P R O D U C T D A T A S H E E T / 1
D A T A S H E E T
AT A G L ANCE
VMware vShield Endpoint strengthens security for
virtual machines and their hosts while improving
performance by orders of magnitude for endpoint
protection. vShield Endpoint enables offloading of
antivirus and anti-malware processing to
dedicated security-hardened virtual machines
delivered by VMware partners. The solution is
designed to leverage existing investments and
allows customers to manage antivirus and anti-
malware policies for virtualized environments with
the same management interfaces they use to
secure physical environments.
KE y B EN EFITS
• Streamline and accelerate antivirus and anti-
malware deployment.
• Improve virtual machine performance and
eliminate antivirus and anti-malware bottlenecks.
• Reduce risk by eliminating agents susceptible to
attacks, and enforce remediation more easily.
• Satisfy audit requirements with detailed logging
of antivirus and anti-malware activities.
VMware vShield Endpoint
Endpoint Security for Virtual Datacenters
What is VMware vShield
Endpoint?
VMware vShield Endpoint is a unique solution that optimizes
antivirus and other host and endpoint security for use in VMware
vSphere™ 4.1 and VMware View™ 4.5 environments.
vShield Endpoint improves performance by offloading key
antivirus and anti-malware functions to a security virtual
machine, eliminating the antivirus agent footprint in virtual
machines. This advanced architecture frees up system resources,
improves performance of antivirus and anti-malware functions
and eliminates the risk of antivirus “storms” (overloaded
resources during scheduled scans and signature updates).
vShield Endpoint enhances security with a hardened, tamper-
proof security virtual machine (delivered by VMware partners)
that uses robust and secure hypervisor introspection capabilities
in vSphere, preventing compromise of the antivirus and anti-
malware service itself. Demonstrating compliance and satisfying
auditor requirements are enabled through detailed logging of
activity from the antivirus or anti-malware service.
Administrators can centrally manage VMware vShield Endpoint
through the included vShield Manager console, which integrates
seamlessly with VMware vCenter™ Server to facilitate unified
security management for virtual datacenters.
How Does VMware vShield
Endpoint Work?
vShield Endpoint protects virtual machines and their hosts
against viruses, malware and other threats. vShield Endpoint
plugs directly into vSphere and consists of three components:
1. Hardened security virtual machine
(delivered by VMware partners)
2. Driver for virtual machines to offload file events
3. VMware Endpoint Security (EPSEC) loadable kernel module
(LKM) to link the first two components at the hypervisor layer
vShield Endpoint monitors virtual machine file events and notifies
the antivirus engine, via VMware EPSEC, which scans and returns a
disposition. It also supports scheduled full and partial file scans
initiated by the antivirus engine in the security virtual machine.
VMware vShield Endpoint streamlines and optimizes antivirus and anti-malware
deployments for virtualized environments.
