Q: What's introspection as it relates to vShield and virtual machine (VM) anti-malware?

A: Traditional anti-malware technologies are sometimes poorly suited for virtual environments. Improperly tuned anti-malware processes can consume a lot of resources, such as processing power and memory, and affect storage performance.

Offloading anti-malware activities away from the VM is a way to overcome these limitations. One mechanism to offload these activities is introspection, a technique that uses a virtual platform’s hypervisor layer to monitor VM activity from outside of the VM.

The most noted product available that uses introspection is VMware vShield Endpoint, part of VMware’s vShield security suite. Third-party solutions like Trend Micro’s Deep Security can also integrate with vShield Endpoint. Projects in the public domain for the Xen hypervisor are similarly available.