Management for Optimized Virtual Environments (MOVE) AntiVirus is optimized for protecting virtual environments such as Virtual Machines running virtualization (hypervisor) software like VMware ESX, Citrix Xen Server or Microsoft HyperV. It removes the need to install an anti-virus application on every virtual machine (VM) by offloading all scanning to a dedicated security virtual machine (SVM) so that customers get the protection they need without sacrificing performance. McAfee MOVE AntiVirus supports agentless deployment for VMware NSX and VMware vCNS and multi-platform deployment for all major hypervisors.
This new release is focused on helping customers achieve the following outcomes for their private cloud deployments:
The software includes two deployment options, “Multi-Platform” and “Agentless”. Both options provide consistent protection and are managed and reported on by McAfee ePO. For an explanation of the differences, see the customer documentation such as the Release Notes.
This release supports Windows Server 2016 (64-bit) for McAfee MOVE AntiVirus SVM and client
This release supports both SHA-1 and SHA-256 lookup for McAfee® Threat Intelligence Exchange (TIE) reputation request and change event with McAfee MOVE AntiVirus. You can import TIE reputations XML file or a single file reputation by selecting Menu | Systems | TIE Reputations | File overrides | Actions | Import Reputations, so that global and local caches are updated with SHA-256 reputation for the respective file.
This release supports TIE 2.0.0 integration for quickly analysing files and content from the McAfee MOVE AntiVirus SVM in your environment and taking informed security decisions. TIE provides context-aware adaptive security for your virtual environment.
This release supports Advanced Threat Defense 3.8.0 and Virtual Advanced Threat Defense 3.10 for a multi-layered solution that involves various techniques to scan and detect the malware.
The operating system for SVM Manager is upgraded to Ubuntu 16.04 in this release. Before installing McAfee MOVE AntiVirus 4.5.0 or upgrading an existing version of McAfee MOVE
AntiVirus, you must create the SVM Manager appliance (virtual machine) by deploying the SVM Manager OVF package and configuring a VM network for communication with the SVM Manager.
In this release, TDI driver is ported to Winsock Kernel.
The remediation functionality in Cloud Workload Discovery 4.5.0 is used to secure instances in your network by installing McAfee MOVE AntiVirus (Multi-Platform) and correcting your firewall settings. After visualizing your cloud account structure, and seeing which systems are at risk, you can activate any missing protection with just few clicks. For details about remediation, see the product documentation for Cloud Workload Discovery.
Optimizes file scanning for files where the previous scanning is timed out for reasons such as large file size, file structure, and file composition. You can configure and schedule your targeted on-demand scan using McAfee ePO. For details, see the McAfee MOVE AntiVirus 4.5.0 Product Guide.
The operating system for McAfee MOVE AntiVirus SVM is upgraded to Ubuntu 16.04 in this release.
In this release, both user and kernel space updates are enabled by default.
Unified Product: Historically, MOVE was made available to customers as two separate packages (MOVE AntiVirus (Multi-Platform) & MOVE AntiVirus (Agentless)). Due to the Unified policy in 4.5 and the new, single combined ePO extension, MOVE 4.5 is available as a smaller set of packages.
GUI Changes: Because of all the new features and enhancements, the MOVE 4.5 GUI’s in ePO have changed significantly from MOVE 3.x.
Upgrade Support: MOVE AntiVirus (including the Migration Assistant) supports upgrade from MOVE 2.6.2 (Multi-Platform), 3.5.1 (both Multi-Platform and Agentless) and 3.6.1 (both Multi-Platform and Agentless). Because of the unification of Multi-Platform and Agentless policies and the separation of scan policies, MOVE 2.6.2 and 3.x customers need to carefully plan and do Agentless and Multi-Platform policy and client task migration as part of the upgrade process. To help customers do this, there is an ePO extension available that will install the MOVE AntiVirus Migration Assistant and a Migration Guide which explains the correct process.
MOVE 2.6.2 Customers Should Upgrade: There is a significant proportion of MOVE customers still using MOVE 2.6.2, which was End Of Life (EOL) on April 1, 2016. These customers need to migrate/upgrade to MOVE 4.5, using the Migration Assistant and Migration Guide mentioned above.
MOVE Scheduler: There is no new version of MOVE Scheduler. The latest version of MOVE Scheduler continues to be 2.5.2 but that functionality is now available in MOVE 4.5.
McAfee Agentless Firewall (McAfee MOVE Firewall): There is no new version of McAfee Agentless Firewall (McAfee MOVE Firewall). The latest version of MOVE Firewall continues to be 3.5.
EOL Dates can be seen via the main Intel Security Product & Technology Support Lifecycle (EOL Information page)
The product packages and documentation are available now from Intel Downloads behind appropriate grant numbers such as “McAfee MOVE AV for Virtual Desktops”, “McAfee MOVE AV for Virtual Servers” and McAfee Server Security Suites (multiple download locations).
The product packages and documentation are also available via the McAfee ePO Software Manager from the ePO Console.
Localization – MOVE AntiVirus 4.5 and documentation is available in English only.
PD26804 - Management for Optimized Virtual Environments AntiVirus 4.5 Release Notes
PD26805 - Management for Optimized Virtual Environments AntiVirus 4.5 Product
PD26806 - Management for Optimized Virtual Environments AntiVirus 4.5 Installation Guide
PD26807 - Management for Optimized Virtual Environments AntiVirus 4.5 Guide Migration Guide
KB87402 - MOVE AntiVirus Agentless 4.x Known Issues
KB87401 - MOVE AntiVirus Multi-Platform 4.x Known Issues
KB83964 - FAQs for Managed Optimized Virtual Environments (MOVE)
KB74865 - Supported Platforms, Environments, and Operating Systems for MOVE