How to protect virtual machines with GravityZone Security for Virtualized Environments integrated with vShield

Bitdefender GravityZone provides full visibility into organizations' overall security posture, global security threats, and control over its security services that protect virtual or physical desktops, servers and mobile devices. All Bitdefender's Enterprise Security solutions are managed within the GravityZone through a single console, Control Center, that provides control, reporting, and alerting services for various roles within the organization.

This article provides details about how to protect virtual machines with GravityZone Security for Virtualized Environments integrated with vShield.

Overview

To protect your virtual machines with Security for Virtualized Environments integrated with vShield from GravityZone, you must install the security virtual appliance (Security Server) on each host (ESXi) to be protected. All virtual machines on a host are automatically connected via vShield Endpoint to the Security Server instance installed on that host. For VMware environments with vShield Endpoint, you can deploy Security Server on hosts exclusively via installation tasks from Control Center (web console).

Security Server is a dedicated virtual machine that de-duplicates and centralizes most of the antimalware functionality of antimalware clients, acting as a scan server.

Security for Virtualized Environments can integrate with VMware vShield Endpoint to provide agentless protection for Windows virtual machines. All virtual machines on a host are automatically connected via vShield Endpoint to the Security Server instance installed on that host. Optionally, you can deploy Bitdefender Tools on Windows virtual machines to take advantage of the additional functionality it provides:

  1. Allows you to run Memory and Process Scan tasks on the machine
  2. Informs the user about the detected infections and actions taken on them

Bitdefender Tools can be installed on the target virtual machines either by deploying it from the Control Center or by downloading the required installation package from Control Center and running it manually on each virtual machine.

Bitdefender has extended the module that protects Linux machines not supported by vShield by installing the Bitdefender Tools agent on each Linux virtual machine.

Before installing Security for Virtualized Environments integrated with vShield in your network, please make sure that the following conditions are fulfilled:

  1. The vShield Manager appliance is deployed in your vCenter and vShield Endpoint is installed on every ESXi hypervisor.


     
  2. The vShield driver is installed on every virtual machine.


     

Installing Security Server in VMware Environments integrated with vShield Endpoint

  1. Log in to Control Center.
  2. Go to the Network page.
  3. Choose Virtual Machines from the service selector.
  4. Select the datacenter or folder containing the host on which you want to install the Security Server from the left-side pane. All the hosts and clusters from the selected location are displayed in the right-side pane table.
  5. Select the check box corresponding to the host on which you want to install the Security Server.
  6. Click the Tasks button at the right-side of the table and choose Install Security Server.
  7. Choose Configure each Security Server differently and click Next.
  8. Define vShield credentials and click Next.
  9. Enter a suggestive name for the Security Server.
  10. Configure the Security Server settings according to your environment.
  11. Click Save to create the task. A confirmation message will appear.

For more information regarding to Security Server Installation in VMWare environments integrated with vShield Endpoint, refer to this KB article.

Note:
The Security Server and Bitdefender Tools packages are not included by default in the GravityZone appliance.

  • The company administrator can configure the Security Server package required for your environment to be automatically downloaded when a Security Server installation task is launched.
  • Another option for this situation is to notify the company administrator about the missing image instead of downloading it, and the installation will not proceed. In this case, the company administrator will have to manually download the required packages from Configuration > Update > Product Update in Control Center. The administrator should also download Bitdefender Tools (vShield-integrated) for Windows and Linux machines.

Installing Bitdefender Tools using Installation Tasks

To remotely install Bitdefender Tools on one or several detected virtual machines:

  1. Log in to Control Center.
  2. Go to the Network page.
  3. Choose Virtual Machines from the service selector.
  4. Select the desired group from the left-side pane. All virtual machines from the selected group are displayed in the right-side pane table.
  5. Apply filters to display unmanaged virtual machines only. Click the filters button and select the following options in each category: Unmanaged, Show all VMs recursively and Show all VMs.
  6. Select the check boxes corresponding to the virtual machines on which you want to install protection.
  7. Click the Task button at the right-side of the table and choose Install client. The Bitdefender Tools Installation window is displayed.
  8. Configure the Bitdefender Tools settings according to your environment.
  9. Under the Credentials tab, specify the administrative credentials required for remote authentication on selected computers. If you have not already defined the credentials in the Credentials manager, add the required administrator accounts as follows:
    1. Enter the user name and password of an administrator account for each of the selected virtual machines in the corresponding fields. Optionally, you can add a description that will help you identify each account more easily.
      • If virtual machines are in a domain, it suffices to enter the credentials of the domain administrator.
      • Use Windows conventions when entering the name of a domain user account (domain\\user).
    2. Click the corresponding Add button. The new account is added to the credentials manager.
    3. Select the check box corresponding to the account you want to use.
  10. Click Save. A confirmation message will appear.
  11. You can view and manage the task on the Network > Tasks page.

Installing Bitdefender Tools using Installation Packages

To install Bitdefender Tools manually using an installation package:

  1. Log in to Control Center.
  2. Go to the Network > Packages page.
  3. Click the + button at the right side of the table.
  4. Choose Bitdefender Tools and create a custom Bitdefender Tools package.
  5. Select the check box of the Bitdefender Tools Package created above.
  6. Click the Download button at the right side of the table and select the version of Bitdefender Tools for vShield to install according to your virtual environment. Depending on your browser settings, the file may be downloaded automatically to a default download location.
  7. Run the installation package on the target virtual machine.

Note: Bitdefender Tools for vShield package can be installed manually only on Windows machines. For Linux machine only the remote installation method is supported.


Rate this article:

Submit