Security & Mobility Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements
eomalley

Quick Facts about vGW Antivirus and IDS

by Trusted Contributor on ‎05-14-2012 09:00 AM

When it comes to vGW antivirus and IDS, we get a lot of questions about performance, signatures, and whether traffic has to be sent to an external device for inspection.

 

With vGW, both the IDS and antivirus engine signatures are housed on the vGW Security VM (SVM). The packets are not sent to an external location for processing on the antivirus engine.

 

vGW antivirus also comes in two flavors: 1) an on-access scan and 2) an on-demand scan. Think of on-access as real time with a micro agent loaded in each VM, but with the signature repository residing on the SVM.  If, for instance, a user tries to save an infected file to their VDI VM, the vGW on-access scan will intercept and quarantine the file. The on-demand option is more like point-in-time or offline antivirus. It uses a micro snapshot, scans the offline VMDK file, and then recommits the snapshot. This way, you can optionally schedule your VM scans during maintenance windows or off-peak hours to ensure that virus scanning does not negatively impact business-critical traffic.

 

Finally, the IDS engine is not inline and, therefore, firewall performance is not directly affected and the maximum throughput on any ESX/ESX(i) host in the environment is approximately 2 Gbps. The IDS processing is done on the SVM with stats rolled up for reporting to the Security Design management center. This processing can also be exported using packet mirroring or spanning to an external engine. Please note that this is only IDS and not an IPS option.

 

For more information please contact Cloud Security Sales.

Post a Comment
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
About Security & Mobility Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon

Our Bloggers

Kyle Adams
Senior Software Engineer

Profile | Subscribe

Ritesh Agrawal
Director
Software Engineering

Profile | Subscribe

Erin K. Banks
Senior Technical Marketing Manager

Profile | Subscribe

Ajay Bharadwaj
Product Manager

Profile | Subscribe

Michael Callahan
Vice President
Product Marketing

Profile | Subscribe

Scott Emo
Director
Product Marketing

Profile | Subscribe

Mora Gozani
Senior Manager
Product Marketing

Profile | Subscribe

Ashur Kanoon
Sr. Manager
Technical Marketing

Profile | Subscribe

Seema Kathuria
Manager
Product Marketing

Profile | Subscribe

Kevin Kennedy
Senior Director
Product Management

Profile | Subscribe

Dave Killion
Software Engineer

Profile | Subscribe

Rebecca Lawson
Senior Director
Product Marketing

Profile | Subscribe

Rajoo Nagar
Senior Manager
Product Marketing

Profile | Subscribe

Erin O'Malley
Manager
Product Marketing

Profile | Subscribe

Galina Pildush
Strategy & Planning
Architect

Profile | Subscribe

Edward Roberts
Director
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Ashutosh Thakur
Product Line Manager

Profile | Subscribe

Troy Vennon
Software Engineer

Profile | Subscribe

Brad Woodberg
Product Manager

Profile | Subscribe

Labels
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.