Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 8644 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Server Endpoint v Virtual Environment Protection for single VM environments

sL4sha

Hi,

 

So im trying to weigh up if its worth installing the VM server and agent on our virtual servers.

Most of our environments consist of either a host and single VM or a DC/File/Print and then an app sever running as a VM in Hyper-V.

Would having another VM installed to handle the scanning load in Hyper-V be worth it over the endpoint installed? in single VM environments? thus far we have had no issues with running the standard server endpoint on our VM's.

 

Thanks,

sL4sha



This thread was automatically locked due to age.
  • 0

    Hello sL4sha,

    I'm not an SVE expert but the main advantage of a dedicated Security VM is that it maintains a collective cache of files scanned and thus helps to avoid redundant scanning by guest VMs. Of course this has only an effect if the guests it serves access a sufficient number of identical files. To leverage this an SVM would have to serve several guests.
    Please also note that the scanning engine is the same, scanning by a SVM would not be "better" than the standard AV (on the contrary, you can potentially use more features with the latter).

    Christian

  • +2

    Hello  

    The superb thing about Sophos Server Protection licenses is the ability to mix and match between Standard and Advanced on Sophos Central. 

    So you can get Advanced licenses for your more critical servers for the extra features and use standard for those that are more restricted. Also you can use the entitlement to run the full agent or install Sophos for Virtual Environments on your Guest VMs.

    In your case I think running the full agent on the single Guest VM environment would be sufficient. As you alluded to, what SVE does offer is low footprint on the Guest VMs as the updates only go to the SVM, which again is a low resource VM. But as you only have one GVM on each host the resources are not as restricted. 

    Would you every think of consolidating all your VMs to a few hosts? 

    SVE 1.2 coming in mid Feb, there will be failover capabilities, which would be beneficial if you have a lot of GVMs spread over a few hosts and SVMs. They will connect to another SVM to get the protection automatically if the original SVM is down. so if you were to consolidate all your VMs this is when SVE would be very beneficial.

    thanks 

    Mark 

     

Unfiltered HTML