Can Symantec Anti-Virus (running on the host system) conflict in any way with VMWare?
Also, in general, can VMWare conflict with other apps on the host system or is it fairly isolated? If so, what applications have issues running with VMWare?
Thanks.
Yes, antivirus programs scanning virtual disk files can interfere.
Also there are numerous programs that can interfere with VMware networking (firewalls, routers, NAT, VPN and so on...).
So... what is the recommendation? Not run a virus scanner?
btw, this would only happen while doing "full scans" right (scanning the whole hard drive)? or are there issues while a virus scanner is scanning currently executing exes?
Thanks.
Run your Virus scan on the host when the VM is not being accessed and you should be fine.
btw, this would only happen while doing "full scans" right (scanning the whole hard drive)? or are there issues while a virus scanner is scanning currently executing exes?
Just exclude directory(ies) that you have your virtual disks on. That should be good enough.
Hi Peter, are RMDs (Raw mapping disks) counted as VMDK (virtual disks) as well in this case?
> are RMDs (Raw mapping disks) counted as VMDK (virtual disks) as well in this case?
Physical disks SHOULD be not mounted by the host while the VM is running - so they can't be scanned by AV-tools
___________________________________
description of vmx-parameters:
The files that should be excluded are:
.vmem
.vmdk
.vmem is VM memory - the most common conflict is antivirus / compression / encryption software intercepting writes to this file for some sort of scanning, which causes throughput to drop so far that the VM can fail. When this is antivirus, it's usually due to a bug in the software not being able to handle that much traffic.
.vmdk is virtual disks ... these are just too big to scan effectively, and the AV software won't find anything anyway, as it's a raw disk format and not individual files.
Or exclude the entire VM directory. The other files are snapshot/suspend files (which make no sense to antivirus) or textual config files and log files.
A VM doesn't execute data on the host, so the files themselves don't need an antivirus scanner. That said, running antivirus within the guest can be a very good idea - the host cannot protect guests from viruses.
I am sorry I think I posted my question in a wrong place. I am using ESX servers and all VMs are generated from there. So I don't have any anti-virus filter installed on the ESX level. They are installed on the VMs.
Within a guest, do whatever you would like - antivirus is just another application in the guest, doesn't affect virtualization at all.
Thread moved to the ESX 3.5 forum, as user informed that he is using ESX not workstation
If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points
Tom Howarth
VMware Communities User Moderator
Symantec caused a problem before we switched, this isn't isolated to VM per se. We totally ditched Symantec due the way it keeps a lock on files as it scans, it caused many apps to hang.
We therefore quit using Symantec, and it appears that's what is happening to you. You have to exclude certain folders with executables to keep this from happening, but it's definately not related to only VM's.
We were seeing high CPU utilization problem (sfmsv.sys) when there was an intensive traffic going on. So I removed entire SAVCE (10.1) not just disabled real-time scan. hopefully that was it.