Sophos for Virtual Environments delivers central security for VMware or Hyper-V virtual machines. Sophos VE provides real-time protection at peak performance by off-loading threat detection to a centralized security virtual machine.
I have an installation on VMware using HA (hot standby). The systems are stable for the most part, but about once per day things go a bit sideways for a little bit. It does correct itself, but there is a small outage that results (this is especially troublesome because tunnels may. Hey Guys #InfotechPrithviraj Sophos Registration link - https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C1Asignupsignin&clientid=5178.
In this walk-through, we will be installing the Sophos Security VM in a VMware environment, deploy the Guest VM agent to protected machines, and test real-time protection.
Install Sophos Security VM
You can use Sophos for Virtual Environments to provide central threat protection for virtual machines in a VMware ESXi or Microsoft Hyper-V environment. We have updated Sophos for Virtual Environments. See the Version 1.3 documentation for the latest updates. Overview Sophos for Virtual Environments uses proprietary Sophos technology, and therefore does not use or require VMware technology such as Horizon; NSX Guest Introspection components or NSX Manager Appliance provided by VMware. This enables the Sophos for Virtual Environments solution to support multiple hypervisors.
To begin, download the Sophos for Virtual Environments executable from Sophos Central. Run the SVE_ESXi_c_sfx.exe from a machine in your environment.
Read and Accept the Sophos EULA.
Select the destination for the installer and Install. This can be on your local machine.
Sophos Xg Vmware
Once the installer has completed, the Security VM installation wizard will begin. Click Next to continue.
Check the prerequisites for installation and ensure you have credentials to VMware and the ESXi host where the Security VM will reside. Click Next.
Provide the vCenter address and credentials as well as the Security VM name.
A security warning will appear if an untrusted SSL is installed.
Choose the ESXi host where you want the Security VM installed.
Select the Management Console you will be using to configure security policies and respond to alerts. We are using Sophos Central.
Enter the Sophos Central Administrator credentials.
Provide a password for access to your Security VM. Note that this password can’t be changed after installation.
Next, create a password for access to the guest agent installer. The guest agent installer will reside in a Public share on the Security VM.
Select a Timezone the for the Security VM.
Choose the datastore where your Security VM will reside.
Set the network, IP address, subnet mask, and domain suffix for all the networks used by the protected VMs.
Enter the default gateway and DNS server(s) information.
Guest VMs can move between Security VMs. If you have already or are going to install additional Security VMs, enter their IP addresses here.
Review the summary and click Install when finished.
The Security VM will now be deployed to your ESXi host.
Once complete, select Finish.
After the Security VM installation, navigate back to Sophos Central and ensure the VM is populated under Server Protection.
Next, we will install the Sophos Guest VM agent on VMs we want to protect. The Guest VM agent communicates with the Security VM to protect workloads and scan accessed files.
Install Sophos Guest VM Agent on Guest VMs
From the Guest VM you would like to protect, browse to the Public folder on the Security VM.
Enter the sophospublic username and password setup during the Security VM installation.
Launch the SVE-Guest-Installer.
Launch the SVE-Guest-Installer.
The installation for the Guest Agent will begin.
Select Finish when completed.
Sophos Vmware Workstation
Verify Sophos for Virtual Environments Protection
Lastly, we will check that our Guest VM is protected. The first way to check is from Windows Security and Maintenance Center on the Guest VM. If the guest VM does not have Windows Security Center, we will check the log folder and then test real-time protection.
Utilizing the Sophos credentials, you created during the SVE setup, you can access the logs folder. Browse to the Logs folder on the Sophos Security VM and open the ProtectedGVMs document.
The document should display information for your newly protected Guest VM.
Sophos Vmware Horizon
Test Sophos Real-time Scanning
Virtual Firewall Vmware
Lastly, we will test real-time scanning. To test, follow the EICAR instructions here for creating an anti-malware test file. Paste the 68-character string into a text document and save the document with an obvious name. Once the file is saved, navigate to the Security VM in Sophos Central. You should see a recent event indicating that Malware has been detected.
For more information read the Sophos for Virtual Environments Startup Guide
As an alternative to the hardware-based version of the Sophos Web Appliance, you can deploy appliances as virtual machines using VMware. These appliances can be grouped with other virtual appliances or with hardware-based appliances. Once deployed, they operate in the same way as a hardware-based appliance.
Sophos virtual appliances provide a cost-effective web-filtering solution that is easy to set up. Virtual appliances occupy less rack space, are energy-efficient, and require less hardware.
To learn more about configuring a virtual web appliance, see the Sophos Virtual Web Appliance Setup Guide or the Sophos Virtual Management Appliance Setup Guide.