Managing protection from GravityZone
This chapter provides best practices on using the GravityZone console for managing and monitoring Bitdefender protection installed on the VMs from your VMware Tanzu deployment.
Check protected machines
Manage protection settings
Monitor protection and security events
Check protected machines
After it is deployed on the VMs from your VMware Tanzu deployment, Bitdefender Endpoint Security Tools automatically syncs with the GravityZone console to receive configuration policies and tasks and to send status or security events.
Protected virtual machines from your VMware Tanzu deployment will show up in the GravityZone Network inventory. Depending on your IaaS and inventory integrations configured in GravityZone, the virtual machines will show up in GravityZone under your IaaS infrastructure, Active Directory inventory or Custom Groups (in the custom folder configured in the package settings).
Click a VM in the Network inventory to see if protection is installed and check protection details.
Manage protection settings
Protected virtual machines are assigned a default policy, but you may want to create a dedicated policy for your Pivotal Platform deployment to configure or customize specific settings, such as:
Security Servers to connect to, in case Bitdefender Endpoint Security Tools is configured to use the Central Scan engine.
Local Relay endpoint to connect to, for optimized update traffic.
Protection settings specific to your VMware Tanzu environment.
Disable Windows agent graphical user interface to minimize resource consumption.
Assign the policy to the folders where the VMs from your VMware Tanzu deployment will be added.
Important
VM instances may appear as failing during product updates, when the services are restarted. To avoid this situation, you can disable the automatic product updates in the GravityZone security policy.
To make sure the Bitdefender agents are up-to-date, you can either run an Update task from GravityZone or redeploy your instances once new Bitdefender agent kits become available.
Monitor protection and security events
To monitor protection, you can check the activity reports in GravityZone or configure notifications to be sent for specific status or security events via email or syslog.