To provide agentless protection on the virtual machines, you must install the Deep Security service, which is the Deep Security Virtual Appliance (DSVA), on your ESXi servers.
To install the Deep Security Virtual Appliance:
The procedure below describes the installation of DSVA on NSX 6.1 environment, which is based on the Guest Introspection service. For NSX version 6.0, Guest Introspection service is known as Endpoint service.
- On the vSphere Web Client, go to Home > Networking & Security > Installation.
- Click Service Deployments tab and click the green plus sign (+) to display the Deploy Network & Security Services window.
- On the Select services & schedule option, tick Trend Micro Deep Security, and then click Next.
- On the Select clusters option, select the cluster that includes the ESXi servers on which to deploy the Deep Security service.
- Click Next.
- On the Select storage option, choose a datastore for each cluster. The datastore is the location where to place the DSVA that will provide the Deep Security service.
Ensure to select a datastore that all ESXi hosts in the cluster have access to.
- Click Next.
- On the Configure management network option, select the network and IP assignment for the DSVA, and then click Next.
The network is the distributed port group used by the vDS on the datacenter.
- Click Finish to complete the deployment of the Deep Security service.
When deployment is complete, the Trend Micro Deep Security service appears on the list of Network & Security Service Deployments. The Deep Security service is now deployed on the ESXi servers in the cluster. You are now ready to create a VMware Service Profile which will be bound to the port groups used by your VMs.