Endpoint Protection

 View Only

  • 1.  Symantec SVA with vShield Endpoint

    Posted Jun 16, 2014 03:02 AM

    Hi All,

     

    I have refered to a documentation for installing SVA on vmware vShield. But I'm still unclear on how does it integrates with vShield Endpoint. I have a vmware document where it says that Security Virtual Appliances will integrate with vShield Endpoint. But I haven't come across anything as such in Symantec documentation. Even the SVA_InstallSettings - Default.xml file doen't have vShield endpoint mentioned in it. Yes, it does asks credentials for vShield Manager. But I cannot get any reference on how Symantec SVA gets integrated with vSheld Endpoint. Can anyone help me with it?



  • 2.  RE: Symantec SVA with vShield Endpoint



  • 3.  RE: Symantec SVA with vShield Endpoint

    Posted Jun 16, 2014 05:58 AM

    Thanks James. I refered to these documents already. Let me put is this way.

    1. Is it absolutly necessary to installe vShield Ednpoint so as to use Symantec SVA?

     As per my understanding, Yes, It is required as it will allow hypervisor to offload antivirus activities with the help of vmware EPSEC LKM.

     

    2. So now I must integrate SVA with vShield Endpoint, How to do that? I'm looking for a stp-by-step guide on this. I know the procedure to import SVA on ESXi or vCenter or vSphere. It is a CentOS guest machine. But how do i integrate this SVA with vShield endpoint so that antivirus activities are offloaded to SVA?



  • 4.  RE: Symantec SVA with vShield Endpoint

    Posted Jun 16, 2014 06:27 AM

    You may want to go thru this thread paying close attention to what ShadowsPapa has to say:

    https://www-secure.symantec.com/connect/forums/sva-not-working-or-communicating-vmware-vdi-clients-or-vm-management



  • 5.  RE: Symantec SVA with vShield Endpoint

    Posted Jun 16, 2014 07:58 AM

    Yes Brian.. That seems to be a rather interesting post.

    I got to know that Symantec SVA doesn't supports scan offliloading or offloading of other antivirus activities. It is solely used in case you are planning to use vShield based Shared Insight Cache. And i have to install SEP on each and evevry Guest VM.

    Now there are two questions,

    1. If it is used only to communicate with vShield based SIC then i would go for a Network based SIC rather than wasting so much efforts in deploying and managing SVA.

    2. Why does it asks for sylink.xml while installing SVA as GVMs are already having SEP installed on them and they are directly communicating to SEPM.

     

    OR it is just another not-to-be-used product..