A VM and its associated guest operating system should be treated the same as a physical machine with regard to a proper security stance given the location and the function of the machine. Standard practices including up-to-date antivirus, anti-malware, and firewall rules should all be implemented. The lack of standard security practices often makes VMs an easy target for attackers. However, vShield Endpoint provides the offloading of traditional AV from each guest OS to a specialized appliance that runs at the hypervisor level. We'll configure vShield Endpoint and a third-party AV solution in a later chapter.