Symantec Endpoint Protection still has no Agentless Virus scan version like Trend or Mcafee with Move. Those use VSHIELD API from VMware and need no direct Software running in the VM. (http://www.vmware.com/pdf/vshield_55_admin.pdf)
BUT test have shown that even with the Agent in the VM/VDI Symantec SEP 12.X is faster in daily tracking, stable status, scanning but only slow if the machine does Virus pattern updates once a day.
Keep in mind that most virus producers only update the main definitions once a day (mcafee 17:00 CET) and the rest is GTI/0-day releases on all three.
So even with the Agent in VDI machines you over the thumb get more or even performance.
Also keep in mind that Virus API like the one from Microsoft has been sources for a lot of trouble, false events and fights the last few years. You can decide if you want that between:
your antivirus producer and MS
- Between your antivirus producer and VMWARE
To mention on that part would be a solution with Hypervisor which mixes up things again.
The problem in general may be not so actual since Netapp and all the new companies who come out with Flash/SSD Storage try to solve it on the other side.
Gartner Magic Quadrant
Mentioned products in terms of VM in those articles:
McAfee's Management for Optimized Virtual Environments (MOVE) has offered optimized anti-malware scanning in virtualized environments for two years, and now MOVE 2.5 offers agentless anti-malware scanning in VMware environments using native vShield API integration.
Symantec does not yet offer an "agentless" version for optimizing anti-malware scanning in virtualized environments (although its shared Insight cache feature can be used to improve performance).
2012 Symantec SEP 12.1 and Mcafee MOVE under VMware 5.X
2012 Symantec SEP 12.1 and Trend
Back in 2011 Trend was faster
2011 Symantec SEP 11, Trend and Mcafee