9 Replies Latest reply on Mar 12, 2015 5:58 AM by Troja

    MOVE Agentless For Exchange 2013

    mobin.qasim

      Hi Guys,

       

      Has anyone deployed MOVE Agentless in an environment where you're running Exchange 2013. I've deployed MOVE and now I want to deploy it on ESXi host where I have Exchange 2013 running without any Anti-Virus.

       

      Do I need to add Exchange Exclusions in MOVE AV Scan Policies in ePO for SVA?

       

      Regards,

       

      MQ

        • 1. Re: MOVE Agentless For Exchange 2013
          Troja

          Hi,

          yes, AV exclusions for Exchange 2013 are absolutely important. Otherwise the performance breaks down completely.

          There is a Microsoft Knowledgebase Article available where you can take a look at the recommended AV exclusions.

           

          http://technet.microsoft.com/en-us/library/bb332342%28v=exchg.150%29.aspx

           

          After activation take a look at the load of SVA or scantimeout events on EPO. If the exclusions are configured in the right way, there should be no problem.

           

          Cheers

          • 2. Re: MOVE Agentless For Exchange 2013
            mobin.qasim

            Thanks for the quick reply. I'll configure it and will update how it went.

             

            Cheers

            • 3. Re: MOVE Agentless For Exchange 2013
              pankajbm

              Hi Troja/Mobin,

              I am in the process of configuring SCAN and SVA Policy, and just trying
              consolidating all the exclusions for Database/Exchange/Domino/VDI/XEN/Domain
              controllers/Application servers.

               

              Could you please suggest what will be best practices or best solutions to
              deal with below two-

              To put all the exclusions together and use default policy

              or need to have separate scan policy according to server infra.

               

               

              SCAN Policy.JPG

               

              Thanks

              Pankaj BM

              • 4. Re: MOVE Agentless For Exchange 2013
                Troja

                Hi Pankajbm,

                it depends, because process exclusions are not possible if using Move agentless with vShield

                 

                Normally we try to figure out if the installed systems at the customer are all installed in the same way or not. This means, e.g. is there always the same directory used for exchange installation or not?

                If there to many different installation paths we are splitting the policy for any kind of server (DC, SQL, MXS) and so on. If the systems are installed in the same way we try to manage any exclusion with one policy.

                 

                Cheers

                • 5. Re: MOVE Agentless For Exchange 2013
                  pankajbm

                  Thanks Troja for your reply

                  if all our systems not installed in the same way(not same directory) then we
                  need to have separate policy- is it right?

                   

                  In my case there probably different drive installation been used based on
                  server role.

                   

                  I think best option would be creating separate policy according to server
                  role(DC,SQL,Oracle,MSX) but again this have to perform carefully by considering
                  policy assignment.

                   

                  Thanks

                  Pankaj BM

                  • 6. Re: MOVE Agentless For Exchange 2013
                    Troja

                    Hi,

                    there are many different ways to meet your requirements. I just try to make not too many exclusions in one policy.

                    If there are so may different systems different policies make sense.

                     

                    Optional, if you have several different systems take a look at the "per VM policy" in vhshield. :-)

                    Cheers

                    • 7. Re: MOVE Agentless For Exchange 2013
                      pankajbm

                      Thank you Troja!! its a great help

                      • 8. Re: MOVE Agentless For Exchange 2013
                        pankajbm

                        Hi Guys,

                         

                        Sorry I am jumping back on this discussion

                        As you aware there is group shield product is being used for exchange, so if we move our exchange on agentless solution.

                        Then the question will raise whether agentless will completely replace Groupshield, becouse GS has its lot of settings and configurations in terms of exchange policies.

                         

                        Now, McAfee also replaced GS with MSME.

                         

                        has someone implemented Agentless for exchange in their environment?

                         

                        Thanks

                        PankajBM

                        • 9. Re: MOVE Agentless For Exchange 2013
                          Troja

                          Hi,

                          no, Move Agentless and GSE are two completely different products and approcaches.

                          In your case.

                          - Move Agentless is scanning any file on the virtual disk (instead of VSE)

                          - GSE is only for scanning e-mail content within MXS server. If you install the McAfee Agent you can manage GSE with EPO.

                           

                          Cheers