VMware Tools include the NSX Thin Agent that must be installed on each guest virtual machine to be protected with Windows operating system. Windows virtual machines with VMware Tools installed are automatically protected whenever they are started up on an ESX host that has the security solution installed. That is, protected virtual machines retain the security protection through shut downs and restarts, and even after a vMotion move to another ESX host with the security solution installed.
Before you begin
Ensure that the guest virtual machine has a supported version of Windows installed. The following Windows operating systems are supported for NSX Guest Introspection:
Windows XP SP3 and above (32 bit)
Windows Vista (32 bit)
Windows 7 (32/64 bit)
Windows 8 (32/64 bit) -- vSphere 5.5 only
Windows 8.1 (32/64) -- from vSphere 5.5 Patch 2 and later
Windows 2003 SP2 and above (32/64 bit)
Windows 2003 R2 (32/64 bit)
Windows 2008 (32/64 bit)
Windows 2008 R2 (64 bit)
Win2012 (64) -- vSphere 5.5 only
Win2012 R2 (64) -- from vSphere 5.5 Patch 2 and later
- If you are using vSphere 5.5 or 6.0, follow the procedure http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.vm_admin.doc%2FGUID-391BE4BF-89A9-4DC3-85E7-3D45F5124BC7.html.
If you are using vSphere 6.5, follow the procedure provided in VMware Tools User Guide available at https://www.vmware.com/support/pubs/vmware-tools-pubs.html.
- After you select Custom setup, expand the VMCI Driver section, select vShield Drivers, and select This feature will be installed on the local hard drive.
- Follow the remaining steps in the procedure.
What to do next
Check if the thin agent is running using the fltmc command with the administrative privileges. The Filter Name column in the output lists the thin agent with an entry vsepflt.