In particular, the overhead of running multiple concurrent antivirus scanners on a single host can affect performance and scalability. Meanwhile, the constant starting, stopping, and cloning of virtual machines can leave systems unprotected.
A new Sophos whitepaper explores these challenges and presents two effective approaches to securing your virtual machines without sacrificing performance: agentless antivirus and virtualization-optimized endpoint security. Simultaneous scheduled or on-demand scans can lead to a “scan storm,” increasing resource use and decreasing system performance.
“Scan storms occur when a host’s resources are overwhelmed by many virtual machines (VM) running antivirus scans at the same time. Because each VM is engaged in nearly identical behavior requiring multiple input/output (I/O) operations and substantial CPU processing, data throughput and system response time can slow noticeably. Even an otherwise speedy SAN or local storage array can be affected by the sheer volume of simultaneous read requests.”
The paper also covers how to choose the best approach and the right Sophos product (Sophos Antivirus for vShield, Sophos Server Protection, or Sophos Endpoint Antivirus) for your needs.
Download “Two Great Ways to Protect Your Virtual Machines From Malware” to learn more about how to deliver performance and security in your virtual data center (registration required).
You can read the original article here.