How to Configure VMware vShield Manager and vShield Endpoint

IT

How to Configure VMware vShield Manager and vShield Endpoint

When deploying a virtualized desktop environment, virtual machines are deployed from a golden template. This allows the management from a central image that is shared across a group of virtual machines. If a traditional anti-virus solution were to be deployed in a virtual desktop environment (VDI), there is a lot of redundancy when scanning a machine. This has the potential to add a significant amount of unnecessary load to the entire VDI environment. In some cases, anti-virus solutions have the potential to take down entire virtual desktop infrastructures.

What is vShield Endpoint?

To address this issue and optimize the use of available resources, one can deploy VMware vShield Manager to deploy vShield Endpoint to each individual host. VMware vShield Endpoint offloads virus-scanning activities from each virtual machine to a secure virtual appliance that has a virus-scanning engine and the antivirus signatures. This article explains how to configure VMware vShield Manager.

To find more information on vShield Endpoint, see the following datasheet from VMware:

http://www.vmware.com/files/pdf/products/vShield/VMware-vShield5-Endpoint-Datasheet.pdf

This article is the second part of a series explaining how to deploy vShield with Symantec Endpoint Protection for VMware Horizon View:

  1. How To Deploy OVA / OVF Template Using VMware vSphere Client
  2. How to Configure VMware vShield Manager and vShield Endpoint
  3. Deploying vShield with the Symantec Security Virtual Appliance
  4. Exporting a Policy from Symantec Endpoint Protection Manager
  5. Configuring a SEPM Policy for vShield and Symantec SVA
  6. How to install EPSEC Drivers for vShield

Configuring vShield Manager

If you have not deployed the OVA / OVF template for VMware vShield Manager, see the following article:
http://www.interworks.com/blogs/ijahanshahi/2014/08/06/how-deploy-ova-ovf-template-using-vmware-vsphere-desktop-client

Once the OVA / OVF template has been deployed for vShield Manager, open up a console session to the newly deployed virtual machine. In the newer versions of vShield Manager, the credentials for the admin and the admin CLI will be configured upon deployment of the virtual appliance. If an older version of vShield Manager has been deployed, the default credentials will be:

Username: admin
Password: default

Note: If the system start has not completed, the appliance has not fully booted up. Just wait a few moments and try again.

Once logged in, elevate permissions. Type in enable. Use the CLI Privilege Mode password. Type in setup to begin configuring the vShield Manager.

Once the configuration has been saved, VMware vShield Manager will now be accessible from a web browser.

By default, the web admin login will be:

Username: admin
Password: default

Once logged into vShield, configure the vCenter server and the Lookup Service.

If you have multiple vCenter servers, add the vCenter server containing the ESXi hosts where you will be deploying vShield Endpoint Manager.

Once the server has been added, you may be prompted to verify the authenticity of the host. Click yes to add the vCenter server.

Once vCenter has been added, add the lookup service host.

Once these options have been configured, vShield Endpoint can be deployed to the ESXi hosts.
 

Deploying vShield Endpoint

Once vCenter has been added to vShield Manager, navigate down to each ESXi host. Click the Install link to select the services that are to be installed or upgraded.

Note: You must manually deploy vShield Endpoint on each ESXi host.

In the next window, check what services will be installed/upgraded, such as vShield Endpoint.

Once confirmed, vShield Manager will notify you that it is installing the service modules. If desired, you can monitor the progress of the installation in vCenter.

Once the installation has completed, vShield Endpoint should now display as being installed on the ESXi host.

Once vShield Endpoint has been successfully deployed, a Security Virutal Appliance can be deployed in the environment. To view how this can be done with Symantec’s Security Virtual Appliance, see the next article in the series. Deploying the Symantec Security Virtual Appliance with vShield

Source(s) Used:
VMware vShield Endpoint, http://www.vmware.com/files/pdf/products/vShield/VMware-vShield5-Endpoint-Datasheet.pdf. Accessed July 15, 2014.
vShield Installation and Upgrade Guide, http://www.vmware.com/pdf/vshield_55_install.pdf. Accessed July 16, 2014.

More About the Author

Ideen Jahanshahi

Solutions Architect
Veeam NAS Backup: Integrating with Dell EMC Isilon Those of us who have been in the backup realm a long time remember when Veeam Backup and Replication (Veeam B&R) was one of the top ...
The InterWorks Approach to Great Consulting: Part 3 If you’ve been following along, you know that this blog miniseries is all about dissecting the shared traits that some of my most ...

See more from this author →

Subscribe to our newsletter

  • I understand that InterWorks will use the data provided for the purpose of communication and the administration my request. InterWorks will never disclose or sell any personal data except where required to do so by law. Finally, I understand that future communications related topics and events may be sent from InterWorks, but I can opt-out at any time.
  • This field is for validation purposes and should be left unchanged.

InterWorks uses cookies to allow us to better understand how the site is used. By continuing to use this site, you consent to this policy. Review Policy OK

×

Interworks GmbH
Ratinger Straße 9
40213 Düsseldorf
Germany
Geschäftsführer: Mel Stephenson

Kontaktaufnahme: markus@interworks.eu
Telefon: +49 (0)211 5408 5301

Amtsgericht Düsseldorf HRB 79752
UstldNr: DE 313 353 072