2 Replies Latest reply on Dec 7, 2013 6:24 PM by pschraml

    Antivirus with Mirage

    kclinden Novice

      I am working on a Mirage deployment for a Proof of Concept and I am not sure how to handle antivirus. We use Symantec Endpoint Protection (SEP) for all of systems (virtual or physical). Is it best to put SEP in the base layer? What do you do for generating a unique ID with the server?




        • 1. Re: Antivirus with Mirage
          AJ Master

          Refer article 2052489 on kb.vmware.com

          • 2. Re: Antivirus with Mirage
            pschraml Hot Shot
            VMware Employees

            You can place the SEP into the base layer of your win 7


            Assuming that the environment is centrality managed and you have SEP installed on the XP clients you will have to set the below too.

            When SEP is installed on WinXP, you will face the issue the SEP is blocking Mirage from moving the folder C:\Documents and Settings into C:\Windows.Old\Documents and Settings

            The main reason for that is that SEP tries to protect files several of it’s files under C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection

            This issue can be solved with configuration below:

            • Exclude Mirage in SEP.

            From Symatec Endpoint Protection Manager:

            1. Select Policies.
            2. Under Policies, click on Exceptions.
            3. Under Exceptions Policies, right click on the relevant policy and select Edit…
            4. Under Exceptions, click on Add -> Windows Exceptions -> Tamper Protection Exception
            5. Under File enter the full path of Mirage service, which is probably “C:\Program Files\Wanova\Mirage
              Note: DO NOT USE [PROGRAM FILES] MACRO (i.e. just keep the Prefix variable [NONE] ).


            • Another option (less secure) is to set the “Tamper Protection” actions to “Log Only”:

            From Symatec Endpoint Protection Manager:

            1. Set the “Tamper Protection” actions to “Log Only”:
            2. Select Clients.
            3. Under Clients, select the Root Group.
            4. Go to Policies tab, and click on General Settings
            5. Go to Tamper Protection tab.
            6. Choose Log the event only.


            These settings are also available on the local client if un-managed.

            details can be found under http://www.symantec.com/business/support/index?page=content&id=TECH102529


            Otherwise the result is that you can migrate to Win7 but the user profile will be is missing after migration.