Overview of McAfee MOVE AntiVirus

McAfee® Management for Optimized Virtual Environments AntiVirus (McAfee® MOVE AntiVirus) is an anti-virus solution for virtual environments. It provides protection and performance for your organization without having to install an anti-virus application on every virtual machine (VM).

McAfee MOVE AntiVirus detects threats, then protects your environment based on settings that you configure.

You can configure the software as a standalone product, or you can use McAfee® ePolicy Orchestrator® (McAfee® ePO™) to configure, manage, and enforce your policies. Once configured, you can use queries and dashboards to track activity and detections.

The software includes two deployment options, Multi-Platform and Agentless. Both options provide consistent protection and are managed and reported on by McAfee ePO.

Multi-Platform deployment

Multi-Platform is an agent-based deployment option that offloads all scanning to a dedicated Security Virtual Machine (SVM) that runs McAfee® VirusScan® Enterprise software. Guest VMs are no longer required to run anti-virus software locally, which improves performance for anti-virus scanning, and increases VM density per hypervisor.

Multi-Platform deployment:

  • Supports on-access scanning and on-demand scanning to examine files for potential threats.
  • Uses McAfee® Threat Intelligence Exchange (TIE) and McAfee® Advanced Threat Defense for in-depth analysis of suspect files using local, global, and enterprise-level caches, and to define threat reputation and respond to threats.
  • Uses McAfee ePO to manage the McAfee MOVE AntiVirus configuration on client systems, McAfee MOVE AntiVirus SVM, and SVM Manager.
  • Uses SVM Manager to automatically assign the SVM to the clients for simplified administrative management, monitoring the health of SVMs, and load-balancing of SVMs. See the installation guide for instructions about deploying and configuring the autoscale SVM.
  • Uses McAfee® Agent for policy and event handling.
  • Uses McAfee ePO for reports on viruses that are discovered on the VMs.

Agentless deployment

This deployment method integrates with VMware NSX Manager and VMware vShield. It protects your virtual environment from malware without a McAfee Agent for easy deployment and setup. This deployment provides virus protection for VMs on the hypervisor.

Agentless deployment:

  • Uses the VMware vShield Endpoint API to receive scan requests from VMs on the hypervisor.
  • Relies on McAfee® Endpoint Security for Linux Threat Prevention for SVM scanning and updates.
  • Uses McAfee ePO to manage the McAfee MOVE AntiVirus configuration on the SVM.
  • Uses McAfee Agent for policy and event handling.
  • Uses McAfee ePO for reports on viruses that are discovered on the VMs.