Hi,
We use Symantec Endpoint Protection (SEP) on our host machines. Do you also install antivirus software on each VM, or do you reckon SEP will protect the running VMs as well? Will SEP even be able to scan into a shut down VM file system?
By running SEP on both the host machine and all the powered up VMs I fear a fight between mulitiple scanning processes, not to speak of the license cost.
Cheers,
Steen
Hi,
Treat every VM as you treat your physical host and that means you should install antivirus into every VM.
Normally antivirus will not check your vmdk (virtual disk files) and if it does you should exclude the file type from your antivirus as like you say you wouldn't want the host OS antivirus to combat with the guest OS antivirus.
PS: I have not touched a Symantec antivirus product in a decade so cannot answer the SEP specific questions, but unless Symantec explicitly advertises with it to scan in your vmware virtual machines you can be quite certain it doesn't do that.
--
Wil
Hi,
I am Chetan Savade from Symantec Technical Support Team.
Symantec Endpoint Protection Manager and clients operate with the same functionality in virtual environments as they do in physical environments. Symantec Endpoint Protection provides the features that improve performance in virtual environments. Deploying the management server and clients in virtual infrastructures is identical to physical deployments. Every operating system let it be Physical or virtual it must have SEP installed.
SEP 12.1 has many new features.
It provides advanced virtualization support with the help of following features:
1) Virtual Image Exception – Allows to exclude all the files on a baseline image from scanning.
2) Shared Insight Cache – A stand alone server that enables clients to share scan results. This allows clients to skip scanning files that have already been scanned by another client.
3) Virtual Client Tagging – Makes the clients virtualization aware and sends back the hypervisor vendor to SEPM. That data can be used in client searching and reporting.
4) Offline Image Scanner – A stand alone tool to scan offline VMware image (VMDK) files.
Best practices for virtualization with Symantec Endpoint Protection 12.1.2
http://www.symantec.com/docs/TECH197344
Managing Symantec Endpoint Protection in virtual environments
http://www.symantec.com/docs/HOWTO55356
Best Regards,
Chetan
Thanks for your answer.
Do I need a separate SEP license for each VM, or can/may the host machine's license be used on the VMs it hosts as well? I couldn't find an answer to that on the Symantec website.
If it matters then the hosts we're talking about are Windows 7 workstations for use by a single developer, and all VMs are local to each host. It's not servers hosting virtual desktops for other users for instance.
Cheers,
Steen
Hi,
Q. Do I need a separate SEP license for each VM, or can/may the host machine's license be used on the VMs it hosts as well
--> Each running instance (physical and/or virtual) must be licensed. A Symantec Endpoint Protection license applies to the Symantec Endpoint Protection clients. For instance, in a network with 50 endpoints, the license must provide for a minimum of 50 seats.
Licensing enforcement rules
http://www.symantec.com/docs/HOWTO55135
Best Regards,
Chetan