Using Symantec Endpoint Security in non-persistent virtual desktop environments
Symantec Endpoint Securityin non-persistent virtual desktop environments
You can configure the Symantec Agent in your base image to indicate that it is a non-persistent virtual agent. Set up your base image to make it simpler to use
Integrated Cyber Defense Managerto manage GVMs in non-persistent virtual desktop infrastructures.
Step 1: Install the Symantec Agent on the base image
Step 2: Disable Tamper Protection
Temporarily turn off Tamper Protection in the ICDm console so that you can modify the registry.
- Go toPolicies, open the System policy, and turn offProtect Symantec security software from being tampered with or shut down.
Step 3: Configure non-persistent virtual agents
The advantage of non-persistent agents is that offline non-persistent agents do not count toward the number of deployed licenses. Only online agents count. To mark a virtual agent as a non-persistent agent, you must create a registry key in the base image.
ICDm counts each license for agents on physical computers, whether the computer is online or offline. For virtual agents, ICDm counts the licenses of both online and offline non-persistent agents. Make your virtual agents non-persistent if you have more users than you have agents.
To mark a virtual agent as a non-persistent agent, you must create a registry key in the base image.
To mark a virtual agent as a non-persistent agent
- On the Symantec Agent, open the registry editor on the base image.
- Navigate to one of the following registry keys:
- On 32-bit systems: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\
- On 64-bit systems: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\SMC\
- Create a new subkey namedVirtualization.
- In theVirtualizationsubkey, create a key of type DWORD namedIsNPVDIClientand assign it a value of 1.
Step 4: Turn on Tamper Protection
In the cloud console, turn on Tamper Protection.
Purging obsolete non-persistent VDI agents to free up licenses
If devices are offline for more than 7 days then they get purged by default. Otherwise, you can manually delete them using the ICDm console.
Online and offline non-persistent agents count toward the number of deployed licenses.