vSphere and vSphere with Operations Management
Improve Endpoint Security
VMware vShield Endpoint lets you manage anti-virus and anti-malware policies for virtualized environments with the same management interfaces you use to secure physical infrastructure. vShield Endpoint strengthens virtualization security with enhanced endpoint protection by offloading AV processing to a secure virtual appliance supplied by VMware partners. vShield Endpoint:
- Improves consolidation ratios and performance by eliminating anti-virus “storms.”
- Automates anti-virus and anti-malware deployment and monitoring.
- Satisfies compliance and audit requirements with anti-virus and anti-malware activity logs.
Offload Anti-virus and Anti-malware Functions
Delivered as a secure virtual appliance, vShield Endpoint enables virtual machines to offload file events and the Endpoint Security loadable kernel module to link the first two components at the hypervisor layer.
- The loadable kernel module manages communication between virtual machines and the virtual appliance, using introspection at the hypervisor layer.
- The anti-virus engine and signature files are updated only within the virtual appliance, but policies can be applied across all virtual machines on a VMware vSphere host.
- Housing anti-virus and anti-malware client software in a hardened virtual machine protects it from attack.
- Predefined policies dictate whether a malicious file should be deleted, quarantined or dealt with in another way.
- The vShield Endpoint driver manages file remediation activity within the virtual machine.
Manage Policy and Configuration
- VMware vShield Manager offers full-featured configuration of vShield Endpoint policies.
- VMware vCenter activates vShield features on vSphere.
- REST APIs allow for customized integration of vShield Endpoint capabilities.
Use Role-based Access for Logging and Auditing
- Logging is based on the syslog standard.
- REST APIs and vShield Manager provide access to third-party logging and auditing tools.
- The administrator defines logging on/off for anti-virus and anti-malware file activity such as scanning.