Information
The VMsafe CPU/memory API allows a security virtual machine to inspect and modify the
contents of the memory and CPU registers on other VMs, for the purpose of detecting and
preventing malware attacks. A VM must be configured explicitly to accept access by the
VMsafe CPU/memory API. This involves three parameters to perform the following:
1. Enable the API.
2. Set the IP address used by the security virtual appliance on the introspection
vSwitch.
3. Set the port number for that IP address.
The second parameter must be set correctly in the vmsafe.agentAddress option in the
virtual machine configuration file for any VMs that should be protected by the API.
*Rationale*
An attacker might compromise the VMs by making unauthorized use of the introspection
channel provided by the API.
Solution
To configure the VMsafe Agent Address correctly, perform the following steps:
1. If the VM is not being protected by a VMsafe CPU/memory product, remove vmsafe.agentAddress from the virtual machine configuration file.
2. If the VM is being protected by a VMsafe CPU/Memory product, set vmsafe.agentAddress to the correct value.