• When planning to deploy third-party security agents on your vSphere infrastructure, you encounter uncertainty about compatibility and support coverage. You need to understand whether VMware provides installation support for security solutions from vendors such as Palo Alto Networks, CrowdStrike, or other endpoint protection providers. This uncertainty can delay security compliance initiatives and may require you to seek exception approvals or alternative deployment strategies.
  
  

Some descriptions of this issue that we've seen:

• We have a new security from pal alto and was curious if the CORTEX agent is supported on the ESXi hosts and the other VMware appliances such as ARIA  or NSX.

Seen in:

• vCenter Server 7.0 and later
• ESXi 7.0 and later
• NSX 4.0 and later
• Aria Operations 8.10 and later

This question arises because VMware's support model is designed to provide break/fix assistance for VMware products and their native APIs. Third-party security agents are developed and maintained by external vendors. The integration responsibility lies with the third-party vendor to ensure their product works correctly with VMware APIs, rather than VMware providing installation or configuration support for external products.

Follow these steps to determine the appropriate support path for third-party security agent deployment:

1. Contact the third-party vendor (such as Palo Alto Networks, CrowdStrike, or other security provider) to confirm compatibility with your specific VMware environment versions.

2. Request integration documentation from the vendor that details their supported VMware API usage and deployment requirements.

3. Verify VMware API prerequisites by checking that your vCenter Server has the necessary permissions and API access enabled for third-party integrations.

4. Obtain vendor-specific installation guidance including any required VMware configuration changes or prerequisites.

5. Test the deployment in a non-production environment following the vendor's documentation.

6. Contact VMware support only if the third-party vendor identifies a specific VMware API failure or if VMware product functionality is impacted during integration testing.

7. Document any compatibility limitations for your organization's security compliance and exception processes if needed.

When to engage VMware support

• VMware APIs return unexpected errors during third-party integration
• VMware product functionality is degraded after agent installation
• vCenter Server, ESXi, or other VMware components fail to respond to documented API calls

When to engage third-party vendor support

• Agent installation or configuration issues
• Agent functionality problems
• Performance impact from the security agent
• Integration setup and initial deployment

For more information, see:

• VMware vSphere Automation REST API Programming Guide
• VMware Technology Alliance Partner Journey
• Broadcom Product Interoperability Matrix
  
  • This has matrices for some specific third-party solutions