VMware vShield EndPoint Security: Agentless VM Security Solution

Strengthen security for virtual machines and their hosts while improving performance by orders of magnitude for endpoint protection, with VMware vShield Endpoint, part of the VMware vShield family. Offload antivirus and anti-malware processing to dedicated security-hardened virtual machines delivered by VMware partners. Leverage existing investments and manage antivirus and anti-malware policies for virtualized environments with the same management interfaces as physical environments.

VMware vShield Endpoint comprises a hardened, security virtual machine that hosts the third-party anti-virus software. Each virtual machine requiring AV protection only requires a small-footprint, driver software, deployed as a loadable kernel module per vSphere host.

How Does VMware vShield Endpoint Work ?

vShield Endpoint protects virtual machines and their hosts against viruses, malware and other threats. vShield Endpoint plugs directly into vSphere and consists of three components:

1. Hardened security virtual machine (delivered by VMware partners)

2. Driver for virtual machines to offload file events

3. VMware Endpoint Security (EPSEC) loadable kernel module (LKM) to link the first two components at the hypervisor layer

Partner Integrations :

Integration of VMware vShield Endpoint with security virtual machine solutions from VMware partners is facilitated through VMware EPSEC, which provides a library and API for introspection into file activity at the hypervisor layer. vShield Endpoint monitors virtual machine file events and notifies the antivirus engine, via VMware EPSEC, which scans and returns a disposition. It also supports scheduled full and partial file scans initiated by the antivirus engine in the security virtual machine.

ref



Understanding VMware vShield Endpoint And Agentless Malware Protection -


Trend Micro integration with VMware endpoint security - http://www.vmwareforum2011.com/library/documents/finland_1100_trendmicro_session.pdf