5 Replies Latest reply on Feb 12, 2010 8:59 AM by rcambrid

    LinuxShield SAN support

      KB65787 states: "LinuxShield has not been tested with Storage Area Network (SAN) environments. Using LinuxShield in these environments is not supported due to potential performance issues."

       

      What does this incorperate? When having Linux server running in like VMware/Xen on a SAN, or either having mounted volumes on a SAN is not supported? I Think this is pretty commom these days's, especially when taking into account that LinuxShield would be targeted on enterprise environments.

       

      Best regards, Sebastiaan

        • 1. Re: LinuxShield SAN support
          rcambrid

          Hi Sebastiaan,

           

          I've put a request in to see if there are any plans for testing this.

           

          I'll update this thread when I've had some feedback.

           

          Thanks!

           

          Rod.

          • 2. Re: LinuxShield SAN support

            Hi Rod, thanks for the update.

             

            To elaborate a bit on the environments we use LinuxShield in are (and which should be supported):

            -Novell OES2 (Linux) and SLES

            -OES2 clustering

            -XEN and (mostly) VMware ESX (VM's local or on a SAN).

            -We make most of the time use of NetApp SAN's for either clustered volumes and/or VM storage

             

            I also san that auditd enabled on Linux is not supported. I already did an enh. request for that, but this should also be supported. This is a service enabled by default (at least when running SLES).

             

            As NetShield was part of the Enterprise package, why isn't this the case for LinuxShield? I stronly suggest a common license structure for worstation/server either Windows or Linux is preffered, as we feel the LinuxShield is well overpriced today compared to other vendor's solutions.

             

            Thanks, Sebastiaan

            • 3. Re: LinuxShield SAN support
              rcambrid

              Sebastiaan,

               

              I just heard back - as you're aware, auditd enabled and NAS/SAN environments are not currently supported by LinuxShield. However, it seems that we've had multiple requests for this  functionality - and so we are looking at how best to support these going forward.

               

              At this time, I cannot confirm that this will happen; I can only confirm that Product Management are aware of these limitations and are looking at how we can address them in future versions of LinuxShield.

               

              Apologies for not being able to give you any more definite information.

               

              Thanks,

               

              Rod.

              • 4. Re: LinuxShield SAN support

                Hi Rod,

                 

                Thanks for the update. Hope we'll see this soon.

                 

                Another thing customers of mine would like to see is an ePO running on Linux I've heared rumours for a while McAfee was looking at that, and it's one of the reasons I did stay with McAfee. For example CA provides this feature.

                 

                Customers are running McAfee 8.7 Enterprise on Windows desktops, but server side run mostly SuSE Linux and Novell OES.They would like to have ePO also running on Linux. To be able to centrally manage and monitor their antivirus strategy is getting more important for them.

                 

                Several customer environments are like at most up to 85 Windows XP desktops and several Linux servers running either SLES or Novell's OES2 services. Some of those do run LinuxShield to protect user data. All servers do run virtualised on VMWare vSphere.

                 

                To be able to run ePO we would now need to buy a seperate Windows server license while we could just leverage a 'free' Linux license. A (open)SuSE or SLES with MySQL/PostgreSQL would be great. For our size of company a preconfigured ePO appliance would be awesome (if you need to create one you could use www.susestudio.com and have one in 30 minutes ready)

                 

                If available, we would also glad to be able to beta test this solution.

                 

                Thanks, Sebastiaan

                • 5. Re: LinuxShield SAN support
                  rcambrid

                  Hi - I spoke with the Product Managers about this and, unfortunately, there are currently no plans to accomodate a version of ePO running on Linux.

                   

                  Sorry!

                   

                  Rod.