Session speakers Dean Coza and Marios Leventopoulus
recap of the session
vShield products
Edge
App and Zones
Endpoint offload antivirus protection
Let's concentarte on Endpoint.
endpoint provides interfaces from vendors and move agent antivirus insiden an appliance one per host
Nowadays issues: AV storm.
Antiviruses are heavy resources consumers and theynare not aware of being virtualized. scheduled scan create heavy IO on storage
Memory footprint of the agents are high and in a VDI environmemt can reach 6 GB of utilization. Moving antivirus agent outside the vms is more agile and remediate the painpoints above leveraging the Hyperfisors to offload AV function.
VMSafe: is related to VShield endpoint?
VmSafe blocks threaths before entering the virtual machines while endpoint put remediations, scans actual disks file level and it' real file level scan.
With vShield endpoint we are deploing AV security as a service.
Key benefit
efficiency
less OPEX (new machine automatically protected, always on, always update)
Protection tamper-resistant
API main features
on access scan
on demand scan
chaching and filtering
remediation
There is a componenets inside Endpoint that monitors each events generated by their subcomponents and that display info, warnings and alarms into the vCenter Server giving reccomenndations too.
We can also trigger actions on events:
email notifications
standby
reboot
shutdown
execute a command
There is also a summary dashboard of thenstatus of Endpoint
the future:
offload other security agents
additional better than physical efficiencies
stronger protection throught CPU and Memory introspection
\mf
