Good day to all.
Is configuring "mvadm disable" the only valid way to disable MOVE in a client? Can't this be done through ePO? This is because it would be time consuming to RDP into each VM just to disable the agent.
Thanks in advance.
You can absolutley achieve this via ePO - if not, ePO would be rather redundant :-)
If you navigate within ePO to your MOVE AV > On Access Scan policy you can disable On-Access Scanning > this would essentially be the same as mvadm disable
If you run mvadm status you still see protection enabled?
That sounds like your policies aren't being taken by the endpoint then. You may need to look at your McAfee Agent and check it's communicating fine. It sounds like your policy isn't reaching the client.
You could potentially also try assigning a new policy to the system, potentially it or a related policy is corrupted.
In general, by changing the mentioned OAS policy, you should see protection disabled under mvadm status