Network Computingwww.networkcomputing.com

Trend Micro Releases VDI-Aware Endpoint Security

Posted by Neil Roiter
June 07, 2010

Tags: AV, OfficeScan, Trend Micro, VDI

Channel: Security, WAN Security, Data Center

Trend Micro's first virtualized desktop infrastructure (VDI)-aware version of its flagship OfficeScan endpoint security product addresses performance issues associated with signature updates and scanning operations for virtual desktops. OfficeScan 10.5, which is included as part of Trend Micro Enterprise Security, is designed to reduce resource contention on VDI hosts, as multiple users require signature updates several times a day. The issue is particularly acute first thing in the morning as users log in for the day and receive updates. Further, full scheduled scans--typically once per week--put a heavy load on endpoints. In a VDI environment, scanning multiple VMs concurrently exacerbates the problem and can slow or even crash the VDI host.

The new OfficeScan release can determine whether an endpoint is physical or virtual and manage it accordingly. It serializes updates and scans, controlling concurrent activity and consequently managing network resources. As a result, Trend says enterprises can manage more VMs per host, improving the cost benefit of moving from a physical to VDI environment. OfficeScan 10.5 also improves performance by pre-scanning and white-listing VDI base images, obviating the need for scanning unchanged files.

"This is a good starting point for security management on virtual desktops," says Paul Roberts, senior analyst for the 451 Group. "It's basic blocking and tackling. We need to do some traffic management around doing scans or updating signatures so we're not, in effect, DoS-ing the system." While VDI deployments are relatively rare, Roberts anticipates increased adoption in the next five years.

Enterprises are considering VDI to improve operational efficiency and control over end users by managing and distributing a single instance of "gold" endpoint images from VDI servers. There are also security benefits. While a VDI user is just as susceptible to malware infection as the physical desktop user, a compromised virtual endpoint can be "fixed" by simply restoring a fresh VDI image. Additionally, there's less risk of data breaches when laptops are lost or stolen. Network Computing tested eight VDI platforms in our real-world labs. You can find all the reviews here.

OfficeScan 10.5 is compatible with Windows 7. Trend Micro says that management is more scalable, allowing more than 20,000 endpoints to be managed from a single server, compared with 8,000 previously. OfficeScan 10.5 is expected to be available in late July. Pricing at the 1,001-seat level is $20 per user and $8 per user for VDI-aware capability.

Related Reading

More wan-security Insights