VMware Horizon Community
watchnoface
Contributor
Contributor
‎09-20-2011 12:18 PM
Jump to solution

VMware View Parent Image

Guys.

I have an issue and am hoping someone can answer the following questions:

1. If not using a peristent disk, do you really need anti-virus if the users connect to an isolated VLAN and vms refresh at logoff?

2. Linked clones are being created in AD under the correct OU with proper names using Quick Prep. The problem is that the actual virtual machines (linked clones) are saying they are a part of a workgroup on My Computer properties. Do I need to make the parent a part of the domain first before snapshotting it?

Thanks in advance

Tags (1)
0 Kudos
1 Solution

Accepted Solutions
JoJoGabor
Expert
Expert
‎09-21-2011 08:24 AM
Jump to solution

Yes you always need AV. Imagine your users surfing the internet with no AV, infecting your machine and using that as a host to do nasty things to the rest of your network.

yes you can reboot to undo any harm to the local machine, but imagine a worm that infects your VDI every time after it reboots.

You can mitigate the effect of AV faull scans by scanning your master image and doing a recompose each week, if your security policy dictates a weekly full scan. For persistent images, there are other solutions/workarounds

View solution in original post

0 Kudos
4 Replies
watchnoface
Contributor
Contributor
‎09-21-2011 07:49 AM
Jump to solution

I did some hunting and found the answer to one of my questions in the View 5 documentation. The parent has to be apart of the Windows domain inorder for linked clones to join successfully.  Still would like some feed back on the anti-virus question though.

Best,

watchnoface

0 Kudos
mittim12
Immortal
Immortal
‎09-21-2011 07:51 AM
Jump to solution

I think you always need antivirus.   If you are conerned about the performance hit of AV then you can do some things that may reduce that but I'm always a fan of having it here.   

JoJoGabor
Expert
Expert
‎09-21-2011 08:24 AM
Jump to solution

Yes you always need AV. Imagine your users surfing the internet with no AV, infecting your machine and using that as a host to do nasty things to the rest of your network.

yes you can reboot to undo any harm to the local machine, but imagine a worm that infects your VDI every time after it reboots.

You can mitigate the effect of AV faull scans by scanning your master image and doing a recompose each week, if your security policy dictates a weekly full scan. For persistent images, there are other solutions/workarounds

0 Kudos
watchnoface
Contributor
Contributor
‎09-21-2011 08:28 AM
Jump to solution

Thanks for advise guys. I will stagger the definition updates for my av.

0 Kudos