Deploying the Symantec Security Virtual Appliance with vShield

IT

Deploying the Symantec Security Virtual Appliance with vShield

With a VMware infrastructure, one application that can add a large amount of footprint on an environment is the antivirus solution. Since many of the operating system files in a VMware environment, particularly VMware Horizon View, are redundant, one of the best ways to reduce the impact of an antivirus solution is by utilizing VMware vShield Endpoint to offload virus scanning activities to a centrally managed solution. In Symantec’s case, this solution comes in the form of a security virutal appliance. This article explains how to install the Symantec Security Virtual Appliance in a VMware environment.

This article is the third part of a series regarding deploying vShield with Symantec Endpoint Protection for VMware Horizon View:

  1. How To Deploy OVA / OVF Template Using VMware vSphere Client
  2. How to Configure VMware vShield Manager and vShield Endpoint
  3. Deploying vShield with the Symantec Security Virtual Appliance
  4. Exporting a Policy from Symantec Endpoint Protection Manager
  5. Configuring a SEPM Policy for vShield and Symantec SVA
  6. How to install EPSEC Drivers for vShield

Prerequisites for Installing the Symantec Security Virtual Appliance

Before continuing the installation, it is always a good idea to verify the SVA has compatibility with your existing VMware environment.

http://www.symantec.com/business/support/index?page=content&id=HOWTO81081
http://www.symantec.com/business/support/index?page=content&id=TECH163829

Environmental Variables

For the deployment of the Symantec Security Virtual Appliance in this guide, I had the following environmental variables:

  • vSphere 5.5
  • ESXi 5.5
  • Symantec Endpoint Protection Manager 12.1.4 MP1
  • vShield Endpoint 5.1.0-01255202
  • VMware vShield Manager 5.5.2 1912200

Note: Although the first version of Symantec Endpoint Protection Management to support the Symantec SVA is SEPM 12.1.2, be sure to upgrade SEPM to 12.1.4 if you are deploying SVA to a VMware 5.5 environment. Otherwise, the security virtual appliance will not be able to check in to SEPM.

Files Needed for SVA Installation

To begin installation of the Symantec Security Virtual Appliance, four files will be needed for the installation. I recommend copying all of these files to a central location for deployment:

  • SVA_InstallSettings.xml
  • Symantec_SVA_Install.jar
  • Symantec Endpoint Protection Security Virtual Appliance
  • Sylink.xml

Both SVA_InstallSettings.xml and Symantec_SVA_Install.jar can be found in the Symantec Endpoint Protection Manager Installation folder under
Installation folderVirtualizationSecurityVirtualAppliance.

Note: These files should be pulled from your version of SEPM, in this case 12.1.4. If you have an older copy of SEPM installation laying around on a file server, these files may not be compatible with your version.

 

To acquire the OVA for the Symantec Security Virtual Appliance, log in to https://fileconnect.symantec.com.

 

Located the virtual appliance. In the photo below, the newest version available is Symantec_Endpoint_Protection 12.1.2_Security_Virtual_Appliance_ML.ova.

 

To acquire the sylink.xml file, you will need to export a Symantec Endpoint Policy. For a VDI infrastructure, it is recommended to make a specific policy for the virtual machines. This policy does not need to be configured yet. If you do not have a policy for the virtual machines, now is a good time to create one – before exporting the configuration.

See the following article on how to export a policy from SEPM:

https://www.interworks.com/blogs/ijahanshahi/2014/08/05/exporting-policy-symantec-endpoint-protection-manager

 

Modifying Configuration Files to Install the Symantec Security Virtual Appliance

Communications File

By default, the SVA will communicate utilizing port 8014. Although you can adjust this to port 80, in SEPM 12.1.4, there is currently a glitch that will not allow the SVA to check-in if you changed the port to port 80. The fix for this issue is expected in SEPM 12.1.5.

Additionally, modify the name from of the exported configuration to sylink.xml.

 

SVA Installation File

Next, modify the SVA_InstallSettings.xml file. Since you will need to deploy an SVA for every ESX/ESXi host, I recommend making an individual SVA_InstallSettings file for each host to avoid conflicts with the hostname or static IP settings.

Enter in the vCenter Server IP address for deployment. If you have multiple vCenter servers, enter in the vCenter that is managing the ESX/ESXi hosts that will have SVA deployed on them.

 

Enter in the IP address for vShield Manager. If the Symantec_SVA_Install.jar is not compatible with the versions of ESX/ESXi in the environment or the file is corrupt, you will receive an error that the password is incorrect.

 

For the path to the OVA, enter in the full path to avoid any issues.
For example: C:VirtualAppliance12.1.2_Security_Virtual_Appliance_ML.ova

For the for ESX/ESXi IP address, enter in the IP address on which you plan to deploy the SVA. For our use case, this will be on the host that houses our virtual machines for the VMware Horizon View deployment.

 

For the hostname, I recommend using a naming convention that relates to your host.

 

Installing the Symantec Security Virtual Appliance

Once all the configuration files have been configured, via the install guide you will need to run the following with Java 7 or above:

Java –jar Symantec_SVA_Install.jar –s FullpathSVA_InstallSettings.xml

In my example, since java.exe is not a valid executable, I navigated to my java directory. On a x64 bit system, by default, this will be located in
C:Program Files Javajre7bin.

Once the installation commences, the following prompts will appear:

  • vCenter password
  • vShield Manager password (use the web login password)
  • Set the admin user password for the SVA
  • Re-enter the admin user for the SVA
  • Select an available datastore
  • Select a VM network

 

Once the SVA has been installed, verify that the installation has been completed by checking the vShield Manager. Click on the individual host to verify that the vShield Endpoint solution has been installed.

 

Next, verify within Symantec Endpoint Protection Manager that the Security Virtual Appliance is checking in properly. To do this, click on
Monitors > Security Virtual Appliance.

 

The Symantec Security Virtual Appliance has been successfully installed.

The next article in the seres explains how to export a policy from SEPM, to be able to install SEPM agents on a virtual machine for the anti-virus policy being used. If you have already completed this step, visit the Configuring a SEPM Policy for vShield and Symantec SVA article to begin configuring SEPM.

 

Resources Used:

More About the Author

Ideen Jahanshahi

Solutions Architect
Veeam NAS Backup: Integrating with Dell EMC Isilon Those of us who have been in the backup realm a long time remember when Veeam Backup and Replication (Veeam B&R) was one of the top ...
The InterWorks Approach to Great Consulting: Part 3 If you’ve been following along, you know that this blog miniseries is all about dissecting the shared traits that some of my most ...

See more from this author →

InterWorks uses cookies to allow us to better understand how the site is used. By continuing to use this site, you consent to this policy. Review Policy OK

×

Interworks GmbH
Ratinger Straße 9
40213 Düsseldorf
Germany
Geschäftsführer: Mel Stephenson

Kontaktaufnahme: markus@interworks.eu
Telefon: +49 (0)211 5408 5301

Amtsgericht Düsseldorf HRB 79752
UstldNr: DE 313 353 072

×

Love our blog? You should see our emails. Sign up for our newsletter!