Endpoint Protection

 View Only

  • 1.  Security Virtual Appliance (SVA) Integration with SEP

    Posted Oct 22, 2015 01:59 AM

    Hello all . I need to know some information regarding Security virtual appliance (SVA) integratin with Vmware ESXi host so that the SVA can host Shared insight cache that will be referenced each time the GVMs on host machine will run either a full or manual scan they will refrence the Cache hosted by SVA to exempt known good files from scanning to minimze CPU and I/O utilization.

    So what I need to know is am I required to install SEP agent on each GVM on esxi host ? or would it be agentless malware/virus scanning on these GVMs ?

    Your replies would be highly appreciated. Thanks



  • 2.  RE: Security Virtual Appliance (SVA) Integration with SEP

    Posted Oct 22, 2015 02:18 AM

    Any 1 ?



  • 3.  RE: Security Virtual Appliance (SVA) Integration with SEP

    Posted Oct 22, 2015 04:59 AM

    Hope this answer's your questions,

     

     New features for your virtual environment 

    The new virtualization features include the following:

    ■ Shared Insight Cache

    The Symantec Endpoint Protection Shared Insight Cache reduces the need to scan files in a virtualized environment that Symantec Endpoint Protection has determined are clean. Shared Insight Cache runs independently of Symantec Endpoint Protection. However, you must configure Symantec Endpoint Protection Manager to specify the location of Shared Insight Cache so that your clients can communicate with it.

    No special license is required to install or run Shared Insight Cache.

    ■ Virtual Image Exclusion

    Instead of continually scanning system files for viruses, the Virtual Image Exclusion tool lets you whitelist files from your baseline image on virtual machines. You run the Virtual Image Exclusion tool from the command line. However, you must also configure Symantec Endpoint Protection Manager so that your clients skip the whitelisted files.

    ■ Hypervisor detection

    Symantec Endpoint Protection Manager now automatically detects which clients are virtual, as well as their virtual platform. This feature lets you not only know more about your clients, it also lets you create policies for virtual machine groups and search for virtual clients.

    ■ Symantec offline image scanner 

    The Symantec offline image scanner can scan offline VMware .vmdk files to ensure that there are no threats in the image.



  • 4.  RE: Security Virtual Appliance (SVA) Integration with SEP



  • 5.  RE: Security Virtual Appliance (SVA) Integration with SEP

    Posted Oct 22, 2015 06:37 AM

    Guys thanks for your replies . My question simply stated that  am I required to install SEP agent on each GVMs  so that they can access the virtual insight share cache hosted inside SVA for lookups while doing the scans. 

     



  • 6.  RE: Security Virtual Appliance (SVA) Integration with SEP

    Posted Oct 22, 2015 06:55 AM

    Yes regardless of the nature of the machine, Physical, Virtual, Thin Client, VDI client, Persistent or Non Persistent it should have a SEP client installed to it.



  • 7.  RE: Security Virtual Appliance (SVA) Integration with SEP

    Posted Oct 22, 2015 07:51 AM

    No such thing as agentless scanning for SEP. Each client needs a SEP install.