Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

Symantec Anti-Malware Virtual Appliance Solution for ESX??

Created: 20 Feb 2013 • Updated: 20 Feb 2013 | 10 comments
This issue has been solved. See solution.

Hi,

Does Symantec provide any kind of Virtual Appliances for VMware, capable of detecting viruses and other malware on the rest of VMs that reside inside a ESX server? I'm asking because a client said that he had heard about such product, but can't remember its name. He wants to buy it for his virtual environment, and asked me to help him find more information about it.

Thanks in advance.

 

Discussion Filed Under:

Comments 10 CommentsJump to latest comment

Ashish-Sharma's picture

SEPM 12.1 are supported Below Platform.

Support for additional operating systems

Symantec Endpoint Protection Manager (SEPM) now supports the following operating systems:
■ VMware Workstation 7.0 or later
■ VMware ESXi 4.0.x
■ VMware ESX 4.0.x
■ VMware Server 2.0.1
■ Citrix Xenserver 5.1

What's New in Symantec Endpoint Protection version 12.1

https://www-secure.symantec.com/connect/articles/w...

 

 

Check this thread abd Blog

http://www.symantec.com/connect/blogs/symantec-endpoint-protection-12-adds-vshield-integration-increases-security-effectiveness

https://www-secure.symantec.com/connect/forums/sep...

Thanks In Advance

Ashish Sharma

 

 

Rafeeq's picture

 

Does Symantec Endpoint Protection 12.1 support VMWare vShield?

http://www.symantec.com/business/support/index?page=content&id=TECH175568
Mithun Sanghavi's picture

Hello,

The Symantec Endpoint Protection Security Virtual Appliance is a Linux-based virtual appliance that you install on a VMware ESX/ESXi server. The Security Virtual Appliance integrates with VMware's vShield Endpoint. The Shared Insight Cache runs in the appliance and lets Windows-based Guest Virtual Machines (GVMs) share scan results. Identical files are trusted and therefore skipped across all of the GVMs on the ESX/ESXi host. Shared Insight Cache improves full scan performance by reducing disk I/O and CPU usage.

Note: You must install a Security Virtual Appliance on each ESX/ESXi host if you want the GVMs to access Shared Insight Cache.

Reference:

About the Symantec Endpoint Protection Security Virtual Appliance

http://www.symantec.com/business/support/index?page=content&id=HOWTO81080

The appliance is complete and ready to use as soon as you install it. The appliance includes the Shared Insight Cache.

See About Shared Insight Cache .

See VMware software requirements to install a Symantec Security Virtual Appliance.

See What do I need to do to install a Security Virtual Appliance?.

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SebastianZ's picture

SEP 12.1 guide covers several of the topics regarding the SEP Virtual Appliance for VMware:

Symantec Endpoint Protection and Symantec Network Access Control 12.1.2 Installation and Administration Guide

http://www.symantec.com/business/support/index?page=content&id=DOC6153

 

IV- 29. Installing a Security Virtual Appliance and using a vShield-enabled Shared Insight Cache
What do I need to do to use a vShield-enabled Shared Insight Cache?
What do I need to do to install a Security Virtual Appliance?
About the Symantec Endpoint Protection Security Virtual Appliance
VMware software requirements to install a Symantec Security Virtual Appliance
VMware software requirements for the Guest Virtual Machines
Configuring the Symantec Endpoint Protection Security Virtual Appliance installation settings file
Installing a Symantec Endpoint Protection Security Virtual Appliance
Enabling Symantec Endpoint Protection clients to use a vShield-enabled Shared Insight Cache
Stopping and starting the vShield-enabled Shared Insight Cache service
Service commands for the vShield-enabled Shared Insight Cache
Configuration file settings for a vShield-enabled Shared Insight Cache
About vShield-enabled Shared Insight Cache event logging
Uninstalling a Symantec Endpoint Protection Security Virtual Appliance
 
Ahmad54's picture

Thanks A@shish and Rafeeq for you answers, but from what I understand, I still need to install Symantec Endpoint Protection Manager to a seperate VM that I create, then deploy the clients just as I do on physical machines. Please confirm.

Thank you Mithun Sanghavi, I believe that the virtual appliance you're talking about is what we're looking for.  How is it sold? Is it a stand-alone product? Does it integrate with vCenter?

 

Rafeeq's picture

its on CD2 as sebastin said, its a virtual appliance you need to install it on ESX server

 

Configuring the Symantec Endpoint Protection Security Virtual Appliance installation settings file

http://www.symantec.com/business/support/index?page=content&id=HOWTO81082
 
Ahmad54's picture

Thank you SebastianZ, I just noticed your post.

I downloaded the PDF file, and took a glance at chapter 29.

I understood that I still need the SEP Manager and deploy the SEP clients, then install the virtual appliance. Is this sequence correct? please correct me if I'm wrong.

Thank you once more

SebastianZ's picture

Here is the exact sequence of installation steps:

What do I need to do to install a Security Virtual Appliance?

http://www.symantec.com/docs/HOWTO81110

 

+ requirements if you need:

VMware software requirements to install a Symantec Security Virtual Appliance

http://www.symantec.com/docs/HOWTO81081