摘要 |
In an example, a virtual data center includes a plurality of agentless virtual machines (VMs) protected by a security virtual appliance (SVA). Because the VMs are agentless, they cannot internally manage, update, or enforce VM-specific security policies. However, each VM includes an API that provides an interface for monitoring events such as turn on, turn off, heartbeats, and file events, as well as an interface for ordering an on-demand scan. The SVA builds a policy table, with entries for each VM or class of VMs, and using the API, monitors appropriate events, such as file events, to enforce VM-specific policies. Because the policy table is lightweight, it can be efficiently ported between multiple hypervisors, thus ensuring that a VMs policy remains intact, even if that VM is ported to a different hypervisor. |