Virtual machine (VM) systems provide a guest operating system (OS) with a virtual execution platform comprising virtual hardware subsystems configured to emulate corresponding physical hardware subsystems. An instance of the virtual execution platform configured to execute the guest OS is commonly referred to as a guest virtual machine (GVM). In a typical VM system, an arbitrary number of GVMs may execute on a common host server system. Each GVM may operate independently with respect to other GVMs and may communicate with the other GVMs, for example via an emulated network interface. The host server system should be configured with adequate computational and memory resources to support the GVMs.
Software applications may be installed and operated within the GVM as though installed and operated on a physical computer system. In many scenarios, a GVM may require certain system services in addition to generic OS functions. One type of system service is provided by an anti-virus software application, which is typically configured to scan user and system files for known virus signatures. Patterns and methods for detecting known viruses are typically maintained by the anti-virus software within a virus signature database that is updated from time to time as new viruses are discovered. If a known virus is found in a certain file, the file may be quarantined, disabled, or modified to remove the virus, based on policy settings for the anti-virus software.
Anti-virus software is conventionally installed within a guest OS and operates as if installed on a physical computer system. The virus signature database is typically updated via a network connection from the guest OS to an anti-virus service provider that identifies and publishes signatures of newly discovered viruses. As new virus signature database information becomes available, each guest OS is conventionally required to update a local copy of the virus signature database stored within the guest OS file system. Separately updating and storing numerous independent guest OS virus signature database copies is inefficient and may lead to discrepancies in anti-virus protection among a group of guest operating systems. In certain cases, the anti-virus software application also needs to be updated for each guest OS, compounding this inefficiency.