VMware VSHIELD APP 1.0 - API Manuale Utente Scaricare il pdf (Pagina 34)

Page | 34

Conclusions

As you can see vShield is very easy to setup and configure – and by relocating

the functions of AV out of the guest operating system it affords for great control

over the impact of this process. Remember though that vShield itself is not

“free”. You need resources to run each of the appliances (SVA) as well at the

two or more management consoles. We estimate that you would need to get

significant density of VMs to ESX host to both offset the license and resource

costs when compared to traditional methods of managing AV. Consider also that

introducing new method of AV is yet another set of changes on what be already

a radical departure from the existing model of delivering desktops.

Finally, you might want to review your current methods for patching and

updating ESX hosts. As you might recall the virtual appliances that make up a

vShield deployment are patch to “internal” standard switches on each hosts. Any

VM configured to such a type of vSwitch is not open for vMotion. So if you used

to using VMware’s Update Manager to automatically remediate host then

maintenance mode with fully automated DRS cluster will not work as expected.

You will find maintenance mode will get “stuck” at 2% because vMotion cannot

move the SVA to another host. The simplest way to deal with this is shutdown

the SVA once all the other VMs have been migrated to other ESX hosts in the

cluster. Do not be tempted to power down the SVA prior to carrying out

maintenance mode, as this will leave your VMs in an unprotected state. If the

SVA is powered down before the VMs it’s protecting then technically they are in

1 2 ... 29 30 31 32 33 34 35

Nessun commento

VMware VSHIELD APP 1.0 - API Manuale Utente Pagina 34