3 Replies Latest reply on Jun 9, 2017 2:40 PM by Moe Hassan

    McAfee MOVE with NSX for VDI

    Moe Hassan

      Looking to implement MOVE agentless for VDI project. Will be using NSX. I've found a basic install guide here: McAfee MOVE with NSX Install Guide

      Will be looking at MOVE 4.x product guide and installation guide from McAfee.

      Anyone have experience in this? Please share tips, comments, or other guides.

        • 1. Re: McAfee MOVE with NSX for VDI
          Moe Hassan

          Upgrading from MOVE 4 to 4.5:

           

          My initial deployment was MOVE 4 but soon after 4.5 was released. I decided to do the upgrade.

           

          step 1: upload the new svm in epo. Go to "Automation \ MOVE Antivirus Deployment \ General \ SVM Repository". At the bottom, click actions\add svm and upload the new 4.5 appliance.

          step 2: now go to "Service" tab and you should see a new "upgrade" button. simply click on it and it will change some columns confirming the upgrade.

          step 3: the final step is done on NSX. it should be visible in NSX under “Networking & Security \ Installation\Service Deployments”.

           

          The final step takes place outside of ePO. so just give it a little time. Check it the next day. hopefully all of your appliances will be running 4.5.

          • 2. Re: McAfee MOVE with NSX for VDI
            Moe Hassan

            Troubleshooting MOVE:

             

            scenario : normally the number of your hosts = number of sva appliances. i also had matching numbers, but two sva appliances were not checking in properly with ePO. they populated some information but i could not wake up agents, could not update dats etc. svas were running, tried reboot several times, did not help.

             

            instead of spending time in finding a root cause, it was more efficient to simply delete the two problematic appliances. so we go ahead and simply delete the two svas from vcenter/nsx. so now we have lets say 10 hosts, 8 svas. when everything works, it should be 10 hosts = 10 svas.

             

            So it turns out NSX will NOT automatically deploy sva after deletion on missing hosts. It will show you a warning in "Networking & Security\Installation\Service Deployments" tab under "service status" in NSX. You can either click on the service status or the little "resolve" tool icon. This will initiate the McAfee SVA deployment process on the hosts that are missing it. Once done, you may have to reboot the sva appliances themselves to be properly recognized by ePO. Also the warning in NSX should disappear also.

            • 3. Re: McAfee MOVE with NSX for VDI
              Moe Hassan

              MOVE Resources:

               

              I will list MOVE related resources here. CLI resource is extremely limited. you can console to agentless svas, but commands are limited.

               

              MCAFEE MOVE WITH NSX INSTALL GUIDE

              MCAFEE MOVE 4.5.0 UPGRADE GUIDE WITH NSX