VMMikeC
Enthusiast
Enthusiast

Antivirus on vDesktops

Jump to solution

Hello,

Just wondering what others are doing in regards to best practices for installing antivirus agents on vDesktops. Are most installing the typical AV software that they would install on physical machines, or are you utilitzing vShield Endpoint ?

TIA

Mike

0 Kudos
1 Solution

Accepted Solutions
chaz112182
Enthusiast
Enthusiast

we currently have enable on access scanning turned on

you can create policies within the sophos management console and then link the policies to specific desktop or even desktop groups (i.e. per floor, etc)

so in affect yes you can stagger the scans

View solution in original post

0 Kudos
10 Replies
mittim12
Immortal
Immortal

Mike, here is a link to a AV whitepaper that VMware put out earlier in the year, http://www.vmware.com/files/pdf/VMware-View-AntiVirusDeployment-WP-en.pdf.   As far as endpoint I haven't read anything to indiciate that a lot of people are adopting this at a fast pace.  If I'm not mistaken Trend is the only company that has released something that is compatible with endpoint.  

VMMikeC
Enthusiast
Enthusiast

thanks! and thanks for the quick reply. I will leave the question open to see if others can post some feedback. I appreciate it.

0 Kudos
buckethead
Hot Shot
Hot Shot

We are using Trend OfficeScan 10.5 on our virtual desktops.  AV is something we have fought with for a couple of years in the VDI realm.  OfficeScan 10.5 has been a huge help and gives us a way to keep AV on the system without fear of AV scans or updates taking the system down.  I am not aware of a similar AV product out there yet.

http://esupport.trendmicro.com/0/Officescan-Support-for-Virtual-Desktop-Infrastructure-VDI.aspx

VMMikeC
Enthusiast
Enthusiast

thanks buckethead. This is different than Trend Deep Security 7.5. OfficeScan 10.5, I'm assuming is your typical AV agent that can be installed on every physical or virtual desktop, whereas Deep Security 7.5 is more for VMware's Endpoint solution. Is that correct?

0 Kudos
buckethead
Hot Shot
Hot Shot

Yes, Trend Deep Security and Trend OfficeScan 10.5 are two different products.  We have used Trend OfficeScan/ ServerProtect as our company email for years.   You are correct that OfficeScan can be used for Virtual and Physical systems.  We have been very happy with it and even run some AV Scan tests to see how it would affect our Storage and it has had little affect.

I think Deep Secuirty is just for virtualized systems.  I have seen a demo on it but have not played with it yet.

0 Kudos
chaz112182
Enthusiast
Enthusiast

hello,  we are using sophos  endpoint security   in our VDI deployment and haven't had any issues.  we deploy using a GPO so that helps when we do a recompose the client is easily pushed back out and communication is re-established with the management server.   we went with sophos because of it's light footprint and low resource consumption.

cheers.

0 Kudos
VMMikeC
Enthusiast
Enthusiast

Chaz very interesting. I have been interested in Trend Micro for a long time, but when my company switched from McAfee, they opted for Sophos.

Sophos is running on all our physical machines. Are you doing any type of On Demand Scanning? Is there a way to stagger those scans in Sophos?

0 Kudos
chaz112182
Enthusiast
Enthusiast

we currently have enable on access scanning turned on

you can create policies within the sophos management console and then link the policies to specific desktop or even desktop groups (i.e. per floor, etc)

so in affect yes you can stagger the scans

View solution in original post

0 Kudos
VMMikeC
Enthusiast
Enthusiast

thanks that really helps. appreciate it

0 Kudos
tjoefpo
Contributor
Contributor

Chaz, are you able to do stagger scan\updates with the sophos 9.5 endpoint.?

0 Kudos