I was talking to Roly from MPA last week and he mentioned McAfee’s MOVE AntiVirus which is designed for VDI environments. The key point which grabbed my interest is that the scanning is done by an appliance on each virtualisation host, not within each desktop VM (although a light-weight agent is installed within each VM). McAfee call this “hypervisor-native detection”.
I consider antivirus to be a necessary evil along the lines of paying taxes; you’re tempted not too, you know you could be so much better off….. but if you are found out the consequences could be massive and include a public execution. Well, maybe I’m exaggerating, but you get the point. I have seen antivirus cause numerous issues in XenApp farms and one of my standard practices is to ensure the antivirus configuration meets Microsoft and Citrix best practices (Symantec also provide a good best practise whitepaper). In a large XenApp 6 project last year we did not install antivirus on the XenApp servers as it we determined sufficient risk mitigation was provided by:
Deptive - Commercial Bay
11-19 Customs Street West St
Commercial Bay Tower, Level 17, Room 1715
We also have a virtual office in Wellington.
0800 000 141
PO Box 34797,
Birkenhead, Auckland 0746