Improve Endpoint Security

VMware vShield Endpoint lets you manage anti-virus and anti-malware policies for virtualized environments with the same management interfaces you use to secure physical infrastructure. vShield Endpoint strengthens virtualization security with enhanced endpoint protection by offloading AV processing to a secure virtual appliance supplied by VMware partners. vShield Endpoint:

  • Improves consolidation ratios and performance by eliminating anti-virus “storms.”
  • Automates anti-virus and anti-malware deployment and monitoring.
  • Satisfies compliance and audit requirements with anti-virus and anti-malware activity logs.
vShield Endpoint Security Diagram

vShield Endpoint Security Diagram

Offload Anti-virus and Anti-malware Functions

Delivered as a secure virtual appliance, vShield Endpoint enables virtual machines to offload file events and the Endpoint Security loadable kernel module to link the first two components at the hypervisor layer.

  • The loadable kernel module manages communication between virtual machines and the virtual appliance, using introspection at the hypervisor layer.
  • The anti-virus engine and signature files are updated only within the virtual appliance, but policies can be applied across all virtual machines on a VMware vSphere host.
  • Housing anti-virus and anti-malware client software in a hardened virtual machine protects it from attack.

Enforce Remediation

  • Predefined policies dictate whether a malicious file should be deleted, quarantined or dealt with in another way.
  • The vShield Endpoint driver manages file remediation activity within the virtual machine.

Manage Policy and Configuration

  • VMware vShield Manager offers full-featured configuration of vShield Endpoint policies.
  • VMware vCenter activates vShield features on vSphere.
  • REST APIs allow for customized integration of vShield Endpoint capabilities.

Use Role-based Access for Logging and Auditing

  • Logging is based on the syslog standard.
  • REST APIs and vShield Manager provide access to third-party logging and auditing tools.
  • The administrator defines logging on/off for anti-virus and anti-malware file activity such as scanning.