VMware vShield™ Endpoint strengthens security for virtual machines while improving performance for endpoint protection by orders of magnitude. vShield Endpoint offloads antivirus and anti-malware agent processing to a dedicated secure virtual appliance delivered by VMware partners. The solution is designed to leverage existing investments by allowing customers to manage antivirus and anti-malware policies for virtualized environments with the same management interfaces they use to secure physical environments.
- Improve consolidation ratios and performance by eliminating anti-virus "storms"
- Streamline antivirus and anti-malware deployment and monitoring in VMware environments.
- Satisfy compliance and audit requirements through logging of antivirus and anti-malware activities.
Questions?
1-877-486-9273
VMware vShield Endpoint FAQs
- 1. What VMware products are compatible with VMware vShield Endpoint?
-
vShield Endpoint is compatible with:
- (Required) vSphere: 5.0 (including VMware ESX)
- vCenter Server: 5.0
- vShield App 1.0
- vShield Edge 1.0
- VMware View 4.5
2. Is vShield Endpoint compatible with earlier versions of VMware ESX (3.0, 3.5) and VMware vCenter (2.5)?
-
vShield Endpoint is not compatible with these earlier versions of VMware ESX and VMware vCenter. Customers are encouraged to upgrade to current versions of vCenter and vSphere (including ESX 4.0, 4.1) to benefit from security and other advanced virtual data center management capabilities.
- 3. What are the main use cases for vShield Endpoint?
For virtual desktop (VMware View) deployments, enterprises can support thousands of internal and external users with:
- Comprehensive security for View servers
- Anti-virus agents to protect client data
- Optimal performance and scalability
vShield Endpoint, along with VMware vShield Edge, lets you:
- Improve performance by offloading AV processing
- Reduce costs by freeing up virtual machine resources and eliminating agents
- Improve security by streamlining AV functions to a hardened security virtual machine
- Protect View application servers from threats
- Demonstrate compliance and satisfy audit requirements with detailed logging of offloaded AV tasks
- 4. What are the similarities and differences between the various VMware security solutions?
-
Solutions for virtualized network security on vSphere-based environments:
- vShield App
- vShield App with Data Security
- vShield Edge
- vShield Endpoint
-
The following table summarizes a comparison of key features for these products:
Feature vShield Edge
vShield App vShield App with Data Security
vShield Endpoint
Deployment Method
Per port group
Per host
Per host
Per host
Enforcement
Between virtual datacenter and un-trusted networks
Between virtual machines
Between virtual machines
Within the guest virtual machine
Anti-virus, Anti-malware
No
Yes
Yes
Yes
Site-to-Site VPN
Yes
No
No
No
NAT, DHCP services
Yes
No
No
No
Load balancing
Yes
No
No
No
Sensitive Data Discovery
No
No
Yes
No
Stateful firewall
Yes
Yes
Yes
No
Change-Aware
Yes *
Yes
Yes
No
Hypervisor-based firewall
No
Yes
Yes
No
Application firewall
No
Yes
Yes
No
Flow Monitoring
No
Yes
Yes
No
Groupings for policy enforcement
Only 5-tuple** based policies
1) 5-tuple
2) Security Groups: resource pools, folders, containers and other vSphere groupings1) 5-tuple
2) Security Groups: resource pools, folders, containers and other vSphere groupingsAny available vCenter groupings for virtual machines
* Edge security and services are maintained within the host where the edge appliance is deployed. If the virtual appliance were moved to another host, the edge security policies would need to be updated.
** A 5-tuple is defined as the combination of Source IP address, Destination IP address, Source Port, Destination port, protocol.
