Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Do I need antivirus for VDI deployments?

Virtual desktop environments aren't immune to viruses and malware, so it's important to have an antivirus tool and strategy in place before your deployment gets infected.

Deploying VDI should change your antivirus strategy, but it won't eliminate the need for AV. New viruses are just...

as effective on virtual desktops as they are on physical ones.

Antivirus for virtual desktop environments can be a source of frustration. The battle against viruses is one where success often comes at the cost of desktop and server performance.

When you deploy VDI, you may wrestle with the decision about whether or not to deploy AV on virtual machines (VMs). It's tempting to think that because you can wipe and recompose the VMs, you don't need antivirus, but that couldn't be further from the truth.

How to integrate antivirus with your VDI deployment

First, consider your response plan. When you suspect an infection on physical desktops, you probably run a scanning process that is time-consuming for you and disruptive for users. With virtual desktops, the response plan should include immediately re-homing the VM to a dead-end virtual network, if you want to isolate and identify the virus. If you don't want to ID the virus, simply delete the VM and reassign the user.

Don't let the VM live on your production LAN any longer than it must, and help users get back to work as soon as you can. The better your profile abstraction strategy, the easier it is to deal with viruses; using non-persistent desktops makes virus response simpler.

Secondly, consider using different antivirus tools for your VDI deployment. Never install AV on the VMs themselves, and look for tools that scan inline as I/O occurs on the VM. This gives you the benefits of AV without adverse effects on performance.

Still don't think that's enough? Me neither. Beef up the perimeter of the network, and focus on multiple layers of protection with disparate scanning engines. These aren't new strategies, but preparing for AV in a VDI deployment lets you revisit and reinforce strategies that may have fallen by the wayside.

This was last published in October 2014

Dig Deeper on Virtual desktop management

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Which antivirus products and strategies do you use to defend your VDI deployment?
Cancel

-ADS BY GOOGLE

SearchEnterpriseDesktop

SearchServerVirtualization

SearchCloudComputing

SearchVMware

Close