Showing results for 
Show  only  | Search instead for 
Did you mean: 

McAfee MOVE AntiVirus 4.5

What is MOVE AntiVirus ?

Management for Optimized Virtual Environments (MOVE) AntiVirus is optimized for protecting virtual environments such as Virtual Machines running virtualization (hypervisor) software like VMware ESX, Citrix Xen Server or Microsoft HyperV. It removes the need to install an anti-virus application on every virtual machine (VM) by offloading all scanning to a dedicated security virtual machine (SVM) so that customers get the protection they need without sacrificing performance.  McAfee MOVE AntiVirus supports agentless deployment for VMware NSX and VMware vCNS and multi-platform deployment for all major hypervisors.


New Features in MOVE AntiVirus 4.5

This new release is focused on helping customers achieve the following outcomes for their private cloud deployments:

  • Faster threat detection and correction
  • Better coordinated threat defense across security solutions
  • More efficient resource utilization
  • Streamlined management of agentless and multi-platform deployments
  • Increased scanning precision and control

The software includes two deployment options, “Multi-Platform” and “Agentless”. Both options provide consistent protection and are managed and reported on by McAfee ePO. For an explanation of the differences, see the customer documentation such as the Release Notes.


Multi-Platform New Features

New Windows Platform Support

This release supports Windows Server 2016 (64-bit) for McAfee MOVE AntiVirus SVM and client


Support for SHA-256 for TIE integration

This release supports both SHA-1 and SHA-256 lookup for McAfee® Threat Intelligence Exchange (TIE) reputation request and change event with McAfee MOVE AntiVirus. You can import TIE reputations XML file or a single file reputation by selecting Menu | Systems | TIE Reputations | File overrides | Actions | Import Reputations, so that global and local caches are updated with SHA-256 reputation for the respective file.


Support for Threat Intelligence Exchange 2.0

This release supports TIE 2.0.0 integration for quickly analysing files and content from the McAfee MOVE AntiVirus SVM in your environment and taking informed security decisions. TIE provides context-aware adaptive security for your virtual environment.


Support for Advanced Threat Defense 3.8.0 and Virtual Advanced Threat Defense 3.10

This release supports Advanced Threat Defense 3.8.0 and Virtual Advanced Threat Defense 3.10 for a multi-layered solution that involves various techniques to scan and detect the malware.


Upgraded operating system for SVM Manager

The operating system for SVM Manager is upgraded to Ubuntu 16.04 in this release. Before installing McAfee MOVE AntiVirus 4.5.0 or upgrading an existing version of McAfee MOVE

AntiVirus, you must create the SVM Manager appliance (virtual machine) by deploying the SVM Manager OVF package and configuring a VM network for communication with the SVM Manager.


Transport Driver Interface (TDI) driver to Winsock Kernel migration

In this release, TDI driver is ported to Winsock Kernel.


McAfee MOVE AntiVirus integration with Cloud Workload Discovery for remediation

The remediation functionality in Cloud Workload Discovery 4.5.0 is used to secure instances in your network by installing McAfee MOVE AntiVirus (Multi-Platform) and correcting your firewall settings. After visualizing your cloud account structure, and seeing which systems are at risk, you can activate any missing protection with just few clicks. For details about remediation, see the product documentation for Cloud Workload Discovery.

Agentless New Features

Targeted On-Demand Scan

Optimizes file scanning for files where the previous scanning is timed out for reasons such as large file size, file structure, and file composition. You can configure and schedule your targeted on-demand scan using McAfee ePO. For details, see the McAfee MOVE AntiVirus 4.5.0 Product Guide.


Upgraded operating system for McAfee MOVE AntiVirus SVM

The operating system for McAfee MOVE AntiVirus SVM is upgraded to Ubuntu 16.04 in this release.


User and kernel space updates

In this release, both user and kernel space updates are enabled by default.

“Multi-Platform” deployment option

  • Integration with TIE and ATD
    • Provides multi-layered protection, including local reputation intelligence, sandbox testing and automatic immunization when malware is detected.
    • Historically, MOVE took advantage of McAfee Global Threat Intelligence (GTI), an exclusive technology based on real-time information from millions of sensors worldwide, which provides threat intelligence. However, threat information is even more valuable when complemented with local data, and users can now also leverage McAfee Threat Intelligence Exchange (TIE), a separate module sold separately, for local intelligence.  Along with TIE, McAfee Advanced Threat Defense (ATD) can also be used to analyze the behavior of unknown applications in a sandbox. All virtual endpoints can, therefore, be automatically immunized from newly detected malware.
  • Integration with NSP Virtual IPS
    • Results in unified perimeter and virtual machine protection to protect from threats whether they emerge from the endpoint or in the network
  • SVM Auto-scaling
    • Automatically adds or removes SVMs as demand fluctuates
  • Unification of MOVE Anti-Virus policies
    • The new, single, combined ePO extension enables administrators to configure security policies for agentless and multi-platform deployments from a single, centralized console / GUI (in ePO).
  • Separation of Scan Policies
    • MOVE AntiVirus 4.5 supports both On-Demand Scan and On-Access Scan and they are available as separate policies under “MOVE AntiVirus 4.5”
  • Migration Assistant

“Agentless” deployment option

  • Unification of MOVE AntiVirus policies
  • Separation of Scan Policies
  • Migration Assistant
  • Scanning files on network drives


Additional Information about MOVE AntiVirus 4.5


Unified Product: Historically, MOVE was made available to customers as two separate packages (MOVE AntiVirus (Multi-Platform) & MOVE AntiVirus (Agentless)). Due to the Unified policy in 4.5 and the new, single combined ePO extension, MOVE 4.5 is available as a smaller set of packages.


GUI Changes: Because of all the new features and enhancements, the MOVE 4.5 GUI’s in ePO have changed significantly from MOVE 3.x.


Upgrade Support: MOVE AntiVirus (including the Migration Assistant) supports upgrade from MOVE 2.6.2 (Multi-Platform), 3.5.1 (both Multi-Platform and Agentless) and 3.6.1 (both Multi-Platform and Agentless). Because of the unification of Multi-Platform and Agentless policies and the separation of scan policies, MOVE 2.6.2 and 3.x customers need to carefully plan and do Agentless and Multi-Platform policy and client task migration as part of the upgrade process. To help customers do this, there is an ePO extension available that will install the MOVE AntiVirus Migration Assistant and a Migration Guide which explains the correct process.


MOVE 2.6.2 Customers Should Upgrade: There is a significant proportion of MOVE customers still using MOVE 2.6.2, which was End Of Life (EOL) on April 1, 2016. These customers need to migrate/upgrade to MOVE 4.5, using the Migration Assistant and Migration Guide mentioned above.


MOVE Scheduler: There is no new version of MOVE Scheduler. The latest version of MOVE Scheduler continues to be 2.5.2 but that functionality is now available in MOVE 4.5.


McAfee Agentless Firewall (McAfee MOVE Firewall): There is no new version of McAfee Agentless Firewall (McAfee MOVE Firewall). The latest version of MOVE Firewall continues to be 3.5.

End Of Life (EOL) Dates for Previous Versions of MOVE


EOL Dates can be seen via the main Intel Security Product & Technology Support Lifecycle (EOL Information page)

  • MOVE AV 2.6.x & MOVE 3.0 – April 1, 2016
  • MOVE 3.5 – October 31, 2016
  • MOVE 3.6 – June 30, 2017
  • MOVE Scheduler – August 8, 2017
  • VirusScan Enterprise for Offline Virtual Images (OVI) 2.x – July 31, 2015


Download Location, Localization & Documentation

The product packages and documentation are available now from Intel Downloads behind appropriate grant numbers such as “McAfee MOVE AV for Virtual Desktops”, “McAfee MOVE AV for Virtual Servers” and McAfee Server Security Suites (multiple download locations).

The product packages and documentation are also available via the McAfee ePO Software Manager from the ePO Console.

Localization – MOVE AntiVirus 4.5 and documentation is available in English only.


PD26804 - Management for Optimized Virtual Environments AntiVirus 4.5 Release Notes

PD26805 - Management for Optimized Virtual Environments AntiVirus 4.5 Product

PD26806 - Management for Optimized Virtual Environments AntiVirus 4.5 Installation Guide

PD26807 - Management for Optimized Virtual Environments AntiVirus 4.5 Guide Migration Guide


Additional Resources

KB87402 - MOVE AntiVirus Agentless 4.x Known Issues

KB87401 - MOVE AntiVirus Multi-Platform 4.x Known Issues

KB83964 - FAQs for Managed Optimized Virtual Environments (MOVE)

KB74865 - Supported Platforms, Environments, and Operating Systems for MOVE

Version history
Revision #:
3 of 3
Last update:
‎03-29-2018 08:19 AM
Updated by:

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community