database updates, being moved to a dedicated virtual machine, a Security Virtual Appliance (SVA). This dramatically reduces the impact of resources on endpoint desktops and prevents problematic situations of peak loads on the entire infrastructure, through centralized queue management and optimized scans.
Kaspersky Security for Virtualization comes in two versions, agentless and light-agent, and helps ensure reliable virtual environment protection with minimal impact on system resources. The agentless solution functions without any software being installed on the protected machines and operates exclusively via VMware vShield tools.
Kaspersky Security for Virtualization | Light Agent protects against a broad range of threats, as it incorporates a complete set of tools; firewall, Web Anti-Virus, Application Control, Web Control, etc. The anti-malware scanner and databases are deployed on the SVA and a light agent is installed on all the other virtual machines, giving the SVA full access. Even if the local SVA fails, the virtual machines will not be left unprotected. Kaspersky Lab’s patented Fault Tolerance technology ensures that the agents can work with any SVA located within the same network segment.