Last week Virtual Computer and the security vendor Sophos announced a technology alliance to secure the NxTop environment with Sophos Antivirus.
Similarly to the Citrix-McAfee alliance, this is a two-phases integration. In the first one, happening now, the two companies are optimizing the infrastructure for malware scanning.
Specifically, Virtual Computer prevents that every virtual desktop equipped with the Sophos endpoint agent and deployed on its NxTop client hypervisor will have to re-download and update the signature database at each boot. All AV updates in fact are downloaded and applied only to the virtual machines’ master image.
Most parts of a NxTop virtual desktop guest operating system are rolled back to their master image status when rebooted, greatly reducing the risk of stay resident malware, but some parts are retained to offer profile personalization. According to that, the Sophos AV, which lives in a dedicated VM, can be fine tuned to perform scanning only on the persistent areas of the guest OSes.
The two companies are already working on phase two: deliver out-of-band security scanning (the industry calls it introspection) by moving the endpoint agent at the hypervisor level. Which is exactly what Citrix is preparing with McAfee, and what VMware is already delivering with its vShield Endpoint and TrendMicro Deep Security 7.5 antivirus.
Virtual Computer doesn’t have a firm date to announce yet, but it’s expected to happen as soon as Citrix will be ready with its own offering.