McAfee MOVE Agentless vs Multi-Platform



When I was looking McAfee MOVE Anti-Virus solution for one of my customers, I was confused with these variants of McAfee MOVE (McAfee MOVE Agentless and Multi-Platform). After spending a day on research, I got what they are and function of each product.
Writing this article for anyone come across the situation where they need to decide which product they need to choose as an Anti-Virus solution as part of the solution design. In recent times, installing agentless Anti-Virus solution for virtual infrastructure (VMware vSphere/ Microsoft Hyper V) become a common practice for virtual desktop and servers to offload virus scan job from virtual machines to a dedicated virtual appliance or offload scan server.

McAfee MOVE agentless and multi platform differences
Source : McAfee
At high level, McAfee MOVE agent solution is aimed for VMware hypervisor which uses vCloud Networking and Security (vCNS/ vShield manager) and it leverages vShield Endpoint Thin Agent installed as part of the VMware tools. Whereas McAfee MOVE multi-platform works with VMware and other well-known virtualisation technologies Hyper-V and XenServer.
McAfee MOVE Agentless
McAfee MOVE Multi-Platform
Solution Components:
     -  McAfee ePolicy Orchestrator (ePO         Server)
     - Hypervisor (ESXi)
     -  vCloud Networking and Security ( vCNS/ vShield manager)
     -  vShield EndPoint
     - MOVE Security Virtual Appliance( SVA) on each hypervisor host
     - VMware NSX Manager - Optional
Solution Components:
        -  McAfee ePolicy Orchestrator (ePO Server)
          Hypervisor (ESXi or Hyper-V or XenServer)
        - McAfee Agent
        - MOVE AV Offload Scan Server (OSS)
        - VirusScan Enterprise ( Installed as part of the OSS server)
        - MOVE Security Virtual Appliance( SVA)
       - Data Center Connector for vSphere- Optional
It’s highly dependent on VMware tools
VMware tools optional – only if you want to configure Data Center connector for vSphere to auto discover client virtual machines
Solution is made for VMware vSphere hypervisor
Solution is suitable for VMware and other hypervisors like Hyper-V and Citrix XenServer
No McAfee agent or client on client machine. Solution leverages vShield Endpoint Thin Agent installed as part of the VMware tool
McAfee agent needs to be installed on virtual machines

For detailed instructions  to install and configure McAfee MOVE Multi-Platform solution, refer "McAfee MOVE Multi-Platform Install and config steps"
In addition to above high level information, I found following table from McAfee communities. Adding here as I think it helps community.

AV Features
Multi-platform deployment
Agentless deployment
On-Access Scanning
YES
YES
On-Demand Scanning
Weekly and Instant scheduling
Weekly scheduling
Quarantine restore
Restore from ePO
Restore from utility
Automatic SVA deployment through NSX

YES
Flexible tuning policies
YES
YES since version 3.6
Exclusions
Path-based & Process name
Path-based only
GTI File Reputation
YES
YES

Please feel free to leave your thoughts/ comments or if anything missed.

Please share on social media if you found this post helpful. If you have a comment or question, please post and add your voice to the conversation

4 comments: