Page | 5
This new structure allows vShield to run with more than one partner on
the same ESX host. This is inline with VMware’s cloud and multi-tennacy
model where multiple tennants in the cloud may perfer to use one AV
vendor over another. Additionally, within a partner they may want in
future to have separate virtual appliance (VA) for each security function –
like a VA for AV, a VA for encryption and so on.
As you might expect most of the AV vendors provide much the same
features such as on access and on demand scanning. The biggest variance
appears to be what they do if they encounter a virus. This general reflects
their own position on what to do if a virus is encounted. They each have
their own ideological view point, and this often reflects how they have
handled virusus before virtualization became mainstream.. So some will
delete an infect file, whilst some will quarantine it – others might attempt
to clean-up the file. They also seem to compete around who has the best
caching and filtering algorithms and tools – to reduce the burden of
checking files that have been checked before, or files that are to be
ignored by the scanning process. Others compete by saying they learn of
new virusus quicker than their competitors, and therefore can offer more
protection from rapidly spreading dangers.
Hardware and Software Requirements
To get started you need at least one vShield Manager for each vCenter – vShield
App and Endpoint require on virtual appliance for each ESX host in the cluster –
and one vShield Edge per portgroup on a virtual switch. Our focus will merely be
on the configuration of vShield Endpoint – but we’ve chosen to include the
requirements for all the features just in case you decide to adopt vShield in your
wider environment.
The other thing you will need is a Security Virtual Appliance (SVA) from a 3
rd
party anti-virus provider. That can be a little tricky as there isn’t a huge number
of them - if you are just wanting to evaluate vShield Endpoint, most of the 3
rd
parties do not allow you to just trip along to their website and download. Most
times you will have to register and then be checked out. This is to ensure you
get proper support during the evaluation, and ensure you don’t get a false
impression of the quality of the implementation – that is more a reflection of
your ignorance. That’s what they say. Hopefully sales people won’t harangue
you!
The SVA is a virtual appliance that interfaces with the vShield Virtual Appliance
and normally incorporates its own web front-end often referred to as the
Security Virtual Console (SVC). This SVC can be used to deploy many SVA’s to
each ESX host. Many vendors also incorporate an optional “agent” that can be
installed into the virtual desktop. Strictly speaking this not required, but some
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales