Search the VMware Knowledge Base (KB)
View by Article ID
FAQ: Implementation of vShield Endpoint beyond EOA of vCNS (2110078)
VMware vShield Endpoint lets you manage anti-virus and anti-malware policies for virtualized environments with the same management interfaces you use to secure physical infrastructure. The VMware vShield Endpoint strengthens virtualization security with enhanced endpoint protection by offloading AV processing to a secure virtual appliance supplied by the VMware partners. For more information, see the vShield Endpoint product page.
What is needed to use VMware vShield Endpoint?
VMware vShield Endpoint plugs consists of three components:
- Hardened secure virtual appliances, delivered by VMware partners
- Thin agent for virtual machines to offload security events (included in VMware Tools)
- VMware Endpoint ESX® hypervisor module to enable communication between the first two components at the Hypervisor layer.
Will vShield Endpoint work without vCloud Networking and Security (vCNS) or NSX for vSphere?
No. VMware vShield Endpoint will not work without vCNS or NSX.
How is this licensed?
VMware vShield Endpoint is included as a vSphere feature in vSphere editions Essentials Plus and later. No separate license key is needed. When vShield Manager is installed and connected to the vCenter, it uses the vSphere license keys to enable the functionality needed to manage vShield Endpoint.
Note: This entitlement is limited to vShield Endpoint management, this does not include license to use any other feature of vCloud Networking and Security.
What is the impact of the EOA (End of Availability) announcement for vCloud Networking and Security?
For more information, see End of Availability and End of General Support for VMware vCloud Networking and Security 5.5.x (2144733).
How can I download vShield Endpoint?
NSX for vSphere 6.2.4 or later should be used for vShield Endpoint deployments and is available at VMware Downloads. This takes you to the product page of the latest version of VMware NSX for vSphere. Download and install the NSX Manager to manage vShield Endpoint.
- NSX 6.2.4 and later enables you to manage vShield Endpoint from NSX Manager.
- The license that comes embedded in NSX Manager 6.2.4 and later includes an unlimited capacity NSX for vShield Endpoint license key. To ensure you do not use any other unlicensed NSX features (for example VXLAN, DFW, Edge services), the license key will have hard enforcement to prevent NSX host preparation and block Edge creation.
- With the release of NSX 6.2.4, if you purchased vSphere with vShield Endpoint (Essential Plus and later), you can download NSX. This means that NSX will appear on the vSphere download site, similar to vCNS.
The End of General Support for vCloud Networking and Security Manager version 5.5 is September 19, 2016 and Technical Guidance for vCloud Networking and Security Manager when used to manage vShield Endpoint is available until March 31, 2017.
Which version of VMware vShield Endpoint inter-operates with vSphere 6.0?
For more information, see the Interoperability matrix.
What partner solutions are available for me to use with VMware vShield Endpoint and vCloud Networking and Security?
For the complete list of certified partners, see the VMware Compatibility Guide. The following table outlines target delivery partner delivery dates for 6.2.4 certification. Partner products certified on NSX 6.2.3 are also certified on NSX 6.2.4. These dates are subject to partner delivery schedules and should not be considered commitments to deliver by these dates.
NSX 6.2.4 vShield Endpoint Certification Planner
||NSX 6.2.4 Certification Target|
||GravityZone SVE version 6.1
||Deep Security 9.6 (Version 7314 or higher)
|Intel Security (McAfee)
||Kaspersky Security for Virtualization 4.0||Released|
||ESET Virtualization Security for VMware NSX v1.5
||Q1 - 2017|
||Sophos Anti-Virus for VMware vShield
||Product being transitioned. For more information, see Sophos Antivirus for vShield: Product Retirement|
I am not using vShield Endpoint as of now. I want to move from VCNS to NSX. What changes? Can I still use vShield Endpoint?
VMware NSX for vSphere provides NSX Guest Introspection, which provides all features of vShield Endpoint and support for additional service categories like vulnerability management, IDS/IPS using the in-guest thin agent. For the full list of NSX certified partners, see the VMware Compatibility Guide.
Request a Product Feature
To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.