Post by Mike Rose, VMware Systems Engineer
In today’s world, protecting your system from viruses and malware is a must. There are no shortages of viruses, spyware or phishing programs out there and you can bet they are all trying to make their way into your environment. Whether you’re in a physical environment or a virtual environment, security should be one of your top priorities.
When I’m talking with customers about securing their virtual environment from these threats, a challenge I hear them speak of is impact to the performance of their IT infrastructure. Questions I get are: “How do I protect our company from these threats while at the same time ensuring performance on our virtual machines and physical hosts still meet our demands?” “How do I make this an easier process to deploy, configure and manage in our ever growing environments?”
VMware vShield Endpoint. vShield Endpoint is now a feature of the vSphere package and is included starting with the Essentials Plus kit through all of the higher editions of vSphere. vShield Endpoint revolutionizes the thinking behind how to protect guest virtual machines from viruses and malware. The solution optimizes antivirus and other endpoint security for use in VMware vSphere and VMware View environments.
One confusing point that comes up from time to time is the functionally of the vShield Endpoint. I have been asked a few times to compare our vShield Endpoint with one of the other leading virus and malware programs. However, vShield Endpoint itself doesn’t actually scan for viruses nor does it check for malware. vShield Endpoint is VMware’s technology that deploys as a virtual appliance on each of your ESXi Hosts that you wish to protect. This virtual appliance is then integrated with one of our Integrated Partner Solutions for Networking and Security who provide the software that plugs into the virtual appliance. Our Partner’s software is the engine behind all the scanning.
Architecture of the vShield Endpoint
There are several advantages to deploying the vShield Endpoint appliance in your datacenter. All communication into and out of the host is filtered through the vShield Endpoint appliance which shrinks the footprint, decreases the risk of infection and creates a tighter control against any potential threat. A virtual gate-keeper of sorts. vShield Endpoint removes the need for installing agents in the guest virtual machine which in turn frees up system resources and improves performance. It simplifies deployment, eases management and reduces cost for 3rd party programs. Additionally, unlike the guest virtual machine, vShield Endpoint is always up and running ready to protect your environment by continuously keeping the antivirus and malware signatures up to date.
Here are some links I recommend to my customers that give great information and detail to help finalize their decision to get this going in their IT infrastructure:
- vShield Endpoint Datasheet
- vShield Endpoint product page
- Integrated Partner Solutions for Networking and Security
I’d like to hear your suggestions and comments on how you’re protecting your IT environment.
Thanks for your time,