This is a local, offline copy of the help, and may be out of date. To view the newest documentation, go online to https://help.deepsecurity.trendmicro.com/.

Pin appliances with VMware HA

Applies to on-premise Deep Security software installations only

If you use VMware Distributed Resource Scheduler (DRS) for high availability (HA), configure it before you install Deep Security. Then deploy Deep Security Virtual Appliance on all ESXi hypervisors (including backup hypervisors), and "pin" them to each ESXi server. This will ensure that agentless protection is still being applied after HA failover.

If DRS moves a VM from an ESXi that has an appliance to one that doesn't, the VM will become unprotected. If the VM then returns to the original ESXi, it still won't be protected again unless you create an event-based task to re-activate and protect a VM when vMotion moves it to an ESXi with an appliance. For more information, see Create an event-based task.
Don't apply vMotion to the appliance. Keep each appliance on its specific ESXi server: in the DRS settings, select Disabled (recommended) or Manual. (Alternatively, deploy the appliance onto local storage, not shared storage. When the virtual appliance is deployed onto local storage, DRS won't apply vMotion.) For more information, see your VMware documentation.
Contact Support
Support
Contact eSupport
Trend Micro Success
Learn About Vulnerabilities
Threat Encyclopedia