Desktop virtualization has greatly improved the end-to-end security: the centralized management of computers allows for great homogeneity of the stock, can quickly deploy security updates and keep control over user’s computers. Also, the “read-only” feature, which means that every time a PC shuts down and restarts, it goes back to the initial configuration as defined by the administrator, can delete all potential viruses and malware downloaded throughout the day with a single click. However, this doesn’t mean that user terminals should do away with a good antivirus altogether! We tried out GravityZone by Bitdefender for you.
Presentation of GravityZone by Bitdefender
The new version of the GravityZone by Bitdefender security solution was released in 2015. Bitdefender took on the challenge of developing a lightweight and easy-to-use antimalware program. It includes all the features needed for PC security today: Firewall, antimalware, intrusion detection, internet content control (blacklist, whitelist, planning), web filtering, application control, accessory control, and many other even more powerful features.
GravityZone offers 3 types of antivirus scans:
- Local: this is a traditional scan that takes place on the computer terminal
- Central Scan: in this mode, the scan is done from a virtual appliance rather than on the user’s machine
- Hybrid: the hybrid scan is a mix between a local scan and a scan from the cloud.
Depending on the situation, it is possible to automatically switch from one type of scan to another.
The GravityZone antivirus by Bitdefender is well known with IT professionals because it simplifies and secures end-to-end management. It should be noted that the Bitdefender antivirus protect computer terminals, but it can also protect IT servers, Exchange (email) services and smartphones/tablets!
How does GravityZone work?
To install GravityZone onto your infrastructures, you need to install the Bitdefender distribution, which is provided in virtual appliance mode (turnkey or preconfigured) based on a Linux Ubuntu server distribution. Depending on the mode of the hypervisor you have, GravityZone is available, among other things, for:
- Citrix Xen
- Microsoft Hyper-v
- Linux KVM Virtualization
If have none of these hypervisors, contact Bitdefender directly. If you have one of these server virtualization technologies, depending on the hypervisor, Bitdefender will provide you with an appliance to import into your server virtualization solution.
When starting up the virtual machine, you’ll first have to configure the antivirus server, which may have several roles:
- Antivirus update server
- Communication server
- Web dashboard (centralized dashboard to manage the antivirus)
- Server security (duplicates and centralizes most of the antimalware features of antimalware agents, by acting as an analysis server)
Once the server is installed, you’ll no longer have to configure your antivirus strategies. It should be noted that it’s possible to deploy the Bitdefender agent onto your desktops through the centralized management dashboard of the antivirus server! This time saved and this simplicity will be greatly appreciated.
Best practices in the context of desktop virtualization
The configuration of an antivirus in a VDI environment is not the same as in a traditional PC environment. Oftentimes, virtual machines are in “read-only” mode, that is, with each startup, they will return to the configuration of a basic common image (OS + applications). In this context, doing antivirus updates on terminals is useless: every day, the updates will be reversed.
Similarly, the diskspace allocated to each virtual machine should be optimized, so it’s useless to configure the antivirus to scan the boot sectors, which in any case will restart at 0 at the next restart, which would generate useless entries on the computer terminal.
How to configure your antivirus for VDI
Here are a few rules on how to configure your antivirus in a VDI infrastructure:
- Deactivate boot sector scans.
- Deactivate scans of known drives of the virtual machine (A:, C:, D:, etc.) because these have to be analyzed and recognized as healthy in the master image.
- Only removable drives (USB/flash, external hard drives, etc.), files downloaded from the internet and files attached to emails should be scanned.
- Deactivate scheduled antivirus scans on the virtual machines.
- Deactivate antivirus updates in virtual machines.
Of course, you’ll need to be very meticulous in managing master images. You’ll have to update them regularly in order to update the virus signatures to ensure maximum protection for the computer terminals.
GravityZone offers a very interesting feature in the context of managing antivirus strategies: the Bitdefender antivirus will synchronize with your directory (Active Directory, for example), so you can define the strategies via the centralized Bitdefender dashboard for each item, so you can for example define one antivirus strategy for your servers, for your heavy terminals or “read-write” virtual machines and another one for your “read-only” terminals.
As you’ve probably understood, GravityZone by Bitdefender won us over with its efficiency, simplicity in setting up and great flexibility in the context of end-to-end security where you can have several types of environments at the same time: traditional PCs, virtual PCs, physical and virtual servers and smartphones/tablets.