Software-Defined Networking (SDN) is an evolving networking paradigm that still faces shortcomings that have to be overcome. A logical overlay network that is implemented over a physical network infrastructure of a hosting system for a tenant of the hosting system is a good example of SDN. A logical network, logically connects different virtual machines (VMs) of a tenant, which run on one or more host machines, to each other and to other end machines (i.e., physical and/or virtual machines) of other external networks (i.e., physical and/or logical networks). Today, one of the challenges in implementing a logical network is to employ reliable data security systems provided by reputable data security vendors for the different end machines that are logically connected to the logical network.
In order to overcome this challenge, currently, a few products such as vShield Endpoint (from VMware Inc.) allow security applications (e.g., third-party antivirus/antimalware applications) to schedule and perform security scans on a particular set of virtual machines (e.g., VMs of a tenant) through separate security appliances that run on the host machines. These security appliances, however, schedule security scans to be performed on the VMs regardless of the current state of the VMs and the load on each VM and across the VMs of a host machine. For example, a security program may schedule a security scan on a VM when the CPU usage of the VM is very high, or when the available virtual disk and/or RAM of the VM is very low, which could result in negating the efficiency and benefit of a security scan.