@NutanixNext
Visit Nutanix

Nutanix Connect Blog

Welcome to the Nutanix NEXT community. To get started please read our short welcome post. Thanks!

Showing results for 
Search instead for 
Do you mean 

Anti-Virus Functionality for VMs on Acropolis Hypervisor (AHV)

by Community Manager ‎03-17-2016 09:21 AM - edited ‎03-17-2016 10:14 AM (6,753 Views)

This post was authored by Amit Jain, Product Management at Nutanix

 

Picture1.pngAs virtualization is becoming mission-critical for servers and desktops (VDI), more so in private cloud settings, your IT teams must support increasingly large number of end points and protect those from being exposed to any virus or malware.

 

In a recent blog, I had highlighted how Nutanix Acropolis architecture provides “Holistic” security for your Data Center Stack. In this blog, I would provide details on protecting the end-point through the Intel McAfee MOVE Anti-Virus Multi-platform architecture, which provides superior Anti-Virus functionality for the VMs running on Acropolis hypervisor (AHV) or, in general, for the mixed hypervisor environments.

 

How does it work?

 

In the Intel McAfee MOVE (Management for Optimized Virtual Environments) Multi-platform architecture, the MOVE Anti-Virus (AV) Agent—a lightweight endpoint component—communicates to the offload MOVE Scan Server VM (SVM) to broker the antivirus processing on behalf of each user virtual machine.

 

You can designate and scan a gold image for use as a clean master. Pre-populating the local cache with clean images delivers the fastest VM boot-up time. Upon file access, the MOVE SVM performs an on-access scan, providing a response back to the user VM. Users can be notified of issues through a pop-up alert, and can either delete, deny access to, or quarantine malicious files.

 

Multi-Platform -vs- VMware Tools based Architecture?

 

Now, you may be wondering about the alternate architecture, which is VMware Tools based and is offered by multiple vendors, including Intel McAfee Security. However, the so-called Agentless model too involves a component from the hypervisor vendor, which in this case involves integration with vShield endpoint or NSX and so is very specific to VMware ESXi environments.

 

On the other hand, the Multi-Platform architecture involves the component (or agent) from the Anti-Virus vendor (Intel McAfee Security) itself and provides significant flexibility and efficiency benefits with rapid pace of innovation. So, I have tabulated (as below) the key points of similarities and differentiators across both the architectures.

 

McAfee-FIN-v2-222.png

 

 

Picture13.png

 

Proof Points?

 

As per Intel Security team, more than a third of MOVE customers leverage Multi-Platform architecture for the afore-mentioned benefits. There is a detailed implementation guide on this as well, so you can refer this link.

 

Moreover, the Multi-platform architecture has already been qualified for AHV environment by the Nutanix team!

 

[Techy Tidbit: “Brain”, the first virus infecting the computer, was discovered in 1986. Typically, it is a no-brainer that any virus would leave minimal trail, however this one included the name and contact information of authors! No, the authors (two brothers) weren’t dumb. It was just that the virus wasn’t supposed to be destructive. In fact, the two brothers are currently running a very successful business - as Brain NET Internet service providers]

 

Continue the conversation in the community forums and follow Nutanix on Twitter for the latest news and announcements. Also listen to episode 27 of the Nutanix community podcast - Why Security Should Be Your First Focus

 

 

Announcements

One of the fun things about participating in an online community is developing a community identity. One way to do that is with a personalized avatar.

Read More: How to Change Your Community Profile Avatar
Labels