Data Center Security

 View Only

  • 1.  Diff between SEP VDI & SDCS

    Posted Aug 09, 2016 09:48 AM

    Hi,

    Can any one help me with the diff between this two products SEP VDI & SDCS.

    thanks in advance.



  • 2.  RE: Diff between SEP VDI & SDCS

    Posted Aug 09, 2016 10:02 AM

    SEP will require an agent.  SDCS:SA has agent-less scanning

    SEP is meant to be deployed to workstations as well as servers.  DCS is really a server side product.  It CAN be deployed to workstations, but fine tuning DCS prevention policies could be a monumental headache in an environment where no two machines are the same.

    SEP is probably WAY less expensive than SDCS.

     

     

    That's just off the top of my head.  I'm sure others will offer their own good points. IMHO, stick with SEP in a VDI environment.



  • 3.  RE: Diff between SEP VDI & SDCS

    Posted Aug 09, 2016 10:10 AM

    Hi Shk,

    Here is really good comparasion beteween SEP and SDCS:SA: https://support.symantec.com/en_US/article.INFO3770.html

    SEP for VDI datasheet: https://www.symantec.com/content/en/us/enterprise/fact_sheets/endpoint-protection-vdi-ds-21360010.pdf

    Hope this helps.



  • 4.  RE: Diff between SEP VDI & SDCS

    Posted Aug 09, 2016 11:47 AM

    thanks Vladx...its really helpful...but can you also expalin what is VDI enviroement. if we have number of Esxi host in datacenter and we want to protect those hypervision than what solution would be suitable. let consider we are having SEP ranning in vmware guest machine. we only need antimalware for those hypervision ESXi servers. no IPS IDS needed in my scenario.

    Thanks in advance.



  • 5.  RE: Diff between SEP VDI & SDCS
    Best Answer

    Posted Aug 10, 2016 06:30 AM

    Hi Shk,

    VDI stands for Virtual Desktop Infrastructure, if you want to learn more, here are really good YouTube videos explaining whole technology: https://www.youtube.com/playlist?list=PL86JaHWC1LoTi2IrBJTdgHu0703iTRIQw

    Basically is provides virtual desktop for end users, which I understand is not really what you need since you want antimalware for the hypervisor which VMWare does not actually recommend: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1036544

    Now if you want to monitor ESXi, you have following options:

    • DCS: Monitoring Edition

    • DCS: Server Advanced

    Comparison of the features and capabilities is here: https://support.symantec.com/en_US/article.INFO2861.html

    Documentation specific to vSphere support guide applicable for both DCS:ME and DCS:SA is here: https://support.symantec.com/en_US/article.DOC9291.html

    You will find that this does not provide traditional antimalware protection for ESXi hypervisor but more of a file integrity and log monitoring due to restrictions of ESXi platform.

    My opinion is that this would be overkill for you requirements and that instead following simple vSphere hardening guidelines, you would be ok: http://www.vmware.com/security/hardening-guides.html



  • 6.  RE: Diff between SEP VDI & SDCS

    Posted Aug 10, 2016 10:21 AM

    Thanks nicely explained.