Users have installed the vShield Endpoint driver, prepared the ESX host, deployed Deep Security Virtual Appliance (DSVA) and activated it successfully. However, the DSM console shows the status of the ESX host as "Anti-Malware Ready: No" and the status of the VMs as "Anti-Malware: Not Capable".
Server0.log shows the following exception:
Mar 9, 2011 11:13:08 AM com.thirdbrigade.manager.core.virtualization.vmware.VSMRequest parseVSMError INFO: Parsing VSM error for https://vcenter-hostname.dummy-domain.local/: Mar 9, 2011 11:13:08 AM com.thirdbrigade.manager.core.virtual.VirtualSync syncHost WARNING: Failed to query for LKM com.thirdbrigade.manager.core.virtualization.vmware.exceptions.VSMErrorResponseException: HTTP Response Code: 404
When the DSM queries for the LKM to determine if the ESX is Anti-Malware ready, we are getting an HTTP 404 (Not Found) error. The VSM URL you see "https://vcenter-hostname.dummy-domain.local/" is a vCenter hostname and NOT the vShield Manager hostname. This is justified in debug.xml (vShiel Manager Properties) as shown:
To resolve this issue, configure the "ServerAddress" to use the vCenter host, and the "vShieldMgrAddress" to use vShield Manager host:
- On the Deep Security Manager consoler, right-click the Computer tab and select vCenter.
- Click Properties, and then select vShield manager tab.
- In the vShield Manager Server, change the Manager Address to:
- Save the changes that you made.