Hi everyone
When McAfee Move Agentless scan the file find malware .
We can watch source for this file ? Which system in VM? Or just can watch ip address.
thank
Abel pan
Solved! Go to Solution.
Hi @abel_pan
Yes you can see the host name of the source machine. You need to make sure that SVA-Policy has the vcenter Administrator credential. It will show you the Hostname of the machine.
This are the details you will see for SVA(Which Is detecting the malware)
These are the details you will see the Clients where the malware found.
In agentless scenario we do not have Agent installed on the actual client machines hence all the information like ENS/VSE threat event wont populate. However since MOVEAgentless depends on Vsphere extension which pulls the entire Vcentner architecture into EPO, you will see all the client machines details in System tree though the machines are in unmanaged state.
Hi @abel_pan
Yes you can see the host name of the source machine. You need to make sure that SVA-Policy has the vcenter Administrator credential. It will show you the Hostname of the machine.
Thank you for your prompt reply .
So I can watch hostname in vm client via vcenter . but other detail can watch ?
Like ip address or MAC address , and so on .
Abel pan
This are the details you will see for SVA(Which Is detecting the malware)
These are the details you will see the Clients where the malware found.
In agentless scenario we do not have Agent installed on the actual client machines hence all the information like ENS/VSE threat event wont populate. However since MOVEAgentless depends on Vsphere extension which pulls the entire Vcentner architecture into EPO, you will see all the client machines details in System tree though the machines are in unmanaged state.
That detail content was very complete and Very useful.
thank
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA