Security in the virtual (desktop) world
While it may not be the answer to everything, desktop virtualization offers a good solution for certain usage models, such as where access needs to be restricted to certain information or services, or where desktop management needs to be centralized. In the model, virtual instances of desktops send display information to remote screens, even though the processing is actually taking place on a server.
The model can put strains on the physical IT architecture, however. To avoid bottlenecks, it helps to have an understanding of what's going on in the underlying server, storage and network environment. As well as visibility on what’s running on each virtual machine, and how much resource it is consuming.
This brings us to desktop antivirus software which, like any other package, is going to be contending for processing cycles. With the best will in the world, if a hundred virtual desktops are running on the same server and accessing the same storage, and each kicks off a full disk scan with traditional antivirus software at the same time, the result's not going to be pretty.
Which is why we've put a number of new features into the latest version of our Endpoint Protection product - version 12.1. We've said that the software protects both physical and virtual environments, but what does this mean precisely? First off, we've moved as much of the scanning as possible out of virtual machines, reducing scan overheads by up to 70% and disk I/O by up to 90%. Which is a start, but won't solve the above problem completely - so we've included the facility to prevent simultaneous scans and updates altogether.
We've also added some management features, enabling virtual clients to be automatically identified and brought under Symantec Endpoint Protection, from where they can be more easily administered, policies set up and so on. Offline images - that is, virtual machines that have not been booted up - can also be scanned for viruses and other malware threats.
Virtual desktop environment features are available in the standard edition of Symantec Endpoint Protection 12.1, suitable for environments of 100 or more physical or virtual desktops. If you want to know more about the complete set of features, click here