2009-03-24 05:59 AM
Open question...how are you addressing the anti virus operations in VDI world, specially as your environment scales to 1000s of VMs?
I blogged about this topic a few months back and want to make this an open ended discussion to help the community.
2009-03-24 09:06 AM
We have an AV client installed on each VM. This wastes a lot of I/Ops but it makes the auditors happy. Looking into a 'white list' based application so that only approved apps run. This should keep out the malware and zero day attacks but we have many boxes to 'tick' before the auditors sign off on the solution and not sure if it would stop Net-Worm.Win32.Kido.
2009-03-24 06:11 PM
What I like the most right now is....
Of course, how well this flies in each organization is another question. :-/
From an auditing perspective, while AV protects against a lot of threats it also doesn't protect against many threats (at least once you're into zero-day stuff and/or the theoretical side of it....<insert discussion around problems with signature-based protection here>).
It would be very fantastic if someone had quantifiable numbers on the impact of an AV client on VDI consolidation ratios though (i.e. got "xx" VDI VM's on an ESX host without <insert AV brand name here> but it dropped to "xx" VDI VM's once we added it in).