VMware Cloud Community
bdseymour
Contributor
Contributor
‎02-16-2015 12:45 PM

Should I go with vSheild

I was wondering what everyones thoughts were on vShield whether this is on its way out? Replaced by NSX?

6 Replies
vfk
Expert
Expert
‎02-16-2015 01:11 PM

I would recommend looking into NSX, this all depends on your requirements and what you really want to achieve.

--- If you found this or any other answer helpful, please consider the use of the Helpful or Correct buttons to award points. vfk Systems Manager / Technical Architect VCP5-DCV, VCAP5-DCA, vExpert, ITILv3, CCNA, MCP
0 Kudos
bdseymour
Contributor
Contributor
‎02-16-2015 01:22 PM

One requirement would be agent less antivirus scanning. 

Sent from Outlook

0 Kudos
bdseymour
Contributor
Contributor
‎02-16-2015 02:42 PM

I have a someone interested in vShield Endpoint with Antivirus integration

for agent-less scanning. However the end of life was 2014 but it was

extended as part of vCloud Networking and Security which is 2019 and also

being replaced by NSX.

Which direction should I be pointing them?

I believe that they would need to license vCloud Networking and Security

which is only available through purchasing vcloud suite.

On Mon, Feb 16, 2015 at 4:17 PM, Brandon Seymour <brandondseymour@gmail.com>

0 Kudos
RaymundoEC
VMware Employee
VMware Employee
‎03-03-2015 07:12 PM

The natural replace for vCNS is NSX, according your requirements all are cover, so eventually in some time in future you must to move to NSX, so why no to point your client there? , though vCNS is doing (and will still) a great job, but I would say is better to have the last version of vCNS in order to have a painless upgrade towards NSX.

regards

+vRay

+vRay
0 Kudos
Texiwill
Leadership
Leadership
‎03-06-2015 05:31 AM

Hello,

It is very difficult to get NSX at the moment, that will hopefully be changing. In order to get vCNS you must have vCloud Suite, if you do then vCNS will be available throughout the vSphere 6 lifetime. vCNS was EOL'd recently but will work with vSphere 6. Now, vShield Endpoint was migrated into the hypervisor and should still work through vSphere 6. Network based AV will be supported in NSX, but not necessarily offloaded disk AV which still requires vShield Endpoint.

If you are at 5.x of ESXi with no major plans to go to vSphere 6.0 anytime soon then use vShield Endpoint. It is a way to get started then determine the upgrade path post 6.0.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009-2015

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos
kmstitt
Contributor
Contributor
‎03-26-2015 03:43 PM

Sorry I am still confused..

We are currently running vSphere 5.5 with plans to go upgrade to 6.0 with a new server refresh this July.  One of the other items that I had hoped to roll out at the same time is vShield Endpoint for Agentless Antivirus.  But the more I read  the more I get confused.

So there really is not an upgrade path from vShield endpoint except to  migrate to NSX? We are a fairly small organization (5 hosts, 40 VDI guests, 15 Servers) I do not see how I could reasonably justify the high cost to upgrade to NSX (We are on vSphere standard licensing.)  I suppose our other option is to stick with agent antivirus. (which seems to really impact our VDI performance.)

Sorry if I am being dense, but it just does not seem like there is a clear answer on this.

Thanks,

-Kris

0 Kudos