Hi all - I am fairly new to MVM and pointers on the following would be most appreciated. thanks in advance.
For vulnerability scans, I see duplication on the reports due to endpoints with multiple IP addresses. This causes some pain as the output then needs further manual intervention before it can be presented to stakeholders. Is there a way to manage this better from within MVM?
MVM will try to group Systems with multiple IP Addresses back to the same AssetID number. Standard reports from MVM are all scan based, however you can create some custom reports that are asset based, To do this you need to go into the Reports --> Generate Custom Reports section in the MVM GUI. There are some sample reports you can play with that are Asset based.
Also if you find MVM isn't properly identifying systems with multiple interfaces you can change the Asset identification rules within the Manage --> Assets section in MVM. A link to the rules should be found at the end of that page.
Its a McAfee knowledge base article that outlines where MVM places a file on the target device it scans in order to uniquely identify it.