Migrate to MVISION ePO

MVISION ePO is a multi-tenant, enterprise SaaS model of McAfee ePO, accessible through an internet browser. You can migrate from your McAfee ePO On-Premises server to cloud using the MVISION ePO Migration extension. This process allows you to manage your systems that are migrated to the cloud using MVISION ePO.

Before you begin

Before you begin, make sure that these conditions are met.

  • You have an active MVISION ePO account.
  • Your McAfee ePO version is 5.3.1 or later.
  • You have installed the MVISION ePO Migration extension on your current McAfee ePO server.
  • The McAfee ePO server has internet connectivity. If you're using a proxy server, make sure that you have configured the proxy server settings.
  • The client systems can communicate with the MVISION ePO server.
  • The agent repository policies have proxy settings to connect to the MVISION ePO server.
  • You have configured the proxy and firewall settings to allow communication with the MVISION ePO server. For more information, see KB90878.
    This table displays port and URLs that MVISION ePO needs to communicate through a firewall.
    Port Customer data center location URL
    443 United States

    migr-usw001.mvision.mcafee.com

    migr-usw002.mvision.mcafee.com

    Singapore migr-sgp001.mvision.mcafee.com
    Frankfurt migr-eu001.mvision.mcafee.com
    Sydney migr-au001.mvision.mcafee.com
  • The MVISION ePO tenant account that you're planning to link has an active subscription and administrator rights.
  • You have identified inactive systems and excluded them from the migration process. Migration can't be complete if even one of the systems is not reachable.
  • You have explored the available options in the Settings page and chose what is relevant to you.

Task

  1. Log on to McAfee ePO and select MenuMVISIONMVISION ePO Migration.
  2. Enter your MVISION ePO credentials.
  3. (If your account belongs to multiple tenants...) Select a tenant account from the Select Tenant drop-down.
    The Select Tenant drop-down appears only if the user account is configured for multiple tenants.
  4. Click Link to MVISION ePO account.
    You have successfully linked your McAfee ePO to your MVISION ePO account. The email ID used to log on is displayed in the left pane.
  5. Click Clone configuration to MVISION ePO to copy the configurations.

    You can see a list of systems that can be migrated, and a list of incompatible products that can't be migrated.

    Tip: Plan to migrate your systems in multiple phases — A trial phase to migrate few systems, then one or more phases to migrate the remaining systems.
  6. Click Settings to customize the migration, then click Save.
    • Migrate resources — Select Client Task, Policy, Tag, and Active Directory Configuration to migrate them from your system to MVISION ePO.
    • Delete Systems after Migration — Select to delete the migrated systems on McAfee ePO On-Premises server after migrating to MVISION ePO.
    • Auto Migrate newly added Systems — Select to automatically migrate the newly added systems of a pre-migrated group.
    The McAfee ePO configurations such as policies, user-defined client tasks, and tags are copied to MVISION ePO.
  7. Click Migrate active directory configurations to MVISION ePO, then select active directories to initiate migration.
    You can see the list of active directories configured under Registered Servers. You can select single or multiple active directories. If you don't want to migrate the active directories to MVISION ePO, you can skip steps 7 to 10 by clicking Skip This Step.
  8. Select the type of system from the drop-down list, then search your system.
    Type at least 3 characters to see the list of systems.
    • All Systems
    • MVISION
    • On-Premises (If you select an on-premises system, Active Directory migration will take some time because the system resources will migrate to MVISION in the next ASCI interval only.)
  9. Select the systems, click Save selected systems as AD connector then click Migrate AD configurations.
    Note:
    • The maximum number of systems you can select is 2.
    • The systems you select must have access to the domain to which you want to migrate them.
    • Active Directory connectors can be deployed on Windows systems only.
    Important: The standard ASCI interval is 60 minutes. For Active Directory migration, set the ASCI interval short, preferably 5 minutes. For more information, see Configure the ASCI setting.
    The selected systems are migrated sequentially. Each Active Directory undergoes these 5 steps before successful migration.
    1. The selected systems (managed by McAfee ePO) are migrated to MVISION ePO.
    2. McAfee Agent and DXL on the selected systems upgrade to the latest version.
    3. The DXL connectivity of the selected systems is verified.
    4. The Active Directory connector package is deployed on the selected systems.
    5. Checks whether Test Connection for Active Directory passes.

    If one of the selected systems passes the Test Connection check, the Active Directory migration is considered successful.

  10. Click Migrate compatible systems to MVISION ePO.
  11. Select the groups that you want to migrate, then click Migrate Groups.
    Note: Choose a group of 10–25 systems as a pilot group to migrate from the current McAfee ePO server to MVISION ePO. This enables you to be aware of any issues that might occur before migrating all systems in System Tree.

    You can view the progress of migration in the MVISION ePO Migration page.

    • All compatible systems in the selected group are tagged as MVISION ePO Migration.
    • A deployment task MVISION ePO Migration is created.
    • Three separate deployment packages for MVISION ePO migration for Windows, Linux, and macOS are checked in to the Master Repository.

Results

MVISION ePO starts to manage all migrated systems. Migration begins during the next agent-server communication, and systems start to communicate with MVISION ePO.

What to do next

  1. Log on to MVISION ePO and verify if the selected systems appear in System Tree.
  2. Verify if all policies appear as expected.
  3. To see the list of systems in which the Active Directory Connector package is deployed and the details, go to MenuConfigurationDirectory Service.
  4. Continue to migrate the remaining systems.

You can view information about your migrated systems using these queries that are included in the MVISION ePO Migration extension.

  • Systems By migration status
  • Table View of migrated systems
  • Trend of Migrated systems