I am new to McAfee, I have the ePO 5.1.0 server up and running but I guess I am missing some understanding on the "MOVE" and the virus scanning...
We have "MOVE" that should cover our VM's correct? or should we still install the AV agent on our servers? Exchange, Sharepoint? or since the MOVE will be covering them then we can not worry about pushing the AV agent out to our servers?
if there is any documentation that you could point me to that would be great.
P.S - I am sure i will have more questions...
Hi there, move is designed to replace VSE on guest VMs and is designed for these architectures.
Can I ask which version your question relates to, Servers ie hypervisors or Desktop ie VDI?
We are deploying both and I can share my understanding for both which are slightly different.
With MOVE for SERVER ie Hypervisors, and in your case specificlly VMWare ESX, the vShield Manager is used to make the communications at the hypervisor tier between the Guests using the VMWare communications vShield plugin, this ios managed through the vShield Manager, this is achieved by the vShield API sending requests for scans from the guests to the SVA.
Each hypervisor has an SVA (Security Virtual Appliance) deployed to it in OVF format, which acts as the scanning engine for that Host.
If you look at page 7 here https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/24000/PD24625/en_US/... it breaks down the architecture for you.
I hope this help, but in short you dont need VSE on your guests since the SVA carries out scanning requests on behalf of the guests via the vShield Endpoint API.