McAfee Optimized Virtual Environments for Servers. Installation Guide



Similar documents
McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

McAfee Host Data Loss Prevention 9.1 Cluster Installation Guide

Release Notes McAfee Risk Advisor Software For use with epolicy Orchestrator and Software

McAfee Gateway 7.x Encryption and IronPort Integration Guide

McAfee epolicy Orchestrator 4.5 Cluster Installation Guide

McAfee VirusScan Enterprise for Linux Software

Application Note. Configuring McAfee Firewall Enterprise for McAfee Web Protection Service

Desktop Release Notes. Desktop Release Notes 5.2.1

Release Notes for McAfee epolicy Orchestrator 4.5

McAfee Risk Advisor 2.7

McAfee Agent Handler

McAfee Solidcore Change Reconciliation and Ticket-based Enforcement

Product Guide Revision A. McAfee Secure Web Mail Client Software

Product Guide Revision A. McAfee Secure Web Mail Client Software

Implementing McAfee Device Control Security

Hardware Sizing and Bandwidth Usage Guide. McAfee epolicy Orchestrator Software

epolicy Orchestrator Log Files

Recommended Recommended for all environments. Apply this update at the earliest convenience.

Release Notes for McAfee VirusScan Enterprise for Storage 1.0

McAfee MOVE AntiVirus Multi-Platform 3.5.0

McAfee VirusScan Enterprise for Storage 1.0 Sizing Guide for NetApp Filer on Data ONTAP 7.x

Total Protection Service

Product Guide. McAfee Security-as-a-Service Partner SecurityDashboard 5.2.0

McAfee Host Data Loss Prevention Best Practices: Protecting against data loss from external devices

Installation Guide. McAfee epolicy Orchestrator Software

McAfee Solidcore Product Guide

McAfee Total Protection Service Installation Guide

Release Notes for Host Intrusion Prevention 8.0

Total Protection Service

McAfee GTI Proxy Administration Guide

Data Center Connector for vsphere 3.0.0

McAfee. Firewall Enterprise. Application Note TrustedSource in McAfee. Firewall Enterprise. version and earlier

Installation Guide. McAfee Security for Microsoft Exchange Software

McAfee Cloud Identity Manager

Application Note Configuring Department of Defense Common Access Card Authentication on McAfee. Firewall Enterprise

Data Center Connector for OpenStack

McAfee Cloud Identity Manager

McAfee Cloud Identity Manager

McAfee Public Cloud Server Security Suite

McAfee MOVE AntiVirus (Agentless) 3.6.0

Verizon Internet Security Suite Powered by McAfee User Guide

Best Practices Guide. McAfee Endpoint Protection for Mac 1.1.0

McAfee SiteAdvisor Enterprise 3.5.0

Installation Guide. McAfee SaaS Endpoint Protection 5.2.0

McAfee epolicy Orchestrator

Product Guide. McAfee epolicy Orchestrator Software

McAfee Security for Microsoft SharePoint User Guide

For a list of supported environments for VirusScan Enterprise 8.7i on Microsoft Windows, see (McAfee) KnowledgeBase article KB51111.

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

McAfee Policy Auditor 6.0 software Product Guide for epolicy Orchestrator 4.6

McAfee SiteAdvisor Enterprise 3.5 Patch 2

McAfee UTM Firewall Control Center Product Guide. version 2.0

Release Notes for McAfee(R) GroupShield(TM) version Patch 1 for Microsoft Exchange. Copyright (C) 2011 McAfee, Inc. All Rights Reserved CONTENTS

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

McAfee MOVE / VMware Collaboration Best Practices

McAfee Endpoint Encryption for PC 7.0

vcloud Suite Licensing

McAfee VirusScan Enterprise 8.8 software Product Guide

Sophos Anti-Virus standalone startup guide. For Windows and Mac OS X

McAfee Endpoint Security Software

About Help Desk. McAfee Help Desk 2.0 Software. Product Guide. Functions of McAfee Help Desk software. Quarantine release.

Installing and Configuring vcloud Connector

Upgrade Guide. McAfee Vulnerability Manager Microsoft Windows Server 2008 R2

Sophos Anti-Virus for NetApp Storage Systems startup guide. Runs on Windows 2000 and later

Performance Optimizer Software

Product Guide. McAfee Endpoint Protection for Mac 2.1.0

Product Guide. McAfee SaaS Endpoint Protection 5.2.0

Setup Guide. Archiving for Microsoft Exchange Server 2003

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Installing and Configuring vcloud Connector

Setting up Citrix XenServer for 2X VirtualDesktopServer Manual

PHD Virtual Backup for Hyper-V

Installation Guide. McAfee VirusScan Enterprise for Linux Software

McAfee Change Control and Application Control Product Guide For use with epolicy Orchestrator and 4.6.0

Best Practices Guide Revision B. McAfee epolicy Orchestrator Software

McAfee(R) and Web Security Virtual Appliance 5.6 Installation Guide

McAfee Directory Services Connector extension

McAfee Cloud Identity Manager

POC Installation Guide for McAfee EEFF v4.1.x using McAfee epo 4.6. New Deployments Only Windows Deployment

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

McAfee Threat Intelligence Exchange Software

Using McAfee VirusScan. Professional Edition Version 8.0. Software On a DX8000 DVR

McAfee VirusScan Enterprise 8.8 software Installation Guide

Setup Guide. Archiving for Microsoft Exchange Server 2010

Setup Guide. Archiving for Microsoft Exchange Server 2007

McAfee(R) Security Virtual Appliance 5.6 Installation Guide

McAfee MOVE AntiVirus 2.6.0

How To Encrypt Files And Folders With A Password Protected By A Password Encrypted By A Safesafe (Mafee) (Eeff) 4

Thinspace deskcloud. Quick Start Guide

McAfee EETech for Mac 6.2 User Guide

Setup Guide Revision B. McAfee SaaS Archiving for Microsoft Exchange Server 2010

McAfee Host Intrusion Prevention Patch 6 Software

McAfee Cloud Single Sign On

McAfee Database Activity Monitoring 5.0.0

Installing and Configuring vcenter Multi-Hypervisor Manager

Sophos Anti-Virus for NetApp Storage Systems startup guide

Using the vcenter Orchestrator Plug-In for vsphere Auto Deploy 1.0

McAfee Client Proxy 2.0

Product Guide. McAfee Endpoint Security 10

McAfee Data Loss Prevention Endpoint

Transcription:

McAfee Optimized Virtual Environments for Servers Installation Guide

COPYRIGHT Copyright 2010 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies. TRADEMARK ATTRIBUTIONS AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. LICENSE INFORMATION License Agreement USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.. McAfee, Inc. 3965 Freedom Circle Santa Clara, CA 95054 USA Document Version: MOVE-SRV_IG_4.0 Product Version: 1.5.0 Publication Date: September 24, 2010 iii

Table of Contents INTRODUCTION... 1 INSTALLATION OPERATIONS... 2 OVERVIEW... 2 PRODUCT COMPONENTS... 2 PREREQUISITES... 2 BEFORE YOU START... 3 MOVE FOR SERVERS PLATFORM SUPPORT... 3 INSTALLATION AND CONFIGURATION STEPS... 4 Download MOVE for Servers Packages... 4 Install the MOVE Extension package... 4 Add Registered Servers... 5 Add the MOVE Agent Deployment Package to the epolicy Orchestrator repository... 5 Install MOVE Agent on virtual machines... 6 UNINSTALL MOVE FOR SERVERS COMPONENTS... 7 Uninstall the MOVE Extension... 7 Uninstall MOVE Agent from Virtual Machines... 7 iii

Introduction In a typical anti-virus deployment on a virtualized desktop infrastructure, full system scans need to be scheduled in such a manner so that all virtual machines underlying a Hypervisor do not start off with the scanning at about the same time causing a spike in input/output processing and CPU usage, thus rendering these virtual machines unusable for this span of time. This is known as AV- Storming. McAfee Optimized Virtual Environments (MOVE) for Servers solves this issue by connecting the epolicy Orchestrator with the virtualized desktop infrastructure (provided by VMWare and Citrix) and by scattering the anti-virus scanning over a longer period such that the virtual machines remain useable during this time. MOVE for Servers is also integrated with the McAfee VirusScan Offline Virtual Image scanner that allows scanning of virtual machines that are currently in the powered-off state. The following figure summarizes the MOVE for Servers deployment: 1

Installation Operations Overview This chapter describes the installation of McAfee Optimized Virtual Environments (MOVE) for Servers. Product Components MOVE for Servers requires the following components be installed and running to provide and manage operations: epolicy Orchestrator server and repository: The management tool that installs client software, pushes out new policies, monitors client activity, creates reports, and stores and sends out content and client updates. epolicy Orchestrator agent (CMA Agent): The server agent installed on a client computer that acts as the intermediary between the client and the epolicy Orchestrator console and database. It sends data to the client from the epolicy Orchestrator server and vice versa. VSE Extension: Provides the interface to the VirusScan Enterprise product in the epolicy Orchestrator console. VSE Agent: The component which provides anti-virus functionality for virtual machines. MOVE Extension: Provides the interface to the MOVE products in the epolicy Orchestrator console. MOVE Agent: The component which provides scheduling functionality for powered-on virtual machines. If you want to schedule virus scan on powered-off virtual machines also, the following additional components are required: VirusScan Enterprise for Offline Virtual Images: Provides the interface to schedule On Demand Scans on powered-off virtual machines. OVI Extension: Provides the interface to powered-off virtual machines in the epolicy Orchestrator console. Prerequisites 1. An epolicy Orchestrator management server version 4.5 Patch 1 (Build 851) or later For details on system requirements and instructions for setting up the epolicy Orchestrator environment, see the epolicy Orchestrator 4.5 Installation Guide. 2. Target virtual machines with epolicy Orchestrator 4.5 CMA installed 2

Before You Start Ensure the following before starting installation and configuration of MOVE for Servers: Ensure that all end-point virtual machines have been added to epolicy Orchestrator System Tree. Ensure that McAfee VirusScan 8.7i Enterprise (Patch 2 or later) is installed on every endpoint virtual machine before deploying MOVE for Servers. In case, it is not installed, create a Product Deployment client task to install VSE on every end-point virtual machine. MOVE for Servers integrates with VirusScan Enterprise for Offline Virtual Images (VSE-OVI) to schedule on demand virus scan on powered-off virtual machines. MOVE integrates with VSE- OVI version 2.0.1. Note: Version 2.0.1 of OVI was in Beta at the time of release of MOVE for Servers and was not available for download. Please contact McAfee Support for further assistance. If you want to schedule virus scan on powered-off virtual machines also, ensure the following: Ensure that McAfee VirusScan Enterprise for Offline Virtual Images (OVI) 2.0.1 is installed on the dedicated machine where the OVI server is installed and is operational on the virtual machine images where off-line virtual image scan is required. Please refer to the OVI documentation for details. Configure that scan start and scan complete events for OVI scans are also sent to the epolicy Orchestrator: a) Log in to epolicy Orchestrator console. b) Navigate to Configuration Server Settings. c) Select Event Filtering in the left pane and then select edit. d) Now, select the following events to be sent: 1335: Offline Virtual Image scan started (Info) 1336: Offline Virtual Image scan completed (Info) e) Click Save. By default, the above events are not sent to the epolicy Orchestrator console. Only scan failed events are scanned. All the three events (scan started, scan completed, and scan failed) are needed for scheduling OVI scans. MOVE for Servers Platform Support MOVE for Servers is available for the following virtualization platforms: Xen Server 5.5 3

VMware 4.0 MOVE Agent is available for installation on the following platforms: Windows 2003 Server (x86, AMD64) Windows XP (x86, AMD64) Windows Vista (x86, AMD64) Windows 2008 Server (x86, AMD64) Windows 2008 R2 (AMD64) Windows 7 (x86, AMD64) Installation and Configuration Steps Download MOVE for Servers Packages Download the MOVE for Servers software package (MOVE-SRV-1.5.0.zip) and MOVE for Servers documentation package (MOVE-SRV_docs.zip) from the McAfee download site. The MOVE for Servers software package (MOVE-SRV-1.5.0.zip) contains the following: a) MOVE Agent Deployment Package (MOVE-SRV_Agent_1500_WIN.zip) b) MOVE Extension for epolicy Orchestrator (MOVE-SRV_Ext_1.5.0.zip) To schedule on demand virus scans on powered-off virtual machines, download the VSE-OVI version 2.0.1 software package and see the OVI Installation Guide for installation details. Note: Version 2.0.1 of OVI was under Beta at the time of release of MOVE for Servers and is not available for download. Please contact McAfee Support for further assistance. Install the MOVE Extension package Use this procedure to install the MOVE Extension package. The extension must be installed before epolicy Orchestrator can manage MOVE products. 1. Ensure that the extension file is in an accessible location on the network. 2. From the epolicy Orchestrator console, select Menu Software Extensions. 3. The Extensions page opens, click Install Extension. 4. Browse to and select the MOVE-SRV_Ext_1.5.0.zip file. 5. Click OK. 6. Verify that the MOVE product name appears in the Extensions list. 4

Add Registered Servers Use this procedure to a Registered Server in epolicy Orchestrator: NOTE: The procedure described below is for VMware vcenter. The procedure for adding Citrix XenPool is same; just select Xen Pool as Server type. 1. From the epolicy Orchestrator console, select Menu Configuration Registered Servers. 2. The Registered Servers page opens. Click New Server. 3. Select Server type as VMware vcenter. NOTE: To add a Citrix XenPool Hypervisor, select Xen Pool as Server type. 4. Type the name of the Registered Server, for example, Test vcenter and add any descriptive information to the Notes field. 5. Click Next. Registered Server Details page is displayed. 6. Select https or http in the Protocol field as per the protocol on which VMware vcenter is expecting client requests. 7. Provide the VMware vcenter hostname or IP-address in Server field. 8. Specify the credentials to connect with VMware vcenter in the User and Password fields. 9. Click Test Connection to validate the input parameters. Test Connection Success message is displayed if epolicy Orchestrator is able to connect to the specified VMware vcenter. 10. Click Save. Add the MOVE Agent Deployment Package to the epolicy Orchestrator repository Use the following procedure to add the MOVE Agent deployment package into the epolicy Orchestrator software repository. 1. Select Menu Software Master Repository. The Packages in the Master Repository page appears. 2. Select Actions Check In Package. 3. Select the package type as Product or Update (.ZIP). 4. Browse to and select the MOVE_Agent_1500_WIN.zip file. 5. Click Next. The Package Options page appears. 5

6. Confirm the following: Package Info: Confirm that this is the correct package. Branch: Select the desired branch - current for new products. Package signing: This specifies if the package is signed by McAfee or is a thirdparty package. 7. Click Save to begin checking in the package. Wait while the package is checked in. The new package appears in Packages in Master Repository list on the Master Repository tab. Install MOVE Agent on virtual machines Use this procedure to add a client task to install the MOVE Agent on the virtual machine clients. 1. Select an appropriate group in the System. NOTE: It is recommended that you create the installation client task at the My Organization level and apply it on only those machines tagged as virtual machines (VM). 2. Select Menu Systems System Tree Client Tasks. Then click New Task. 3. The Client Task Builder - 1 Description page appears. 4. Type the name of the task, for example, Install MOVE Agent on VM client and add any descriptive information to the Notes field. 5. Select Product Deployment from the Type drop-down menu. 6. Select Send this task to only computers which have the following criteria:. Then, click edit link for Has any of these tags. The Edit Included Tags dialog appears. Add the VM tag and click OK. 7. You return to the Client Task Builder - 1 Description page. 8. Click Next. The Client Task Builder - 2 Configuration page appears. 9. Next to Target platforms, select Windows. 10. From the Products and components list, select the MOVE Agent 1.5.0.12 and then: a) Set the Action to Install. b) Set the Language to Language Neutral. c) Set Branch to Current. 11. Click Next. The Client Task Builder - 3 Schedule page appears. 12. Select Enabled for the schedule status. 6

13. From the Schedule type list, select the appropriate schedule. To deploy immediately, select Run Immediately. 14. Set the other schedule settings as required. 15. Click Next. The Client Task Builder - 4 Summary page appears 16. Review and verify the details, then click Save. 17. If you scheduled the task to run immediately, perform an agent wake-up call. To confirm that the MOVE Agent has been successfully installed, check the System Information and MOVE properties reported to the epolicy Orchestrator console. For details, see the epolicy Orchestrator Product Guide. Uninstall MOVE for Servers Components Uninstall the MOVE Extension Use the following steps to uninstall the MOVE Extension: 1. Select Menu Software Extensions. The Extensions page opens. 2. From the Extensions tab under McAfee group, select MOVE. 3. Click Remove. Uninstall MOVE Agent from Virtual Machines Use this procedure to uninstall the MOVE Agent on the virtual machine clients. 1. Select an appropriate group in the System. NOTE: It is recommended that you create the un-installation client task at the My Organization level and apply it on only those machines tagged as virtual machines (VM). 2. Select Menu Systems System Tree Client Tasks. Then click New Task. 3. The Client Task Builder - 1 Description page appears. 4. Type the name of the task, for example, Uninstall MOVE Agent from VM clients and add any descriptive information to the Notes field. 5. Select Product Deployment from the Type drop-down menu. 6. Select Send this task to only computers which have the following criteria:. Then, click edit link for Has any of these tags. The Edit Included Tags dialog appears. Add the VM tag and click OK. 7. Click Next. The Client Task Builder - 2 Configuration page appears. 7

8. Next to Target platforms, select Windows. 9. From the Products and components list, select the MOVE Agent 1.5.0.12 and then: a) Set the Action to Remove. b) Set the Language to English. c) Set Branch to Current. 10. Click Next. The Client Task Builder - 3 Schedule page appears. 11. Select Enabled for the schedule status. 12. From the Schedule type list, select the appropriate schedule. To deploy immediately, select Run Immediately. 13. Click Next. The Client Task Builder - 4 Summary page appears 14. Review and verify the details, then click Save. 15. If you scheduled the task to run immediately, perform an agent wake-up call. 16. To confirm that the MOVE Agent has been successfully uninstalled, check that MOVE properties are no longer present in the System information page. 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information