Although the paper is written for VMware View, there is a lot to be learned from it for other desktop virtualization solutions using ESX.
Desktop virtualization is a transformative platform technology that can deliver cost-effective, manageable network and desktop access to workers with diverse computing needs. However, with security threats becoming more sophisticated, more frequent, more targeted, and potentially more profitable to those who seek to inflict damage, IT administrators must increase their vigilance and find security solutions for the virtual desktop environment. Solutions such as log analysis, host-based intrusion-prevention system (HIPS) technology, firewalls, and antivirus software need to evolve and adapt to desktop virtualization. This paper focuses on the best practices for protection against viruses in the VMware View™ 5 virtual desktop environment. Antivirus software is one of the largest segments in today’s computer security market. Nearly every enterprise deploys antivirus software on every desktop. As services such as security, mobility, access control, and line-of-business applications are all rolled up into the datacenter or cloud, antivirus practices need to be rolled up as well. The typical top-down virus scanning model involves desktop antivirus scanning and signature file updates, with access to an auto-update server. During these operations, it is not uncommon for system resource usage to spike or become overly committed. Performance in the desktop environment is severely impacted by these “antivirus storms.”
With VMware View, you can examine the system bottleneck during an antivirus storm, when virus scanners are running at the same time as users are accessing virtual desktops. Antivirus storms can cause 100% saturation in shared compute (CPU) and SAN/NAS (storage I/O) environments. In addition, the memory footprint is significant when antivirus software is installed on each virtual machine. Traditional antivirus agents are resource-intensive and not optimized for highly utilized, efficient clouds.
Antivirus storms can defeat the cost-cutting achievements of a virtual desktop implementation. To answer the need to eliminate antivirus storms and to maximize performance and consolidation ratios in the virtual desktop environment, VMware offers a solution.