This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos for Virtual Environments Security Virtual Machines

I recently installed Sophos for Virtual Environments in my VMware ESX Cluster. I deployed a Security VM on each of my 4 ESXi nodes. I'm confused about how the architecture of this product is supposed to work and would like some clarity.


When installing the agent on my VM's you have to point it to a Security VM. What I am finding is that when I shutdown that security VM the Sophos agent no longer functions.


How does the agent leverage the other Security VM's?


Are these Security VM's supposed to be dedicated to the specific ESX host they were installed on? If I put an ESX host in maintenance mode it just vmotions's the Security VM to another host. My impression was that the Security VM was supposed to handle the AV scanning of any of the VM's on the ESX host in which it is running. This does not seem to be the case.


I can shut down all my Security VM's except the one I pointed to during the agent install and the AV still works.


Am I missing something?

 

 

Thanks



This thread was automatically locked due to age.
Parents
  • Hi,

     

    There isn't any load balancing built in to the SVE product - the Guest VMs will send the files for scanning to their assigned SVM.

     

    The SVM that a Guest VM is pointed to can be anywhere on the network, but the bandwidth must be able to support high speeds between the two nodes so that the file can be sent, scanned and the response sent back in a timely fashion, otherwise you may encounter performance issues. With the SVE product, there isn't any need for the SVM to be on the same physical host as the GVMs, although SVMs on the same physical host will respond quicker to GVMs.

     

    Hope this helps.

     

  • What is "high speeds"?

    1G/10G/40G/etc...?

Reply Children
No Data