Page | 7
Additionally, the vShield Endpoint system requires a driver that’s now installed
as part of VMware Tools, if you use complete it will be installed and if you use
“Custom” you have the option to install under +VMware Device Drivers, + VMCI
Driver and “vShield Driver”. We would recommend incorporating it into your
templates and parent VMs for linked clones. The vShield Driver is often
supplemented with what’s referred to as vendor’s “Silent Agent” and is available
to download from the 3
rd
party vendors website. For example Bitdefender has
both 32-bit and 64-bit Silent Agents available for Windows.
Note: The build number shows we are within the requirements within the virtual desktop. Incidentally, the
vShield Appliance obliviously uses VMware Tools – but VMware’s own “Quick Start” guide indicates you should
leave those well alone and not attempt to upgrade them. This driver was included in VMware Tools relatively
recently – occasionally you will some vendor documentation that talks about the “Thin Driver” or the “Thin
Agent” needing to be installed. That’s a little out of date, as since vSphere5 this is now include this as part of
VMware Tools and is now referred to as the vShield Driver. In previous version of vShield the driver was SCSI
based, and only worked with the LSI Controller inside a VM, and this cause implementation problems with
guest operating systems that default to different controller types such as Windows 2000 defaults to using a
BusLogic Driver. Starting with vShield 5.0, VMware switched to using their Virtual Machine Communication
Interface (VMCI) model. Initially, VMCI was meant to allow for direct VM to VM communication without the
need for conventional TCP networking. In new versions of VMCI the intention is just to allow for secure
communication between the host and the VM. The main purpose of this driver is to allow for scanning of the
VM’s virtual disk via the third-party vendors appliance. This driver is no long distributed along side the
download for vShield (as it was in vShield 1.0) as its now included in VMware Tools.
The end-point driver is called vsepflt.sys is a File System Filter Driver (FSFD) and does not run as service. If
you want to check that it is installed and present you can use “fltmc” to confirm it is loaded. This FSFD uses
VMCI to speak to the ESX module inside the hypervisor – and the ESX module is silently installed in turn by
using the vShield Management Console to all the hosts that will support vShield Endpoint functionality.
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce