Search the VMware Knowledge Base (KB)
View by Article ID

Limitations of using VMware Mirage to manage endpoints protected by Kaspersky Endpoint Security (2048424)

  • 0 Ratings

Purpose

This article provides information on limitations of using VMware Mirage to manage endpoints protected by Kaspersky Endpoint Security.
 
Kaspersky Endpoint Security is a suite of software designed to protect an endpoint from malicious attacks. These protective measures may prevent some Mirage operations.

Resolution

VMware Mirage does not support these operations with Kaspersky Endpoint Security:

  • Applying a Base Layer that removes Kaspersky
  • Applying a Base Layer that installs Kaspersky
Mirage is tested with Kaspersky 6.0.4.1424 MP4 R2.

Kasperskys has a built in self defense mechanism that prevents malware, applications, or malicious software from modifying any Kaspersky files, registry keys, or settings. 

When updating a base image or restoring a CVD, Mirage may attempt to modify Kaspersky files or registry keys to update files as required by the operation. For Mirage to make these changes, the software must be white-listed with the Kaspersky Protection software.

Configuring settings in the Kaspersky Administration Kit for centrally managed clients

To configure settings in the Kaspersky Administration Kit for centrally managed clients:

  1. From the Kaspersky Administration Kit, select the administration server.
  2. Click the Managed computers > Policies.
  3. Right-click each policy that manages machines with an installed Mirage client and click Properties.
  4. Under the Protection tab in Exclusions, click Trusted Zone button, and add these actions:

    • %ProgramFiles%\Wanova\Mirage Service\Wanova.Desktop.Service.exe
      • Do not control application activity
      • Do not control registry access
      • Allow interaction with application interface

    • %SystemRoot%\system32\pivot.exe
      • Do not control application activity
      • Do not control registry access
      • Allow interaction with application interface

  5. Verify the policy is distributed to all clients before performing Mirage operations.
An alternate, less secure, option is to disable the self defense feature of Kaspersky.

To disable the self defense feature of Kaspersky:

  1. From the Kaspersky Administration Kit, select the administration server.
  2. Click Managed Computers > Policies.
  3. Right-click each policy that manages machines with an installed Mirage client and click Properties.
  4. In the Settings tab, deselect Self Defense.
  5. Verify the policy is distributed to all clients before performing Mirage operations.

Configuring Settings for unmanaged Kaspersky clients

To configure settings for unmanaged Kaspersky clients:

  1. Right-click the Kaspersky icon in the system tray and click Settings.
  2. Select Protection and click Trusted Zone.
  3. Add these actions:

    • %ProgramFiles%\Wanova\Mirage Service\Wanova.Desktop.Service.exe
      • Do not control application activity
      • Do not control registry access
      • Allow interaction with application interface

    • %SystemRoot%\system32\pivot.exe
      • Do not control application activity
      • Do not control registry access
      • Allow interaction with application interface
To disable the Self Defense feature in unmanaged endpoint (Less Secure):
  1. Right click the Kaspersky icon in the system tray and click Options.
  2. Deselect the Enable Self-Defense option.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 0 Ratings
Actions
KB: