About the Symantec Virtual Image Exception (VIE) tool for Symantec Endpoint Protection (SEP) clients running on virtual machines.
The Virtual Image Exception (VIE) tool is designed specifically for environments leveraging virtualization technologies where a single baseline image is used to deploy many identical or nearly identical Virtual Desktop Infrastructure (VDI) clients. The VIE tool is used to add a new Extended File Attribute (EFA) value to all existing files on a machine before imaging. The EFA value remains valid until the file is modified.
The Symantec Endpoint Protection (SEP) 12.1 client checks for this attribute before scanning files and skips scanning any files that are marked as "known good" by the VIE tool. Scans on VDI clients created with images processed by the VIE tool will experience lower I/O load, CPU usage, and network bandwidth usage during scheduled and manual scans.
Baseline Image Considerations
It is important to ensure that VIE is only run against baseline images that are clean of any infections or threats. The tool should be run as the last step before distributing the image. VIE should be run against all baseline images in the environment to ensure the maximum performance benefits.
VIE is a command-line tool. It requires the SEP 12.1 client be installed before it will successfully execute and must be run from a virtual machine. The tool can be run with the following switches:
- Adds virtual image exceptions for all files on the target volume
- Verifies how many files are currently excluded on the target volume
- Resets the status of all files on the target volume
- Forces VIE to generate hash information while processing files on the target volume. This is for use with Shared Insight Cache server
- provides verbose logging
- Stops on the first error that the tool encounters
Examples and additional infomation on VIE are available in the Symantec™ Endpoint Protection Virtual Image Exception User Guide.