Showing results for 
Search instead for 
Did you mean: 

Controlling Virtual Machine use w/ HostChecker in MAC

Not applicable

Controlling Virtual Machine use w/ HostChecker in MAC

Hi Everybody.

I want to know if is possible to control with host checker in MAC the uses of Virtual Machines.

I want to control the traffic when a user is connected by VPN.


- Disable split tunneling ( to avoid other channel connection to Internet)
- Enable route monitor (control the manipulation of endpoint routes)
- Enable Host Checker (to check AV, Patch management, local process)

The inconvenient is with the VM's in the Endpoint. If a user has a VM can bypass my controls and navigate out of vpn tunnel into the VM. I was thinking to unable the vpn access if the user has a VM up with host checker (In MAC).

Somebody did it? Somebody control VM running in MAC with host checker?

Best regards!


Occasional Contributor

Re: Controlling Virtual Machine use w/ HostChecker in MAC

Hi Javier,


Under MAC OS you have the following options for Host Checker checking:

- antivirus
- firewall
- antispyware
- ports
- process
- file


So I think process checking would be useful here. Just just need to check which processess are running VM service, but that wouldn't be so hard I guess.


And you can put rule like this:

Host Checker Policy - rule type: process: rule name > Process name (for example /usr/lib/vmware/bin/vmware-vmx) - ACTION: DENY!


You than enable this host checker rule checking on realm or on role, depending what is your configuration / role assignment.


Haven't played with this, since I don't have Mac.