My Bitdefender
  • 0 Shopping Cart

Security for Virtualized Environments Version 1.2.2 Release Notes

Security for Virtualized Environments (SVE) is the first comprehensive security solution for virtualized datacenters. The solution protects virtualized Windows, Linux, and Solaris systems, both servers and desktops. While integrated with VMware vShield, the unique architecture of the solution allows it to be leveraged when using any system virtualization offering.

This article provides information on the improvements introduced in Security for Virtualized Environmentsversion 1.2.2 (released on July 4, 2012), the list of known and resolved issues and the upgrade procedure. Starting with this new version, all references to Citrix and Microsoft environments will use the Multi-Platform attribute instead.

Overview

Version 1.2.2 is a minor update to version 1.2 (it is also referred to as Version 1.2 Update 2). This version delivers a number of minor improvements and fixes some of the known issues mentioned in Version 1.2 Release Notes.

Release Notes (VMware vShield)

New Features and Improvements

  • Added Scan network shares option in real-time scan policies. Using this option, administrators can easily specify whether or not to scan files accessed from network shares.

  • Added files and processes exclusion options in real-time scan policies. With process exclusions, any object accessed by the excluded process is also excluded from scanning. For file and process exclusions to work, Silent Agent must be installed on the virtual machine.

  • Added Disable immutable flag option in on-demand scan policies. This attribute from Linux prevents files from being changed. Implicitly, files with this attribute set cannot be disinfected or moved to quarantine.

  • Silent Agent comes pre-installed on Security Virtual Appliance and Security Console. The Bitdefender appliances installed in the environment are counted in protection statistics, but they do not add to the used license count.

  • Streamlined local installation on Windows VMs, by replacing the installation wizard with a simple dialog that closes automatically once installation is completed. User intervention is no longer required.

  • Improved usability by adding warning icons to items that require attention. Tooltips offer the necessary information.

Resolved Issues

  • Offline Scan ignores the Pause action.

This issue is no longer relevant. The Pause action has been removed from Offline Scan tasks.

  • When pausing system scans running on Linux or Solaris VMs, the task status in Security Console remains blocked to Pausing.

Known Issues

  • Security Console accepts two username syntaxes when logging in with local vCenterServer users, LocalUser and Hostname\LocalUser, but treats them as separate users. To avoid this issue, Bitdefender recommends to always use the same syntax (version LocalUser is preferred).
  • Security Console and Security Virtual Appliance might fail to boot up after deployment if the time of the ESXi host is incorrectly set to a past date. In such situations, the appliance console in vSphere Client displays fsck errors reporting that the last mount time of extended partitions is in the future. The workaround is to ignore the fsck errors by pressing the I key in the appliance console. The issue does not reproduce for subsequent reboots.

To prevent this issue, make sure the ESXi hosts in your environment are synchronized with a reliable time source. For example, with a Network Time Protocol (NTP) server.

  • Silent Agent is only available in English.

  • Offline Scan does not work when logged in to Security Console with a user that does not have administrator permission on the root vCenter Server.

  • Offline Scan does not scan LVM, SVM or GPT partitions.

  • Windows VMs going into sleep or hibernation, or booting up, might trigger Antimalware OFF notifications.

  • Some features and options are not available for Linux and Solaris VMs.

    o   Real-time scan and corresponding policy
    o   Following options in On Demand Scan and Quick Scan policies and corresponding tasks: Scan memory, Scan detachable volumes, Scan shadow copy volumes.
    o   Memory Scan task

  • Locked files can be quarantined multiple times.

  • Restoring files from quarantine does not currently work.

  • On-demand scans follow symlinks outside the specified scan target, also disregarding file and folder exclusions. If a scanned symlink references a file or folder not included in the scan target or explicitly excluded from scanning, that file or folder will be scanned and actions will be taken on detected threats.

  • If a user has configured email notifications in Security Console and changes the user password in vCenter Server, email notifications cannot be sent until the user logs in to Security Console. The workaround for this issue is to log in to Security Console immediately after changing the user password in vCenter Server.

Release Notes (Multi-Platform)

New Features and Improvements

  • Streamlined local installation on Windows VMs, by replacing the installation wizard with a simple dialog that closes automatically once installation is completed. User intervention is no longer required.

  • Improved usability of the SVE appliances’ CLI configuration scripts: update server port is filled in automatically and dhcp client is killed automatically when saving static IP settings.

  • Security Console user interface and help files are now available in German, Spanish and French.

Resolved Issues

  • Silent Agent will not install in custom Unicode paths.

This issue is no longer relevant. The local installation wizard, which allowed configuring the installation path, has been replaced with a simple dialog that closes automatically once installation is completed.

  • In some cases, when scanning for rootkits on Windows XP clients, epcsrv will take a lot of CPU resources.

  • In Security Console policy settings, if the custom profile is first set to scan all files for local and network scan and then changed to User defined extensions, the extensions field does not appear.

Known Issues

  • Multi-platform Silent Agent does not currently support Solaris.

  • Silent Agent is only available in English.

  • When manually removing Silent Agent from virtual machines, they do not disappear from Security Console. The workaround for this issue is to run the Uninstall quick task from the Computers page on those VMs.

  • Some managed virtual machines might also appear as unmanaged, but with different IPs.

  • If the Silent Agent daemons are stopped on Linux clients and an Uninstall task is run from Security Console, clients are removed from console, but Silent Agent is not.

  • Some formatting issues might appear in policy settings windows.

Upgrade

For information on upgrading from a version prior to 1.2, refer to this KB article.

To upgrade from version 1.2.x, follow the information provided hereinafter. You need to upgrade both the SVE appliances and agents.

Upgrading from version 1.2.x (VMware vShield)

Upgrade can be performed from Security Console:

1.       Prerequisite: Check that all Security Virtual Appliance instances installed in your environment are up and running and that they communicate with the Security Console appliance. For example, appliances must be powered on.
2.       Connect to Security Console via HTTPS.
3.       Go to the Computers > Security VMs page. You can see that updates are available for installed appliances.
4.       Click the Update link corresponding to the Security Console appliance to upgrade all installed appliances.
5.       Wait for all appliances to be upgraded.
6.       If you have deployed Silent Agent on virtual machines, go to the Computers > Silent Agents page to upgrade them.

a.      Select all VMs listed in the table.
b.      Click Actions and choose Upgrade Silent Agent.

Upgrading from version 1.2.x (Multi-Platform)

The upgrade procedure requires manually updating each installed appliance from the command line interface of each virtual machine.
Upgrade can be performed by following these steps:

1.       Upgrade Security Console by running the following commands in the appliance’s CLI:

$ apt-get update
$ apt-get install bitdefender-web-server


2.       Upgrade Security Virtual Appliance by running the following commands in the appliance’s CLI:

$ apt-get update
$ apt-get install bitdefender-scan-server


3.       Windows Silent Agent is automatically upgraded during regular update process. Linux Silent Agent must be upgraded by reinstalling it using the new packages available in the upgraded Security Console version. For more information on installing Linux Silent Agent, refer to the Administrator’s Guide.