VDI, cloning and hardware detection

Starting in version 7, ESET Security Management Center supports VDI environments, cloning of machines and non-persistent storage systems. This feature is necessary to set up a flag for the master computer or resolve a question which appears after cloning or a change of hardware.

Until the question is resolved, the client machine is unable to replicate to the ESMC Server. Client only checks if the question is resolved.

Disabling hardware detection is irreversible, use it with the highest caution and only on physical machines!

When resolving multiple questions, use the Status Overview - Questions tile.

Which OSs and hypervisors are supported?

validation-status-icon-error WARNING

Before you start using VDI with ESMC, read more about supported and unsupported features of various VDI environments in our Knowledgebase article.

Only Windows operating systems from Windows XP SP2 x64 and later are supported.

ESET Virtual Agent Hosts are not supported.

Mobile devices managed via MDM are not supported.

Linked clones in Virtual Box can not be distinguished from one another.

In very rare cases, detection can be switched off automatically by the ESMC. This happens when ESMC is not able to reliably analyze the hardware.

See the list of supported configurations:

oCitrix PVS 7.0+ with physical machines

oCitrix PVS 7.0+ with virtual machines in Citrix XenServer 7+

oCitrix PVS 7.0+  and Citrix XenDesktop with Citrix XenServer 7+

oCitrix Machine Creation Services

o(without PVS) Citrix XenDesktop with Citrix XenServer 7+

oVMWare Horizon 7+ with VMWare ESXi

oMicrosoft SCCM (for re-imaging)

 

VDI environments

You can use Master machine with ESET Management Agent for a VDI pool. There is no VDI connector needed; all communication is handled via ESET Management Agent. ESET Management Agent 7 must be installed on the Master machine before the VDI pool (machine catalog) is set up.

If you want to create a VDI pool, flag the Master computer in Computer details - Hardware before creating the pool. Select Mark as Master for Cloning (Match with existing computer).

If the Master computer is removed from the ESMC, recovery of its identity (cloning) is forbidden. New machines from the pool would get a new identity each time (new machine entry is created in the Web Console).

When a machine from the VDI pool connects for the first time, it has a mandatory 1 minute connection interval. After the first few replications the connection interval is inherited from the master.

Never disable hardware detection when using the VDI pool.

You can have the master machine running along with the cloned computers, so you can keep it updated.

 

vdi

Cloning machines on hypervisor

You can create a clone of a regular machine. Just wait for the Question to appear and resolve it by selecting Create new computer only this time.

 

clon

Imaging of systems to physical machines

You can use a Master image with ESET Management Agent 7  installed and deploy it on physical computers. There are two ways to accomplish this:

1.System creates a new machine in ESMC after each image deployment.

Resolve each new computer manually in Questions and select Create a new computer every time.

Flag the Master machine before cloning. Select Mark as Master for Cloning (Create a new computer).

2.System creates a new machine in ESMC after the image is deployed on a new machine. If the image is re-deployed on a machine with previous history in ESMC (that already had ESET Management Agent v7 deployed), this machine is connected to its previous identity in ESMC.

Resolve each new computer manually in Questions and select Match with an existing computer every time.

Flag the master machine before cloning. Select Mark as Master for Cloning (Match with existing computer).

 

image

Parallel replication

ESMC Server can recognize and resolve parallel replication of multiple machines to a single identity in ESMC. Such an event is reported to Computer details - Alerts. There are two ways to resolve this issue:

Use the one-click action available on the alert. Computers are divided, and their hardware detection is permanently turned off.

In rare cases, even computers with switched-off hardware detection can conflict. In such cases the Reset cloned agent task is the only option.

Run the Reset cloned agent task on the machine. This keeps you from having to disable hardware detection.