My Bitdefender
  • 0 Shopping Cart

Security for Virtualized Environments Version 1.2 Release Notes

Security for Virtualized Environments (SVE) is the first comprehensive security solution for virtualized datacenters. The solution protects virtualized Windows, Linux, and Solaris systems, both servers and desktops. While integrated with VMware vShield, the unique architecture of the solution allows it to be leveraged when using any system virtualization offering.

This article provides information on the new features and improvements introduced in Security for Virtualized Environments version 1.2 (released in May 2012) and the list of known issues.

For information on how to upgrade your existing deployment to this new version, refer to this KB article.

Release Notes for VMware vSphere

New Features and Improvements

  • Improved Silent Agent support. Silent Agent for Linux (32-bit and 64-bit) and Solaris (32-bit) provides on-demand antimalware scanning. Supported versions and distributions:

o    Red Had Enterprise Linux / CentOS 6.2, 6.1, 5.7, 5.6
o    Ubuntu 11.04, 10.04
o    SUSE (SLES) 11
o    OpenSUSE 12, 11
o    Fedora 16, 15
o    Oracle Solaris 11, 10

Silent Agent is available as rpm, deb and ipk package for Linux and as pkg for Solaris. However, installation is performed exclusively via the new Silent Deploy task (installation packages are not available for download).

  • Improved Silent Agent deployment management by adding the following features:

o    Silent Deploy task that automatically deploys Silent Agent on VMs using VIX API. Works with all supported guests, with specific prerequisites: VMware tools installed on VM, Security Virtual Appliance installed on host, User Account Control disabled on Windows VMs.
o    Credentials Manager to store authentication credentials used by Silent Deploy task (Settings > Credentials page).
o    Computers > Silent Agents page, which allows remotely upgrading or removing Silent Agent deployments. Upgrade and removal are performed using Silent Deploy tasks.

  • Improved Security Virtual Appliance deployment process:

o    Deployment configuration window supports configuration for multiple hosts (but one at a time, not bulk).
o    Option to choose deployment folder.

  • Policies can now be assigned to vCenter Server folders, vApps, datacenters, root.
  • Offline Scan task, which enables administrators to scan virtual machines when they are offline. The Security Virtual Appliance mounts virtual machines as network drives and then scans them. You must be logged in with a vCenter Server user with root level administrator permission. Scan settings can be configured using an Offline Scan policy.
  • Email settings available on the Settings > Setup page.
  • Option to send reports by email.
  • Email notifications (license expiration, antimalware off, malware outbreak, update failure) available on the Settings > Notifications page.
  • Option to generate detailed report for scan tasks.
  • Improved logging for daemons and corner case situations.

Known Issues

  • Offline Scan does not work when logged in to Security Console with a user that does not have administrator permission on the root vCenter Server.
  • Offline Scan does not scan LVM, SVM or GPT partitions.
  • Offline Scan ignores the Pause action.
  • When pausing system scans running on Linux or Solaris VMs, the task status in Security Console remains blocked to Pausing.
  • Windows VMs going into sleep or hibernation, or booting up, might trigger Antimalware OFF notifications.
  • Some features and options are not available for Linux and Solaris VMs.

o    Real-time scan and corresponding policy
o    Following options in On Demand Scan and Quick Scan policies and corresponding tasks: Scan memory, Scan detachable volumes, Scan shadow copy volumes
o    Memory Scan task

  • Locked files can be quarantined multiple times.
  • Restoring files from quarantine does not currently work.
  • On-demand scans follow symlinks outside the specified scan target, also disregarding file and folder exclusions. If a scanned symlink references a file or folder not included in the scan target or explicitly excluded from scanning, that file or folder will be scanned and actions will be taken on detected threats.
  • If a user has configured email notifications in Security Console and changes the user password in vCenter Server, email notifications cannot be sent until the user logs in to Security Console. The workaround for this issue is to log in to Security Console immediately after changing the user password in vCenter Server.
  • When removing the Security Virtual Appliance from a host, although the quarantined files stored on the appliance are removed, they still show up on the Quarantine page of Security Console.
  • If a VM on which a task has been configured to run is deleted while the task is pending or running, or if the user rights on the VM are removed, the VM disappears from the task details page.

Release Notes for Citrix XenServer/Microsoft Hyper-V

New Features and Improvements

  • Improved Silent Agent support. Silent Agent for Linux (32-bit and 64-bit) provides on-demand antimalware scanning. Supported versions and distributions:

o    Red Had Enterprise Linux / CentOS 6.2, 6.1, 5.7, 5.6
o    Ubuntu 11.04, 10.04
o    SUSE (SLES) 11
o    OpenSUSE 12, 11
o    Fedora 16, 15

The rpm and deb packages are available via an installation script that can be downloaded from the Security Console, Computers > Installation Area page.

  • Changed user account and registration system in the Security Console web interface:

o    Removed the partner account and implemented registration via the Company account page.
o    Default credentials for the company account are user default@company.com with password default.
o    License keys purchased for previous versions don’t work with version 1.2 and must be changed by contacting Bitdefender Business Support.

  • Changed CLI access and configuration scripts for the SVE appliances:

o    Changed login user name for the Security Console and Security Virtual Appliance CLIs from bitdefender to administrator.
o    Renamed console-setup script from the Security Console CLI to sc-setup. Settings previously configurable via this script are now available from the Company account page in the Security Console web interface. The script now allows configuring static network parameters.
o    Renamed vsm-setup script from the Security Virtual Appliance CLI to sva-setup. The script now also allows configuring static network parameters.

Known Issues

  • Silent Agent does not currently support Solaris in Citrix XenServer/Microsoft Hyper-V virtualized environments.
  • When manually removing Silent Agent from virtual machines, they do not disappear from Security Console. The workaround for this issue is to run the Uninstall quick task from the Computers page on those VMs.
  • Memory leaks occurred on Linux clients after on-demand scan endurance tests.
  • Some managed virtual machines might also appear as unmanaged, but with different IP addresses.
  • If the Silent Agent daemons are stopped on Linux clients and an Uninstall task is run from Security Console, clients are removed from console, but Silent Agent is not.
  • Silent Agent will not install in custom Unicode paths.
  • In some cases, when scanning for rootkits on Windows XP clients, epcsrv will take a lot of CPU resources.
  • In Security Console policy settings, if the custom profile is first set to scan all files for local and network scan and then changed to User defined extensions, the extensions field does not appear.
  • Some formatting issues might appear in policy settings windows.