Antivirus vendor Trend Micro Monday announced the first virtualization-aware endpoint security software, Trend Micro OfficeScan 10.5.

The software, designed to work in either a Citrix XenDesktop or VMware View Virtual Desktop Infrastructure (VDI) environment, as well as on physical desktops, senses when it's running in a virtualized environment, then adjusts how and when it runs scans and updates, to avoid overloading the server's CPU, storage or networking operations.

Trend Micro expects to release the software by the end of next month.

Other new features include the ability to manage up to 20,000 physical and virtual desktop endpoints from a single OfficeScan console, full compatibility with Windows 7-- including Windows 7 Action Center (the operating system's one-stop shop for security information and system maintenance) as well as better role-based administration for delegating administration, as well as Active Directory synchronization.

Is there demand for VDI-aware antivirus? According to a 2009 study by the Enterprise Strategy Group, nearly two-thirds of enterprises have a desktop virtualization strategy, and in the next three years, almost half of them expect to virtualize 50 percent of their desktops.

"VDI is a phenomenon that we thought was a ways out, but just in last six to nine months is something we have seen more interest in," said Punit Minocha, Trend Micro's senior vice president for datacenter and cloud.

"What we see is that enterprises will start to virtualize pockets of their enterprise," he said, and for two reasons. The first is that server virtualization has saved businesses big bucks, and now senior executives want to know if it can work for desktops too.

Next there's the question of upgrading Windows. "A significant portion of enterprises out there going through refresh cycle, a lot of them skipped Vista and are now looking at Windows 7, and they're [wondering], should we incorporate VDI as part of that refresh cycle?" he said.

In situations where organizations use a very locked-down virtual desktop -- for example, on a trading floor or in a call center -- having an antivirus agent running on the desktop may not be required; an appliance may suffice. But for knowledge workers, said Minocha, PC-based antivirus agents are a must.

Antivirus agents, however, are virtual environment resource hogs. Run 50 or 100 virtual desktop images on the same server and you'll likely encounter the so-called "9AM problem" when employees start up their virtual desktops, and everyone's antivirus attempts to both "phone home" to update signatures and scan the entire virtual disk, all at the same time. Since they're all running on the same server, however, it can slow to a crawl.

With Trend Micro's VDI-aware antivirus, however, the virtual desktops on any given server are only allowed to run their antivirus scans serially, thus eliminating the performance hit. Furthermore, IT managers can white list the applications contained in virtual desktop base images, to eliminate the need to scan them further.

As a result, by using VDI-aware antivirus, "people can more than double the number of desktop hosts without sacrificing performance," said Trend Micro product marketing manager Joerg Schneider-Simon.