McAfee promises antivirus awareness for virtual desktops

As tempting as it is to just skip antivirus altogether in your VDI environment, that's just not realistic. Virtual machine security products are coming.

One of the problems with virtual desktop infrastructure is that not a lot of people talk about antivirus software. Since VDI solutions consolidate all desktop processing onto centralized servers, CPU-intensive tasks like virus scanning can really have a negative impact on the overall performance or density of an environment.

To understand this, consider how antivirus protection works in a traditional environment. You might have all of your workstations perform a full system scan once a week. Do you know what day and time that is? Do you care? Do you care if all the workstations do their scans at once? Do you care if a workstation does its scan at a different time because it was powered off when it was originally scheduled to do its scan? What about on-demand scanning? Do you care if all of your users do an on-demand scan of the same Word doc at the same time because the CEO sent out a corporate press release?

In traditional desktop environments, the answer to all of these questions is probably "No." But in VDI environments with dozens of users' desktops running on the same physical host, each of these questions requires some thought. You can't run full system scans on too many virtual machines at once, or you'll kill your host CPU and max out the I/O on your storage (both of which are very bad). You don't want 50 users on the same desktop to run an on-demand antivirus scan on the same email attachment at the same time.

But what are your options?

As tempting as it is to just skip antivirus altogether in your VDI environment, that's just not realistic in today's environment. In fact, I wrote about this a few weeks ago. But most of today's antivirus products are not "VDI-aware." In other words, they treat a virtual desktop running in a VM in a VDI environment no differently than a physical Windows desktop running on a normal desktop computer. This means that you often have many separate VMs scanning the same file over and over, and you have the overhead of running antivirus agents inside of every single VM.

More from Citrix Synergy 2010

Learn why IT shops are pushing ahead with virtual desktops 

Missed the event? Check out our Synergy 2010 reporter's notebook to catch up

At Citrix Synergy in San Francisco a few weeks ago, McAfee announced a new platform called MOVE, for "Management of Optimized Virtual Environments." You can use MOVE to offload the "work" that agents typically do inside a desktop to a dedicated security virtual appliance, including all on-demand and on-access scanning. If you're running the full McAfee client security suite, then McAfee claims that you can more than double the number of VMs that run on a specific VDI server.

MOVE is not a real product yet -- it's more of a concept that will come out in phases over the next few months. (And McAfee certainly isn't the only client security vendor working on this kind of stuff.) But I hope this means that our painful days of running antivirus in VDI virtual machines will be a thing of the past.

ABOUT THE AUTHOR
Brian Madden is an independent industry analyst and blogger, known throughout the world as an opinionated, supertechnical desktop virtualization expert. He has written several books and more than 1,000 articles about desktop and application virtualization. Madden's blog, BrianMadden.com, receives millions of visitors per year and is a leading source for conversation, debate and discourse about the application and desktop virtualization industry. He is also the creator of BriForum, the premier independent application delivery technical conference.

Dig deeper on Virtual desktop software and vendors

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchEnterpriseDesktop

SearchServerVirtualization

SearchCloudComputing

SearchConsumerization

SearchVMware

Close