Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

vShield Endpoint - Agentless AV

Created: 09 Sep 2010 • Updated: 01 Dec 2010 | 2 comments
This issue has been solved. See solution.

We are about to undertake a major VMware virtualization project and one on the things that has come up is the vShield Endpoint solutions out there. Wanted to know if anyone knows where symantec is at with this. VMware says they are working with Symantec and others on this but I don't see anything from Symantec. Other vendors seem to be ahead of the game.

Comments 2 CommentsJump to latest comment

M.C.'s picture

I am interested in this also. We use SEP11 for physical machines, and I need to know what is in store for vShield Endpoint and when it will be available. I am working on deploying View 4.5.

dschrader's picture

vShield, as it currently exists, is all about file based endpoint security.  In other words, it is a set of APIs for directing files, as they are accessed, to a security VM for virus scanning.

The problem with this approach is that it doesn't allow for intrusion protection, packet analysis, browser protection, real time heuristics, application control, device control, NAC - all functions currently or planned to be in SEP.

If all you want is file scanning, vShield with a vShield compliant endpoint solution (the only one I know is Trend), is fine.  But believe me, you want more then that.  We are working with VMware on addressing these issues in vShield, but don't expect a quick fix.

In the meantime, if you want strong endpoint protection, you need a good endpoint agent in each VM.  SEP works well in VMware.  Here is a white paper that may help in deploying it in a VM environment - http://eval.symantec.com/mktginfo/enterprise/white_papers/b-endpoint_protection_virtualization_best_practices.pdf.

You should also think about CSP for virtualized servers.

SOLUTION