You can turn off NSX Distributed Malware Prevention service on specific vSphere host clusters by deleting the service deployment on those host clusters.

When you delete the NSX Distributed Malware Prevention service deployment on a host cluster, an instance of the service VM on each host of that cluster is removed. The workload VMs on the hosts in that cluster lose NSX Malware Prevention security protection.

Procedure

  1. From your browser, log in with admin privileges to an NSX Manager at https://nsx-manager-ip-address.
  2. Navigate to System > Service Deployments > Service Deployment.
  3. In the Partner Service drop-down menu, select VMware NSX Distributed Malware Prevention Service.
    The list of service deployments is displayed.
  4. Next to the service deployment name, click Actions menu.
  5. In the pop-up window, click Delete.
    The service deployment for the host cluster is permanently deleted and cannot be recovered.

    If the service deployment is not deleted due to any error, the Status goes into Failed state. To completely delete a service deployment that is in a Failed state, click Actions menu, and then click Force Delete.

Results

NSX Malware Prevention security protection is no longer available on this host cluster. In other words, the workload VMs on this host cluster cannot detect and prevent malware.