cancel
Showing results for 
Search instead for 
Did you mean: 

MOVE Agentless systems become unmanaged randomly

Hi,

my company adopts the following products to manage VMs protection:

ePO 5.9

MOVE Agentless 4.5.1

NSX Manager 6.3

vCenter 6.5

I have deployed the MOVE SVM using the procedure described in the MOVE 4.5.1 installation guide in an NSX environment. After the first deployment all the SVMs have been automatically registered successfully on ePO with managed state equal to "Managed".

Happens that randomely these MOVE systems become "unmanaged" for a while and then return in the "Managed" state, but located under the vShere group in the system tree instead of under the group i have previously created with the IP sorting criteria enabled.

How can i prevent that MOVE systems become unmanaged?
Thanks

6 Replies

Re: MOVE Agentless systems become unmanaged randomly

Hi,

could it e a problem related to the cloud workload extension?

Thanks

Tags (1)

Re: MOVE Agentless systems become unmanaged randomly

I have had the same issue for almost 2 weeks now. But in my case I have MOVE Multiplatform in ePO and not Agentless.

McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 4 of 7

Re: MOVE Agentless systems become unmanaged randomly

@JoeMace Do you mean that they no longer show in your system tree? Do you see that they're now in lost and found? What version of MOVE and CWS extensions are you using?

If you do find they've just moved to lost and found, it is likely that you're affected by  known issues in the 4.5.1 versions of the MDCC and vSphere connector extensions where the systems can be moved into the "Lost and Found" group of the system tree following a sync. This issue is outlined in KB90387 

In order to resolve this issue, you must upgrade your extensions to the version included in the MOVE 4.8 bundle. The extensions are backwards compatible, so you could remain on your previous version of MOVE, if desired.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

 

Re: MOVE Agentless systems become unmanaged randomly

@jess_arman 

Thank you for your reply! The MOVE Multiplatform running in 4.5 version systems were getting Unmanaged and being moved to the Vsphere folder. After waiting for quite some time, the systems is getting back to Managed state but will stay on the same folder otherwise a manual enabling sorting of the system is performed or our server task will do the trick which runs in the morning, noontime and in the afternoon. Vsphere connector extensions is already for 4.6 version but I don't think I have this McAfee Cloud Workload Security (CWS) 5.0.x checked in ePO as stated on the article.

McAfee Employee akatt
McAfee Employee
Report Inappropriate Content
Message 6 of 7

Re: MOVE Agentless systems become unmanaged randomly

The issue that jess_arman is referring to, related to the 4.5.1.x versions of the vSphere connector (4.x versions will show as Cloud Workload Discovery) was a result of the Registered Cloud Account syncs using the vSphere connector deleting the systems from ePO.  These system deletions, are not recorded within the ePO Audit log.

When the next sync would run after the deletes occur, we would see all of the systems managed by that vCenter server populate within the vSphere container, because DCC (Data Center Connector), CWD (Cloud Workload Discovery), and CWS (Cloud Workload Security) using the vSphere connector is designed to populate that System Tree container with any systems it discovers under the specified vCenter server that is added to the Registered Cloud Account.  It treated them as new systems and put them there, because it discovered them as new systems, since it had previously deleted them.

The bug fix within the newer CWS 5.x versions prevents the delete from occurring, and since DCC/CWD/CWS does not have any logic to move systems from their current system tree location, we shouldn't continue to see the systems dissappear, and reapper as "unmanaged," which will then change to a "managed" state once the McAfee Agent installed on the re-synecd systems performs its standard ASCI back to ePO (default of 60 minutes).

Would definitely recommend installing the updated CWS extensions to prevent this issue, as it can be fairly problematic when using ePO sorting criteria, and also custom policy assignments.



McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 7 of 7

Re: MOVE Agentless systems become unmanaged randomly

@JoeMace You don't have to check in Cloud Workload Security as the full product to resolve the issue/test with the updated extension versions. The Data Center Connector and the vSphere extensions are sub-extensions of the CWS product that MOVE also utilizes. Since MOVE needs them but is a separate product from CWS, the needed extensions are also packaged in the MOVE extension bundle. So, if you're looking to test, you can just update to the 4.8 MOVE extension bundle and they will be included. Most customers that are licensed for MOVE are not licensed for the CWS product as a whole and as such don't have access to that on your downloads page--it's also unnecessary.

I know that it's all a bit confusing, but I hope that helped clarify.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator