Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Interoperability with Bit9 agent installed on a cluster Win2008 R2 servers running on Hyper-V

Interoperability with Bit9 agent installed on a cluster Win2008 R2 servers running on Hyper-V

Version

6.x & 7.x

Topic

This document answers most commonly asked question(s) regarding the interoperability with Bit9 agent installed on a Windows 2008 R2 server cluster running on Hyper-V.

Q/A

Question 1

Is there any caveat installing Bit9 agent on a cluster Win2008 R2 servers running on Hyper-V?

Answer

CSV (Clustered Shared Volumes) are not supported in Bit9 because we will be unable to detect changes that occur on one node of the cluster on the other nodes.

Question 2

Why would Bit9 agent not be able to see the changes if the data is shared?

Answer

Essentially, in a CSV (Clustered Shared Volumes) environment, the Bit9 agent’s inventory will not be fully accurate. When changes are made to one node, the Bit9 agent running on the other node will not be aware of the change (modifications happen without Bit9 agent seeing), thus when that file goes to execute from the other node, the file will be seen as new and will block in high or medium enforcement if the file is not globally approved.

The opposite is also possible where you could have an approved file that both nodes initialized. On one node, a malicious/unapproved/banned file could override it. The node that saw the modification would block the execution, but the node that didn’t would still think that the file was approved.

Labels (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎01-14-2015
Views:
599
Contributors