I am stuck in the middle of my MOVE Agentless scan policy configuration.
I am not able to exclude Process exclusions in MOVE SCAN Policy. I had raised the concern with McAfee support they just asked me to raise PER(product enhancement) for the same.
I don’t know what they will do with this case.
Can someone please suggest me how I can exclude processes from MOVE Scan
policy, I have around 50-60 process exclusions.
Your any comment will be highly appreciated
you are absolutely right. Configuring process exclusions is not possible when using Move Agentless.
Move is connecting via vShield API to the ESX host. The VmWare vShield does not provide process information. Therefore configuring process exclusions is not possible.
Thank you Troja for information
Do you have any idea whether we can exclude below processes.
If we dont add these exclusions in scan policy we may face lot of issues like system and database performance issues.
do you mean file-extension exclusions? 🙂
There are several wildcards possible. There is an knowledgebase article available which describes it in detail.
The MOVE Agentless does not have process exclusions and this is a limitation with VMware API.
The MOVE Multiplatform does have the process exclusions.
We have chosen agentless option to protect our virtual environment. this is
quite reliable over multiplatform, since it scans at hypervisor level that is
also good for server performance.
So, we are moving from Multiplatform to agentless solution.
It is very hard to skip agentless just because of process exclusions,
KB82110 tells how we can protect process in the form of its complete path
exclusions using wildcards.
Yes! I know it’s a pain to add each path against your process.