Install vShield Endpoint Driver in a Guest (VM) for Deep Security Agentless Protection

In this post i am going to show you how to install vShield Endpoint Driver on a Virtual Machine. Which you want to protect with Deep Security agentless protection.

Important NOTE:

  • In vCNS only windows are supported for Agentless protection for Antimalware module. You need to install agent for other modules protection (IPS/Firewall etc.
  • There is no support available for agentless protection in Linux Guests (VMs). you have to install Deep Security agent in it to protect the linux Guests.

Guest OS Supported for vShield Agents.

To use vShield Endpoint Thin Agent, ensure the guest virtual machine is installed with a supported version of Windows. The versions of the Windows operating systems that are supported for vShield Endpoint are available at following VMware KB 1036847

Install the VM Tools with vShield Endpoint Driver.

NOTE: The vShield Endpoint driver is available within VMware Tools. by default vShield Drivers are not installed during the installation of VMware Tools.

Select the VM from the Vcenter – Right Click – Guest –  Install\Upgrade VMware Tools.

DS-vCNSConf-12

Launch the VMware Tools installer and select to perform an Interactive Install.

DS-vCNSConf-13

During VMware Tools installation, select the Full or Custom setup type.

DS-vCNSConf-15

If you selected “Custom”, expand VMware Device Drivers->expand VMCI Driver– >select vShield Drivers (vShield Endpoint Thin Agent, Guest Introspection Thin Agent, or NSX File Introspection Driver) and choose Install to local hard drive or this feature will be installed on local drive

DS-vCNSConf-06

After the installation has completed, click yes to restart the machine.

Verify the vShield Driver Status

When VM comes after reboot. Log in to VM and Go to system information or run msinfo32 on command prompt.

Make sure “vmci (VMware VMCI Bus Driver)” and “vsepflt (vFileFilter)” Should be in running state.

DS-vCNSConf-07

NOTE: Use the same process to install the vShield Endpoint driver on all the Guest VMs  (which you want for agentless protection)  under ESXi hosts prepared in previous step.

 

 

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s