Search the VMware Knowledge Base (KB)
View by Article ID

FAQ: Implementation of vShield Endpoint beyond EOA of vCNS (2110078)

  • 20 Ratings
Language Editions


This article answers frequently asked questions on the availability of vShield Endpoint beyond the End of Availability (EOA) announcement of vCloud Networking and Security (vCNS) (standalone, September 2013, as part of vCloud Suite, March, 2015). It also provides information on the impact to vShield Endpoint customers when transitioning from vCloud Networking and Security to VMware NSX for vSphere.


What is vShield Endpoint? Where can I find more information about the product?
VMware vShield Endpoint lets you manage anti-virus and anti-malware policies for virtualized environments with the same management interfaces you use to secure physical infrastructure. The VMware vShield Endpoint strengthens virtualization security with enhanced endpoint protection by offloading AV processing to a secure virtual appliance supplied by the VMware partners. For more information, see the vShield Endpoint product page.

What is needed to use VMware vShield Endpoint?
VMware vShield Endpoint plugs consists of three components:
  • Hardened secure virtual appliances, delivered by VMware partners
  • Thin agent for virtual machines to offload security events (included in VMware Tools)
  • VMware Endpoint ESX® hypervisor module to enable communication between the first two components at the Hypervisor layer.
Note: VMware vShield Endpoint requires the hypervisor modules be installed and managed via vCloud Networking and Security Manager (formerly known as vShield Manager) or NSX Manager.

Will vShield Endpoint work without vCloud Networking and Security (vCNS) or NSX for vSphere?
No. VMware vShield Endpoint will not work without vCNS or NSX.

How is this licensed?
VMware vShield Endpoint is included as a vSphere feature in vSphere editions Essentials Plus and later. No separate license key is needed. When vShield Manager is installed and connected to the vCenter, it uses the vSphere license keys to enable the functionality needed to manage vShield Endpoint.

Note: This entitlement is limited to vShield Endpoint management, this does not include license to use any other feature of vCloud Networking and Security.

What is the impact of the EOA (End of Availability) announcement for vCloud Networking and Security?

For more information, see End of Availability and End of General Support for VMware vCloud Networking and Security 5.5.x (2144733).

How can I download vShield Endpoint?
NSX for vSphere 6.2.4 or later should be used for vShield Endpoint deployments and is available at VMware Downloads. This takes you to the product page of the latest version of VMware NSX for vSphere. Download and install the NSX Manager to manage vShield Endpoint.

  • NSX 6.2.4 and later enables you to manage vShield Endpoint from NSX Manager.
  • The license that comes embedded in NSX Manager 6.2.4 and later includes an unlimited capacity NSX for vShield Endpoint license key. To ensure you do not use any other unlicensed NSX features (for example VXLAN, DFW, Edge services), the license key will have hard enforcement to prevent NSX host preparation and block Edge creation.
  • With the release of NSX 6.2.4, if you purchased vSphere with vShield Endpoint (Essential Plus and later), you can download NSX. This means that NSX will appear on the vSphere download site, similar to vCNS.
Until when is vCloud Networking and Security supported?
The End of General Support for vCloud Networking and Security Manager version 5.5 is September 19, 2016 and Technical Guidance for vCloud Networking and Security Manager when used to manage vShield Endpoint is available until March 31, 2017.

Which version of VMware vShield Endpoint inter-operates with vSphere 6.0?
For more information, see the Interoperability matrix.

What partner solutions are available for me to use with VMware vShield Endpoint and vCloud Networking and Security?
For the complete list of certified partners, see the VMware Compatibility Guide. The following table outlines target delivery partner delivery dates for 6.2.4 certification. Partner products certified on NSX 6.2.3 are also certified on NSX 6.2.4. These dates are subject to partner delivery schedules and should not be considered commitments to deliver by these dates.

NSX 6.2.4 vShield Endpoint Certification Planner

Partner Product
NSX 6.2.4 Certification Target
GravityZone SVE version 6.1
Trend Micro
Deep Security 9.6 (Version 7314 or higher)
Intel Security (McAfee)
MOVE 4.0
Kaspersky Security for Virtualization 4.0 Released
ESET Virtualization Security for VMware NSX v1.5
DCS 6.7
Q1 - 2017
Sophos Anti-Virus for VMware vShield
Product being transitioned. For more information, see Sophos Antivirus for vShield: Product Retirement

I am not using vShield Endpoint as of now. I want to move from VCNS to NSX. What changes? Can I still use vShield Endpoint?
VMware NSX for vSphere provides NSX Guest Introspection, which provides all features of vShield Endpoint and support for additional service categories like vulnerability management, IDS/IPS using the in-guest thin agent. For the full list of NSX certified partners, see the VMware Compatibility Guide.


End Of Availability of vCNS

See Also

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.


  • 20 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)

Please enter the Captcha code before clicking Submit.
  • 20 Ratings