Before you post with simple links to the "how to" or KB articles or all of the "about" documents, please note the following:
I've read and followed all of the links and suggestions at this thread:https://www-secure.symantec.com/connect/forums/shared-insight-cache-1212-vshield-security-virtual-appliance-status-unknown
I've read and followed the links in this page,
http://www.verious.com/article/symantec-endpoint-protection-terminology-guide-concepts-technologies-terms-part-3-s-z/#Security Virtual Appliance (SVA)
which also include these links:
About the Symantec Endpoint Protection Security Virtual Appliance
http://www.symantec.com/docs/HOWTO81080
VMware software requirements to install a Symantec Security Virtual Appliance
http://www.symantec.com/docs/HOWTO81081
Installing a Symantec Endpoint Protection Security Virtual Appliance
http://www.symantec.com/docs/HOWTO81083
Configuring the Symantec Endpoint Protection Security Virtual Appliance installation settings file
http://www.symantec.com/docs/HOWTO81082
We have 2 VM hosts. We placed a Symantec SVA under each host as per instructions. We properly configured the install XML files as per instructions.
We have not only done that, but we've done it at least 3 times. When there were issues, we properly uninstalled/removed using the correct documented process and tried again.
They are running, they are accessable, they can be "pinged". When I use VMWare's interface/console and shut one down, I get an email stating it is offline.
When a client or other "entity" can't communicate with one, it shows a log entry stating it can't communicate with it.
So they are up, they are running.
HOWEVER, they are doing nothing.
I get the status unknown in the console, and there is never any incrementing of the stats in vshield or the SVA itself. 0 accesses. They aren't being utilized.
Here are screenshots to show what we have, how it's configured to a point, and what I mean by certain errors. I can supply much more if/as needed.
Bottom line - after 8 months of trying, we can't make these things do anything other than sit there taking resources and looking pretty.
This one shows that I have the proper settings enabled in SEPM - telling the AV settings to use the shared insight cache via vShield.
This one shows that the VDI clients/desktops are alive, online, status good in SEPM, they ARE communicating exactly like physical desktops as far as SEPM - as far as policies, management, etc. This also shows the current SEP version on the VDI desktops, and current date and time showing they have been updating their "status" to SEPM just fine. No problems at all there. The ONLY problem is lack of use of the SVA.
This shows that the properties of the client as SEP sees it is correct - it is virtual, it is VMWare, ah, but the SVA is "unknown".
And this is what the SVA looks like in the VMWare console - (sorry but due to our nature I had to redact some things for security and privacy,etc. but this shows the meat of the beast and what's needed)
So, what's up?
Unless you have new info - please don't repost the same links that were in those other pages or threads. I always do extensive and exhaustive searches before posting here. If there is something new since say last August, or later, that's different. I GAVE UP as making these work seemed hopeless - no one has any good info at all, no details, including VMWare - and Symantec themselves. It's almost as if this was a purchased product and not fully documented as so far few people know squat about the Symantec SVA - and the info you do find is totally incorrect! I still see VM posts that state the SVA off-loads scanning and so on - direct from VMWare people right in their KB docs!! WOW, they don't even know their own partner.