Who enables Virtual Machine Communication Interface (VMCI) unrestricted access?

A

acesea

Limp Gawd
Joined
Oct 2, 2004
Messages
211
Anyone do testing and find in which scenarios enabling and unrestricting VMCI access improves performance?


Haven't found much concrete info on the interwebs so here are some info links.

Configuring a Virtual Machine Communication Interface (VMCI) on a vSphere ESX host
kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1010806

VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability
https://www.vmware.com/security/advisories/VMSA-2013-0002.html

VMCI support continues for host to guest communications. Guest to guest communications (VM to VM) were deprecated in vSphere 5.0 and Workstation 8.0. Inter-guest functionality has been removed in the vSphere 5.1 release.
https://www.vmware.com/support/developer/vmci-sdk/VMCI-510-Relnotes.html
 
I had to use this for a client when we were deploying Bitdefender's Vsphere aware AV software. It uses VMCI to communicate with all the machines, and avoids congesting resources by doing this I guess.
 
When I deployed Trend Micro Deep Security version 8, it was indicated that it was required to allow their notifier to work within a virtual machine (relays AV status & events from protection appliances to OS). I found this to be true in my initial testing, but since deploying version 9 it appears that the notifier works without enabling it.

The VMCI driver still needs to be installed with vmtools, but does not need to be enabled in the virtual machine configuration settings.
 
shnelson said:
When I deployed Trend Micro Deep Security version 8, it was indicated that it was required to allow their notifier to work within a virtual machine (relays AV status & events from protection appliances to OS). I found this to be true in my initial testing, but since deploying version 9 it appears that the notifier works without enabling it.

The VMCI driver still needs to be installed with vmtools, but does not need to be enabled in the virtual machine configuration settings.
Click to expand...

How is Deep security like I saw a demo it looked pretty spiffy.
 
You must log in or register to reply here.
Back
Top