Sophos Anti Virus can be deployed to use vShield Endpoint. First install vShield and enable Endpoint for each ESXi host that is hosting VMs that need protecting, steps can be found here.
Sophos Enterprise Console must configured on the network with a VMware vShield network share, this share for the latest updates.
Enterprise Console set up here
To deploy Sophos Secure Virtual Machine (SSVM) follow these steps.
Download the installer and extract to the local drive.
Choose to install and new SSVM. From here it is possible to remove an existing SSVM or view protected VMs. Viewing Protected VMs is worth running through once the SSVMs are deployed.
Add the vCentre details. You must have two service accounts here, one with Administrator role and one for Read-Only. Add these account to the Administrator and Read-Only roles in vCentre.
Enter the vShield details, the account used can be the administrator account added previously.
Pick the hosts required. To add multiple hosts it is required to use DHCP make sure the subnet assigned is enabled for DHCP. To add a static IP address add each host manually. Note – to change the IP address of a SSVM it must be removed and re installed. Make sure its right the first time.
Add the network share setup with the relevant account.
Add a support password, this is a new password and will be required for future operations such as viewing protected VMs.
Choose a time zone and move onto assigning IP addresses. As above if you want a static IP address deploy each SSVM one by one.
Choose a datastore with enough free space, 20GB free is required. Each SSVM should be pinned to the host it is deployed to, there is an option to select only local datastores, this is fine but bare in mind in large environments the local disks may not be up to the demand in which case shared storage on a performance array will be a better choice.
Choose the network, this network must be able to route to the Enterprise Console server. If you have selected multiple hosts make sure DHCP works on this network.
All being well they should deploy one at a time.
If they fail there is an installation log within the extracted folder. The SSVM will check into the Enterprise Console at which point create new policies or add them to existing policies.