VMware Cloud Community
Khue
Enthusiast
Enthusiast
‎02-09-2012 07:53 AM
Jump to solution

vSheild Endpoint Question

I am not sure I completely understand the concept of this aspect of vSphere. From what I gather, it's an appliance that you install on each one of your ESXi servers. It is then able to do antivirus scanning at a disk level, however if you want to do antivirus and malware at the memory level you need to purchase another component from a different vendor that has an application with the ability to use the API that vSheild Endpoint makes available.

Is this correct? So if I wanted to protect my VMs I would need to purchase vSheild Endpoint for n number of virtual machines which would allow me to install an appliance on y number of ESXi hosts. Then I would need to purchase an additional A/V product and comply with their license schema (per host/per vm/per whatever) to get a full A/V solution.

0 Kudos
1 Solution

Accepted Solutions
JonathanG
Enthusiast
Enthusiast
‎02-09-2012 09:09 AM
Jump to solution

"Khue"

  • You need one vShield Manager appliance for the vCenter, not per host.
  • License only vShield Endpoint
  • Purchase compatible anti-virus software (example Trend Micro Deep Security)
  • At this time vShield does not offer an API to do in-memory scanning

[ full disclosure - I work for Trend Micro ]

View solution in original post

0 Kudos
5 Replies
JonathanG
Enthusiast
Enthusiast
‎02-09-2012 09:09 AM
Jump to solution

"Khue"

  • You need one vShield Manager appliance for the vCenter, not per host.
  • License only vShield Endpoint
  • Purchase compatible anti-virus software (example Trend Micro Deep Security)
  • At this time vShield does not offer an API to do in-memory scanning

[ full disclosure - I work for Trend Micro ]

0 Kudos
Khue
Enthusiast
Enthusiast
‎02-09-2012 11:29 AM
Jump to solution

Thanks for the prompt reply! Good info. Thank you!

0 Kudos
FireWorker
Contributor
Contributor
‎02-15-2012 06:18 AM
Jump to solution

A 100% correct  answer would be:

Deep Security Agentless Anti-Malware Proection has a limitation on scanning Memory in the VM.

A Deep Security Agent installed on the VM would be capable to scan the Memory.

(presuming the use of Deep Security 8.0)

Trend Micro Senior Support Engineer, L2, Deep Security Product Champion
0 Kudos
ITSELUISSTUDENT
Contributor
Contributor
‎03-08-2012 09:51 PM
Jump to solution

hi i´m sorri but i don´t speak english.

me gustaria saber si alguien me puede deicr cuantas targetas de red nesecito para que el deep security 8 funcione en mi ESxi5. Urge respuesta muchas gracias.

0 Kudos
PeterRhoades
Contributor
Contributor
‎05-03-2012 11:21 AM
Jump to solution

ITSELUISSTUDENTS -

Acabo de ver tu mensaje.  No se si entiendo lo de tarjetas de red, no creo que hay limite.  El deep security se crea un aparato en cada host que comunican con el endpoint driver dentro de los vm's y con el filter driver en los hosts.  Se instala tambien sola una VM vshield manager para administrar los hosts (instalar el filter driver, etc).  Se requiere una licencia para el vshield endpoint de VMWare y tambien el software Deep Security por Trend.  Toda la comunicacion entre los aparatos y los hosts se queda dentro de un vswitch de esxi.

Siento que el espanol no me sale tan bien como hace anos atras. 


Saludos!

0 Kudos