What’s New in McAfee MOVE AntiVirus 4.0?

McAfee® Management for Optimized Virtual Environments AntiVirus (McAfee MOVE AntiVirus) 4.0 became generally available on July 28, 2016. This release of our optimized protection for virtual machines is focused on helping customers achieve the following outcomes for their private cloud deployments:

  • Faster threat detection and correction
  • Greater scalability and more efficient resource utilization
  • Better coordinated threat defense across security solutions
  • Streamlined management of agentless deployments (available for VMware NSX and VMware vCNCS) and multiplatform deployments (available for all major hypervisors)
  • Increased scanning precision and control

Let’s take a look at the new McAfee MOVE AntiVirus 4.0 features that help customers achieve these results.

Integration with McAfee Threat Intelligence Exchange

With our latest release of McAfee MOVE AntiVirus, users can leverage McAfee Threat Intelligence Exchange (McAfee TIE), a separate module sold separately, for local reputation intelligence in multiplatform deployments. Using McAfee TIE, McAfee MOVE AntiVirus can coordinate with McAfee Advanced Threat Defense to analyze the behavior of unknown applications in a sandbox. All virtual endpoints are automatically immunized from newly detected malware, shortening the response time from days or weeks to milliseconds.

Integration with McAfee Network Security Platform

Integration with TIE operationalizes intelligence across server, network, endpoint, gateway and data center solutions in real-time. For example, McAfee MOVE AntiVirus 4.0 can use McAfee TIE to integrate with McAfee Virtual Network Security Platform (Virtual NSP), resulting in unified perimeter and virtual machine protection. In this scenario, McAfee MOVE Antivirus utilizes Virtual NSP detection at the network perimeter to delete malware and Virtual NSP can take advantage of McAfee MOVE AntiVirus detection at the endpoint to block downloads of known malware:

TIEMOVE

 

Elastic Provisioning of Offline Scanners

McAfee MOVE AntiVirus uses offline scan servers called security virtual machines (SVMs) to avoid impacting the performance of virtual machines. McAfee MOVE AntiVirus 4.0 can now auto-scale these SVMS in multiplatform deployments. As scanning demand fluctuates, SVMs can automatically be added to or removed from the resource pool to scale your scanning power up or down…unlimited scale and efficient resource utilization. Event notifications help administrators understand SVM usage trends to optimize resource management.

Unified Policy Management for Agentless and Multiplatform Deployments

It makes sense for many organizations to take advantage of McAfee MOVE AntiVirus’ flexibility to support both agentless and multiplatform deployments. For instance, some implementations may benefit from agentless use of the hypervisor channel as a high-speed network to communicate with SVMs instead of using the network required by a multi-platform implementation. But, some organizations still need multiplatform to work with their multiple hypervisors or for broader policy exclusion functionality.

McAfee MOVE AntiVirus 4.0 gives security administrators the ability to define and manage consistent security policies from a single, centralized console, McAfee ePolicy Orchestrator (McAfee ePO). Since there’s only one extension point in McAfee ePO for agentless and multiplatform deployments, management of these is seamless and easy.

Greater Scanning Control Using Exclusive Scanning Policies

McAfee MOVE AntiVirus 4.0 now allows separate policies for on-access scanning (OAS) and on-demand scanning (ODS) so that tuning and security can be executed with greater control. Let’s look at one common example of two different policies for scanning performed at different times to understand why this is important. It’s easy to see how you might want to accept some reasonable level of risk for real-time OAS to avoid drastically impeding performance. You could then use ODS to catch the holes permitted by more lenient OAS policies, albeit at a later time, say on Friday evening when there’s less impact.

Next Steps

So, now that you’ve read about the new features in McAfee MOVE AntiVirus 4.0 faster response to threats, increased scale, greater ease of use and more control, you can get even more information by clicking here. Also follows us on Twitter at @IntelSecurity for our latest security news.

Leave a Comment

11 + 18 =