Using Symantec Endpoint Protection in virtual infrastructures
Symantec Endpoint Protection provides the Shared Insight Cache and Virtual Image Exception features for virtual infrastructures, which you can enable to improve performance. You need to perform some additional installation and configuration tasks to enable these features.
Table: Virtual infrastructure features and their use
Feature and use
Use a Shared Insight Cache to skip the scanning of files that are known to be clean.
Shared Insight Cache keeps track of the files that are known to be clean. Shared Insight Cache can reduce the scan load by eliminating the need to rescan those files.
You can set up the following types of Shared Insight Cache:
A vShield-enabled Shared Insight Cache
Virtual clients in a VMware vShield infrastructure can use a vShield-enabled Shared Insight Cache reduce scan loads.
A network-based Shared Insight Cache
Virtual clients that use any kind of virtual infrastructure can use a network-based Shared Insight Cache reduce scan loads.
Symantec supports the use of the vShield-enabled Shared Insight Cache only for VMware infrastructures.
See About Shared Insight Cache.
See What do I need to do to use a vShield-enabled Shared Insight Cache?.
See What do I need to do to use a network-based Shared Insight Cache?.
Use the Virtual Image Exception tool so that clients can skip the scanning of base image files.
The Virtual Image Exception tool lets you mark base image files as safe so that scans skip those files to reduce scan loads.
Symantec does not support the use of the Virtual Image Exception tool in a physical environment.
See About the Virtual Image Exception tool.
Configure the non-persistent virtual desktop infrastructures feature.
Symantec Endpoint Protection clients have a configuration setting to indicate that they are non-persistent virtual clients. You can configure a separate aging period for the offline GVMs in non-persistent virtual desktop infrastructures. Symantec Endpoint Protection Manager removes non-persistent GVM clients that have been offline longer than the specified time period.
See Configuring a separate purge interval for offline non-persistent VDI clients.
The protection technologies in Symantec Endpoint Protection Manager and Symantec Endpoint Protection typically function the same way in virtual infrastructures as they do in physical infrastructures. You can install, configure, and use Symantec Endpoint Protection Manager and Symantec Endpoint Protection clients in virtual infrastructures in the same way as in physical infrastructures.