Which functionalities require the installation of an Agent in combined mode when using NSX for vShield Endpoint?

When utilizing NSX for vShield Endpoint, the functionalities that necessitate the installation of an Agent in combined mode relate specifically to Intrusion Prevention and Firewall features. In this context, combined mode refers to the deployment of an agent that integrates both network and host-based security capabilities.

Intrusion Prevention is a critical function for identifying and blocking potential threats at the network level, while the Firewall capabilities safeguard the host by controlling incoming and outgoing traffic based on predetermined security rules. Having the Agent installed in combined mode allows for seamless collaboration between these two functionalities, enhancing the overall security posture of the environment.

The other functionalities mentioned—such as Anti-Malware and Integrity Monitoring, Web Reputation and Access Control, and Log Monitoring and Threat Intelligence—can be effectively managed without requiring the combined mode installation. They may leverage either network-focused or host-focused approaches independently, highlighting that not all security functions necessitate the same deployment strategy.