Virtual server and antivirus question

kujayhawk93kujayhawk93 Member Posts: 355
We have started building several virtual servers here at work to handle a myriad of different services and applications. We use Trend Micro's suite of enterprise-wide antivirus products to protect all of our servers and workstations. My question is this: if one physical server is hosting 3 virtual servers, does the antivirus software need to be installed within each virtual server, or will just having it installed on the physical server suffice? I'm pretty sure I know the answer (it needs to be installed on each virtual server, AND on the physical server), but was wanting some factual reasons why.

Thanks in advance!

Comments

  • SieSie Member Posts: 1,195
    Each Virtual Machine.

    As im assuming you will have these setup in bridged mode for their own IP on network thus they will each be 'classed' as a seperate machine.
    Foolproof systems don't take into account the ingenuity of fools
  • SlowhandSlowhand Mod Posts: 5,161 Mod
    You'll need to treat each server as if they were a real, physical machine with an OS installed on them. The reason for it is because, in essence, that's what they are. Whether the servers live on the physical server or they are installed on physical boxes and tucked away into a server closet, they still behave the same way from the standpoint of software. The host machine only hosts the virtual hardware for the other three servers; as far as the outside world is concerned, there are four machines, total. If the AV software is only installed on the host machine, it won't protect the three virtual servers any more than if had four physical machines and only installed AV software on one of them.

    Free Microsoft Training: Microsoft Learn
    Free PowerShell Resources: Top PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    Yes, on each machine. As far as your network is concerned, it's 4 separate Windows installations.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • kujayhawk93kujayhawk93 Member Posts: 355
    Thanks for all the input, good to know that my insticts were correct. What I was getting hung up on was the fact that even though each virtual server is in essence a separate machine, the files that comprise the virtual server still live on the physical server, which is already protected. I'm still relatively new to virtual servers, so I wasn't sure how the OS breaks each server out. Is each virtual server its own separate, encapsulated entity, or do they all share system files on the physical server as well?
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    I'm still relatively new to virtual servers, so I wasn't sure how the OS breaks each server out. Is each virtual server its own separate, encapsulated entity, or do they all share system files on the physical server as well?

    The Virtual Server host (the machine on which you install the Virtual Server software) enables an environment under which you can run a number of virtual machines. They do not share a disk filesystem with the host machine, though they can share CD drives and floppy drives. On the filesystem of the host machine, there is a .vhd file (a virtual hard drive) and a config file. This disk file is attached to the virtual machine.

    The rest of the "hardware" within each virtual machine borrows resources from the host machine. Each machine shares the server's CPU and memory. The network adapter can either be shared with one of the host server's adapters (and thus participate on your physical network) or a virtual internal network adapter that uses a shared internal network only visible to your virtual machines.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • kujayhawk93kujayhawk93 Member Posts: 355
    blargoe wrote:
    The Virtual Server host (the machine on which you install the Virtual Server software) enables an environment under which you can run a number of virtual machines. They do not share a disk filesystem with the host machine, though they can share CD drives and floppy drives. On the filesystem of the host machine, there is a .vhd file (a virtual hard drive) and a config file. This disk file is attached to the virtual machine.

    The rest of the "hardware" within each virtual machine borrows resources from the host machine. Each machine shares the server's CPU and memory. The network adapter can either be shared with one of the host server's adapters (and thus participate on your physical network) or a virtual internal network adapter that uses a shared internal network only visible to your virtual machines.
    Thank you, it's much clearer now!
Sign In or Register to comment.