By Tina de Benedictis, Technical Marketing Manager, End-User Computing
Are you wondering how to best protect against viruses and other malware in a VMware View virtual desktop environment? We have recently updated the white paper on this topic: Antivirus Practices with VMware View 5.
What are the issues with antivirus protection in a virtual desktop environment?
- You need to guard against “antivirus storms.” These periods of over-committed system resources typically occur when many users are logging in or logging out at the same time, such as at the beginning or end of the work day. Antivirus signature file updates also often occur at login. Performance can be considerably impaired during these antivirus storms.
- In addition, if every desktop has its own copy of the antivirus software installed, the memory footprint of the desktop is larger, and performance is further reduced.
An optional component of VMware View resolves these issues: VMware vShield Endpoint. vShield Endpoint comes with the Premier version of VMware View and offloads desktop antivirus protection to a dedicated, secure virtual appliance. Both antivirus scanning and virus signature file updates are handled by this centralized virtual appliance. Antivirus software vendors offer these virtual appliances in partnership with VMware. The virtual appliances integrate with vShield Endpoint APIs to protect against viruses and other malware.
For descriptions of partner virtual appliances, see:
- Trend Micro
- Bitdefender: (See: Bitdefender Datasheet and Bitdefender: Security for Virtualized Environments)
The white paper details the following recommended best practices for antivirus protection in a View deployment:
- For desktops:
- Use vShield Endpoint to protect against viruses in your View desktops
- Install only the core virus scanner if you are not using vShield Endpoint
- Set up random or staggered scan scheduling, or use a partner virtual appliance that utilizes the vShield Endpoint scheduling capabiities
- Keep virtualization and other software up to date
- Configure virus scanner exclusion lists
- Resolve any requirement for unique SIDs in linked-clone desktops
- React properly to virus infections in master images or linked-clone desktops
- Protect the desktops while users are active
- For storage:
- Scan mapped drives or shared folders
- Protect User Data Disks (UDDs)
- Protect the ThinApp Repository, the ThinApp application sandbox, and any involved external drives
- Protect the View Persona Management Persona Repository
Your antivirus protection strategy must consider both security and performance. VMware has provided best practices for you to integrate into your strategy. See the full white paper: Antivirus Practices with VMware View 5.