![]() You could put the thin-agent and the dedicated scan system on physical Windows boxes too. ![]() This is NOT a virtual appliance, it's just a windows installable. The agent will offload the On-Access scanning to a dedicated system over plain IP (no VMsafe/vShield APIs being used here). The second MOVE "edition" is intended for VDI and works by deploying a thin-agent instead of a full virus scan application on the target VMs. In this version, every VM keeps it's full virus scan application/agent. I wonder if it suspends scans when DRS/VMotion kicks in during scans and increases the number per host beyond the limit, I guess not). It does this by querying info of which VM runs on which host from vCenter and starts the On-Demanscans accordingly, until the maximum number of concurrent scans are occurring. It aims to limit the maximum number of concurrent On-Demanscans per host or LUN to a configurable setting. One is intended for server-VMs and solely applies to On-Demanscans. McAfee MOVE has a different approach and doesn't require any ESX-side extensions or configurations. Trendmicro Deep Security 7.5 with vShield Endpoint support (currently/still the only product with real vShield Endpoint capabilities) is a bit tricky since you have to install ESX-side extensions and it manipulates some settings on the host (like additional vSwitches and Portgroups, even if you don't use any firewalling features), and the whole thing seems rather immature, but it kinda works.
0 Comments
Leave a Reply. |