MOVE Scheduler 2.5.2 Product Guide

MOVE Scheduler 2.5.2 Product Guide - Knowledge Center

Product Guide
McAfee MOVE Scheduler 2.5.2
For use with ePolicy Orchestrator 4.6.0, 5.1.0 Software
COPYRIGHT
Copyright © 2014 McAfee, Inc. Do not copy without permission.
TRADEMARK ATTRIBUTIONS
McAfee, the McAfee logo, McAfee Active Protection, McAfee DeepSAFE, ePolicy Orchestrator, McAfee ePO, McAfee EMM, Foundscore, Foundstone, Policy
Lab, McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, McAfee Stinger, McAfee Total Protection, TrustedSource,
VirusScan, WaveSecure are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other
names and brands may be claimed as the property of others.
Product and feature names and descriptions are subject to change without notice. Please visit mcafee.com for the most current products and features.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS
FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU
HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR
SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A
FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET
FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF
PURCHASE FOR A FULL REFUND.
2
McAfee MOVE Scheduler 2.5.2
Product Guide
Contents
Preface
5
About this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Find product documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1
Introduction
7
About McAfee MOVE Scheduler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Components and what they do . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2
Installation and configuration
9
Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Download McAfee MOVE Scheduler packages . . . . . . . . . . . . . . . . . . . . . . 10
Platform support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Install the Scheduler Agent package . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Install the Scheduler extension . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Register virtual servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Deploy the Scheduler Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Deploy with ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . . . .
13
Troubleshoot installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
14
Uninstall McAfee MOVE Scheduler . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Uninstall from ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . . . 15
Uninstall the McAfee MOVE Scheduler extension . . . . . . . . . . . . . . . . . . 16
Upgrading McAfee MOVE Scheduler . . . . . . . . . . . . . . . . . . . . . . . . . .
17
Install the Scheduler extension . . . . . . . . . . . . . . . . . . . . . . . . . 17
Install the Scheduler Agent package . . . . . . . . . . . . . . . . . . . . . . . 18
Deploy the MOVE Agent with ePolicy Orchestrator . . . . . . . . . . . . . . . . .
18
Configuring permission sets for McAfee MOVE Scheduler . . . . . . . . . . . . . . . . . . 20
Configure permission sets . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3
Monitoring and managing
21
Managing your virtual environment . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Create an on-demand scan template . . . . . . . . . . . . . . . . . . . . . . .
Configuring policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Create a policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
21
22
22
22
23
Apply a policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Charts and queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
View hypervisor details . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Purge scan log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
23
24
25
25
Index
McAfee MOVE Scheduler 2.5.2
27
Product Guide
3
Contents
4
McAfee MOVE Scheduler 2.5.2
Product Guide
Preface
Contents
About this guide
Find product documentation
About this guide
This information describes the guide's target audience, the typographical conventions and icons used
in this guide, and how the guide is organized.
Conventions
This guide uses these typographical conventions and icons.
Book title, term,
emphasis
Title of a book, chapter, or topic; a new term; emphasis.
Bold
Text that is strongly emphasized.
User input, code,
message
Commands and other text that the user types; a code sample; a displayed
message.
Interface text
Words from the product interface like options, menus, buttons, and dialog
boxes.
Hypertext blue
A link to a topic or to an external website.
Note: Additional information, like an alternate method of accessing an
option.
Tip: Suggestions and recommendations.
Important/Caution: Valuable advice to protect your computer system,
software installation, network, business, or data.
Warning: Critical advice to prevent bodily harm when using a hardware
product.
McAfee MOVE Scheduler 2.5.2
Product Guide
5
Preface
Find product documentation
Find product documentation
After a product is released, information about the product is entered into the McAfee online Knowledge
Center.
Task
6
1
Go to the McAfee ServicePortal at http://support.mcafee.com and click Knowledge Center.
2
Enter a product name, select a version, then click Search to display a list of documents.
McAfee MOVE Scheduler 2.5.2
Product Guide
1
Introduction
McAfee MOVE Scheduler manages the scheduling of your virus protection software so you can keep
your virtual environment running smoothly.
Contents
About McAfee MOVE Scheduler
Components and what they do
About McAfee MOVE Scheduler
Traditional security solutions for virtual environments run as an anti-virus application on every VM on
the hypervisor. This model results in reduced VM density per hypervisor, and causes high disk, CPU,
and memory usage.
The problem
In typical deployment of virtual machine servers, common tasks like scanning for viruses can occur on
all servers at the same time. This creates a significant load on the virtual infrastructure and impacts
performance.
The McAfee solution
McAfee MOVE Scheduler solves this issue by scheduling on-demand scans based on hypervisor and
resource availability, so that virtual machines (VMs) remain usable during scans.
McAfee MOVE Scheduler 2.5.2
Product Guide
7
1
Introduction
Components and what they do
Components and what they do
Each component performs specific functions to keep your environment protected.
8
•
ePolicy Orchestrator — Installs client software, pushes out new policies, monitors client activity,
creates reports, and stores and sends out content and client updates to managed systems.
•
Hypervisor — Allows multiple operating systems to run concurrently on a hosted system. The
hypervisor is a virtual operating system that manages the execution of the guest operating
systems.
•
Virtual Machines (VMs) — Completely isolated guest operating system installation within a
normal host operating system that supports both virtual desktops and virtual servers. Hosts
VirusScan Enterprise 8.7/8.8 and the Scheduler Agent.
•
McAfee MOVE Scheduler Agent — Provides scheduling functions for powered-on virtual
machines with a Windows service.
•
McAfee VirusScan Enterprise — Performs anti-virus scanning operations.
•
McAfee MOVE Scheduler Extension — Queries the hypervisor for the VM's state, CPU data, and
storage details. Synchronizes collective VM data with systems in the System Tree and initiates
scans on the VMs. Supplies charts and queries detailing anti-virus scan activity and compliance for
virtual machines and hypervisors, and provides management of scheduling policies.
McAfee MOVE Scheduler 2.5.2
Product Guide
2
Installation and configuration
Install, set up, and configure features for the McAfee MOVE Scheduler software.
Contents
Requirements
Download McAfee MOVE Scheduler packages
Platform support
Install the Scheduler Agent package
Install the Scheduler extension
Register virtual servers
Deploy the Scheduler Agent
Troubleshoot installation
Uninstall McAfee MOVE Scheduler
Upgrading McAfee MOVE Scheduler
Configuring permission sets for McAfee MOVE Scheduler
Requirements
Verify that your environment meets these system and software requirements.
•
ePolicy Orchestrator versions 4.6, 5.1
•
McAfee Agent versions 4.6, 4.8
•
VirusScan Enterprise version 8.7 or 8.8
•
McAfee Agent and VirusScan Enterprise are installed on all virtual machines.
•
VMware vCenter 5.5
McAfee MOVE Scheduler 2.5.2
Product Guide
9
2
Installation and configuration
Download McAfee MOVE Scheduler packages
Download McAfee MOVE Scheduler packages
You must download the McAfee MOVE Scheduler packages before installation.
•
From the McAfee download site, download these packages for McAfee MOVE Scheduler:
Package name
Description
MOVE‑SCH_Ext_2.5.2.zip
Product extension
MOVE‑SCH_252_License.zip
License extension; upgrades evaluation extension to
a fully licensed extension.
MOVE‑SCH_Agent_2520_WIN.zip
Deployment package; contains the installer
MOVESchedulerSetup.exe
help_move_sch_252.zip
Help extension
Upgrade is not supported for version 2.5.2 Help
extension. Make sure that you remove the
previous version of the Help extension, then install
version 2.5.2 extension.
MOVE‑SCH_2.5.2_Product_Guide_en‑us
.pdf
Product Guide
MOVE‑SCH_2.5.2_ReleaseNotes.pdf
Release Notes
Software and documentation is also available from the ePolicy Orchestrator Software Manager.
Platform support
McAfee MOVE Scheduler supports these operating systems, and is available for these virtualization
platforms.
Virtualization platforms
Citrix XenServer 5.5, 5.6, 6.0, 6.1, 6.2
VMware vCenter 5.0, 5.1, ESXi 4.0, 4.1, 5.0, 5.1, 5.5
Operating systems
Windows XP SP3 (x86)
Windows Vista (x86, x64)
Windows 7 (x86, x64)
Windows 8 (x86, x64)
Windows 2003 Server R2 SP2 (x86)
Windows 2003 Server R2 (x64)
Windows 2003 Server SP2 (x86)
Windows 2008 Server SP2 (x86, x64)
Windows 2008 R2 SP1 (x64)
Windows 2012
Install the Scheduler Agent package
You must add the McAfee MOVE Scheduler Agent package to the Master Repository before you can
deploy the agent to managed VMs.
10
McAfee MOVE Scheduler 2.5.2
Product Guide
Installation and configuration
Install the Scheduler extension
2
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | Software | Master Repository.
2
Click Check In Package and select Product or Update (.ZIP) for package type.
3
Browse to and select the MOVE‑SCH_Agent_2520_WIN.zip file, then click Next.
4
Verify the displayed information.
5
Click Save to check in the package.
If the repository includes a previous version of the software, it is removed when you check in
version 2.5.2.
The new package appears in the Packages in Master Repository list on the Master Repository page.
Install the Scheduler extension
The Scheduler extension must be installed in ePolicy Orchestrator before you can manage the
anti-virus scans on your virtual machines.
Before you begin
Make sure that the extension is in an accessible location on the network.
The extension is named MOVE‑SCH_Ext_2.5.2.zip and can be found in the folder where you
downloaded it. The ePolicy Orchestrator help extension is named help_move_sch_252.zip
and should also be installed using this same process.
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | Software | Extensions | Install Extension.
You can only have one task updating the Master Repository at once. If you try to install an extension
at the same time as a Master Repository update is running, the following error appears:
Unable to install extension com.mcafee.core.cdm.CommandException: Cannot check in the selected
package while a pull task is running.
Wait until the Master Repository update is done and try to install your extension again.
2
Browse to and select the extension file, then click OK.
3
Verify that the product name appears in the Extensions list.
McAfee MOVE Scheduler 2.5.2
Product Guide
11
2
Installation and configuration
Register virtual servers
Register virtual servers
Before you can deploy McAfee MOVE Scheduler to VMs, you must register the hypervisors in ePolicy
Orchestrator.
Before you begin
The supplied credentials must have an assigned role that provides at least read permissions
to the server.
When hypervisors are registered:
•
The Scheduler communicates with the registered hypervisor and collects data for scheduling.
•
Registered hypervisors are added to the System Tree group MOVE Scheduler Virtual Infrastructure.
•
All managed VMs associated with a registered hypervisor receive a VM tag to identify it.
•
The Scheduler regularly queries registered hypervisors and applies the VM tag to any virtual
machines managed by ePolicy Orchestrator.
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | Configuration | Registered Servers.
2
On the Registered Servers page, click New Server.
3
Configure these settings for the new server. Click Next when finished.
4
•
Server Type — Select VMware vCenter or ESX or Xen Pool, depending on the virtual machine server being
added.
•
Name — Enter the name of the registered server, for example, Test vCenter.
•
Notes — Add descriptive information about the server.
On the Details page, configure these settings:
•
Protocol — Select https or http, depending on the protocol the server uses to receive client
requests.
Typically HTTP is disabled in virtual environments. See your virtual server documentation for
instructions on how to enable HTTP connectivity prior to registering the server with HTTP.
5
•
Server — Enter the server's host name or IP address.
•
User — Enter the user name credentials to connect with the server.
•
Password — Enter the password associated with the user.
Click Validation Parameters to validate your settings.
The Virtual Infrastructure Parameters Validation Successful message is displayed if ePolicy Orchestrator is able
to connect to the specified server.
6
Click Save to save the registered server configuration.
Do not remove hypervisors from the System Tree. Delete them by removing the registered server.
Hypervisors deleted from the System Tree are re-discovered later, but any previous policy associations
are lost, resulting in scans no longer being scheduled.
12
McAfee MOVE Scheduler 2.5.2
Product Guide
Installation and configuration
Deploy the Scheduler Agent
2
Deploy the Scheduler Agent
Use ePolicy Orchestrator to deploy the Scheduler Agent to your virtual machines.
Deploy with ePolicy Orchestrator
Installing the McAfee MOVE Scheduler Agent on virtual machines from ePolicy Orchestrator requires
two tasks. First you must create a deployment client task, then assign that task to virtual machines.
Create a deployment task
Before a task can be assigned to systems, it must be created.
McAfee recommends creating the client task at the My Organization level and applying it on only those
machines tagged as virtual machines (VM).
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | Policy | Client Task Catalog.
2
In the left column under McAfee Agent, select Product Deployment.
3
Click New Task, select Task Types : Product Deployment, then click OK.
4
Type the name of the task, for example, Install MOVE Scheduler agent on VM client, and add
information to the Description field.
5
Make sure that Windows is the only Target platform selected.
6
For Products and components:
7
a
Select MOVE Scheduler Agent 2.5.2 from the first drop-down list.
b
Set the Action to Install, set the Language to Language Neutral, and set the Branch to Current.
Select the remaining options according to your environment's best practices, then click Save.
The newly created task appears in the Client Task Catalog.
Assign a deployment task
Before McAfee MOVE Scheduler can function, the agent must be deployed to virtual machines.
Before you begin
You must have already added McAfee MOVE Scheduler to the Master Repository and registered
your virtual servers to the ePolicy Orchestrator System Tree.
Task
For option definitions, click ? in the interface.
1
Select a group in the System Tree.
2
Click Menu | Policy | Client Task Assignments.
3
Select the Assigned Client Tasks tab.
4
Select Actions | New Client Task Assignment.
McAfee MOVE Scheduler 2.5.2
Product Guide
13
2
Installation and configuration
Troubleshoot installation
5
Select these settings:
•
Product — McAfee Agent
•
Task Type — Product Deployment
•
Task Name — The name of the task you created earlier
6
Under Tags, select Send this task to only computers which have the following criteria.
7
Next to Has any of these tags, click edit.
8
Click Add, select VM from the list, click OK, then click Next.
On McAfee ePO 5.x, you can directly select the tag from the list.
9
On the Schedule tab next to Schedule type, select Run Immediately from the drop-down list.
10 Set the Options as appropriate, then click Next.
11 Examine the settings displayed on the Summary tab, then click Save to assign the task.
The McAfee MOVE Scheduler Agent is now deployed to every system in the System Tree that was
assigned the VM tag.
Troubleshoot installation
When you upgrade ePolicy Orchestrator after installing McAfee MOVE Scheduler, scans on VMs might
fail.
This scan failure can occur in these situations after you install McAfee MOVE Scheduler:
•
Upgrade ePolicy Orchestrator from 4.5 to 4.6 and 5.1
•
Create a new ePolicy Orchestrator 4.6 and 5.1 installation
Task
1
On the ePolicy Orchestrator server, open Windows Explorer.
2
Navigate to the %ProgramFiles%\McAfee\ePolicy Orchestrator\Server\Extensions\installed
\MOVE\2.5.2\webapp\WEB‑INF\lib folder.
On 64-bit servers, use %ProgramFiles (x86)% at the beginning of the specified path.
3
Delete the file dom4j*.jar.
4
Click Start | Run, enter services.msc, then press Enter.
5
Restart the McAfee ePolicy Orchestrator 4.6.0 Application Server or McAfee ePolicy Orchestrator 5.1.0 Application Server
service. Click OK when prompted to restart dependent services.
Agent-server communications are restored and scans on virtual machines function properly.
14
McAfee MOVE Scheduler 2.5.2
Product Guide
Installation and configuration
Uninstall McAfee MOVE Scheduler
2
Uninstall McAfee MOVE Scheduler
Uninstall McAfee MOVE Scheduler and remove all components using ePolicy Orchestrator.
Tasks
•
Uninstall from ePolicy Orchestrator on page 15
Uninstalling the McAfee MOVE Scheduler Agent with ePolicy Orchestrator requires two
separate tasks. First create a client removal task, then assign that task to virtual machines.
•
Uninstall the McAfee MOVE Scheduler extension on page 16
Complete the uninstallation by removing the McAfee MOVE Scheduler extension from
ePolicy Orchestrator.
Uninstall from ePolicy Orchestrator
Uninstalling the McAfee MOVE Scheduler Agent with ePolicy Orchestrator requires two separate tasks.
First create a client removal task, then assign that task to virtual machines.
Tasks
•
Create an uninstall task on page 15
To remove the agent with ePolicy Orchestrator, you must first create a removal task.
•
Assign the uninstall task to virtual machines on page 16
To remove the McAfee MOVE Scheduler Agent from virtual machines with ePolicy
Orchestrator, you must assign the uninstallation client task to those virtual machines.
Create an uninstall task
To remove the agent with ePolicy Orchestrator, you must first create a removal task.
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | Policy | Client Task Catalog.
McAfee recommends creating the client task at the My Organization level and applying it on only those
machines tagged as virtual machines (VM).
2
In the left column under McAfee Agent, select Product Deployment.
3
Click New Task, select Task Types : Product Deployment, then click OK.
4
Type the name of the task, for example, Uninstall MOVE Scheduler from VM clients, and add
any descriptive information to the Description field.
5
Make sure that Windows is the only Target platform selected.
6
For Products and components select these settings:
7
•
Product — MOVE Scheduler Agent 2.5.2
•
Action — Remove
•
Language — Language Neutral
•
Branch — Current
Select the remaining options according to your environment's best practices, then click Save.
The newly created task appears in the Client Task Catalog.
McAfee MOVE Scheduler 2.5.2
Product Guide
15
2
Installation and configuration
Uninstall McAfee MOVE Scheduler
Assign the uninstall task to virtual machines
To remove the McAfee MOVE Scheduler Agent from virtual machines with ePolicy Orchestrator, you
must assign the uninstallation client task to those virtual machines.
Task
For option definitions, click ? in the interface.
1
Select a group in the System Tree.
2
Click Menu | Policy | Client Task Assignments, then click the Assigned Client Tasks tab.
3
Click Actions | New Client Task Assignment.
4
Select these settings:
•
Product — McAfee Agent
•
Task Type — Product Deployment
•
Task Name — The name of the task you created earlier
5
Under Tags, select Send this task to only computers which have the following criteria.
6
Next to Has any of these tags, click edit.
7
Click Add, select VM from the list, then click OK.
8
Click Next.
9
On the Schedule tab next to Schedule type, select Run Immediately from the drop-down list.
10 Set the Options as appropriate, then click Next.
11 Examine the settings displayed on the Summary tab, then click Save to assign the task.
The McAfee MOVE Scheduler Agent is now removed from every system in the System Tree that was
assigned the uninstall task.
Uninstall the McAfee MOVE Scheduler extension
Complete the uninstallation by removing the McAfee MOVE Scheduler extension from ePolicy
Orchestrator.
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | Software | Extensions.
2
From the Extensions tab under McAfee, select MOVE Scheduler.
3
Click Remove, then click OK to remove the extension.
This removes the McAfee MOVE Scheduler extension and associated policies from ePolicy Orchestrator,
unregister any registered hypervisors, and deletes the MOVE Scheduler Virtual Infrastructure group from the
System Tree.
16
McAfee MOVE Scheduler 2.5.2
Product Guide
Installation and configuration
Upgrading McAfee MOVE Scheduler
2
Upgrading McAfee MOVE Scheduler
Upgrade any version to McAfee MOVE Scheduler 2.5.2 by installing the extension, adding the agent
package to the repository, then deploying the agent.
The steps to upgrade McAfee MOVE Scheduler are the same for each version, but there are differences
in how the product behaves during the upgrade.
Overview
The upgrade process is similar to a new installation with important considerations. When you install
the McAfee MOVE Scheduler extension into ePolicy Orchestrator, it replaces the older version.
Hypervisors registered with the older extension are maintained in the ePolicy Orchestrator database
after the upgrade is complete. Policies and scan compliance data are migrated during the upgrade
process.
You are unable to schedule scans on any virtual machines before this process is complete. Because this
reduces your environment's security, try to complete the upgrade process as quickly as possible.
Important considerations
Version Behavior
1.5
The McAfee MOVE Scheduler 2.5.2 extension can't communicate with the MOVE for Servers
1.5 Agent, so you can't schedule scans on machines with the older agent until they are
upgraded. The McAfee MOVE Scheduler Agent version 2.5 replaces the older agent during
deployment. After the agent deployment is complete, your upgrade is finished.
2.0
The McAfee MOVE Scheduler 2.0 extension can manage the 2.5 agents and a 2.5.2
extension can manage 2.0 agents. Scheduled scans continue during a 2.0 to 2.5.2
upgrade, unlike the 1.5 to 2.5 upgrade.
Install the Scheduler extension
The Scheduler extension must be installed in ePolicy Orchestrator before you can manage the
anti-virus scans on your virtual machines.
Before you begin
Make sure that the extension is in an accessible location on the network.
The extension is named MOVE‑SCH_Ext_2.5.2.zip and can be found in the folder where you
downloaded it. The ePolicy Orchestrator help extension is named help_move_sch_252.zip
and should also be installed using this same process.
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | Software | Extensions | Install Extension.
You can only have one task updating the Master Repository at once. If you try to install an extension
at the same time as a Master Repository update is running, the following error appears:
Unable to install extension com.mcafee.core.cdm.CommandException: Cannot check in the selected
package while a pull task is running.
Wait until the Master Repository update is done and try to install your extension again.
McAfee MOVE Scheduler 2.5.2
Product Guide
17
2
Installation and configuration
Upgrading McAfee MOVE Scheduler
2
Browse to and select the extension file, then click OK.
3
Verify that the product name appears in the Extensions list.
Install the Scheduler Agent package
You must add the McAfee MOVE Scheduler Agent package to the Master Repository before you can
deploy the agent to managed VMs.
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | Software | Master Repository.
2
Click Check In Package and select Product or Update (.ZIP) for package type.
3
Browse to and select the MOVE‑SCH_Agent_2520_WIN.zip file, then click Next.
4
Verify the displayed information.
5
Click Save to check in the package.
If the repository includes a previous version of the software, it is removed when you check in
version 2.5.2.
The new package appears in the Packages in Master Repository list on the Master Repository page.
Deploy the MOVE Agent with ePolicy Orchestrator
Installing the McAfee MOVE Scheduler Agent on virtual machines from ePolicy Orchestrator version 4.6
requires two tasks. First you must create a deployment client task, then assign that task to virtual
machines.
Tasks
•
Create a deployment task on page 13
Before a task can be assigned to systems, it must be created.
•
Assign a deployment task on page 13
Before McAfee MOVE Scheduler can function, the agent must be deployed to virtual
machines.
Create a deployment task
Before a task can be assigned to systems, it must be created.
McAfee recommends creating the client task at the My Organization level and applying it on only those
machines tagged as virtual machines (VM).
Task
For option definitions, click ? in the interface.
18
1
From the ePolicy Orchestrator console, click Menu | Policy | Client Task Catalog.
2
In the left column under McAfee Agent, select Product Deployment.
3
Click New Task, select Task Types : Product Deployment, then click OK.
4
Type the name of the task, for example, Install MOVE Scheduler agent on VM client, and add
information to the Description field.
McAfee MOVE Scheduler 2.5.2
Product Guide
Installation and configuration
Upgrading McAfee MOVE Scheduler
5
Make sure that Windows is the only Target platform selected.
6
For Products and components:
7
a
Select MOVE Scheduler Agent 2.5.2 from the first drop-down list.
b
Set the Action to Install, set the Language to Language Neutral, and set the Branch to Current.
2
Select the remaining options according to your environment's best practices, then click Save.
The newly created task appears in the Client Task Catalog.
Assign a deployment task
Before McAfee MOVE Scheduler can function, the agent must be deployed to virtual machines.
Before you begin
You must have already added McAfee MOVE Scheduler to the Master Repository and registered
your virtual servers to the ePolicy Orchestrator System Tree.
Task
For option definitions, click ? in the interface.
1
Select a group in the System Tree.
2
Click Menu | Policy | Client Task Assignments.
3
Select the Assigned Client Tasks tab.
4
Select Actions | New Client Task Assignment.
5
Select these settings:
•
Product — McAfee Agent
•
Task Type — Product Deployment
•
Task Name — The name of the task you created earlier
6
Under Tags, select Send this task to only computers which have the following criteria.
7
Next to Has any of these tags, click edit.
8
Click Add, select VM from the list, click OK, then click Next.
On McAfee ePO 5.x, you can directly select the tag from the list.
9
On the Schedule tab next to Schedule type, select Run Immediately from the drop-down list.
10 Set the Options as appropriate, then click Next.
11 Examine the settings displayed on the Summary tab, then click Save to assign the task.
The McAfee MOVE Scheduler Agent is now deployed to every system in the System Tree that was
assigned the VM tag.
McAfee MOVE Scheduler 2.5.2
Product Guide
19
2
Installation and configuration
Configuring permission sets for McAfee MOVE Scheduler
Configuring permission sets for McAfee MOVE Scheduler
A permission set is a group of permissions (or access rights) granted to a user account for specific
features of a product. Permission sets only grant permissions — they never remove a permission.
All permissions to all products and features are automatically assigned to global administrators. Other
users must have permission assigned manually. Global administrators can assign existing permission
sets when creating or editing user accounts and when creating or editing permission sets.
For more information on permission sets, see the ePolicy Orchestrator documentation.
McAfee MOVE Scheduler permission set
The McAfee MOVE Scheduler software adds a MOVE Scheduler 2.5.2 Policy section to the permission sets
with one setting. This defines access rights to the McAfee MOVE Scheduler software features. The
global administrators must grant permissions to users to use McAfee MOVE Scheduler, as no
permissions are granted by default.
Other required permission sets
The global administrator gives ePolicy Orchestrator permissions to handle other areas that work with
the McAfee MOVE Scheduler including queries, dashboards, and the Threat Event Log.
For these McAfee MOVE Scheduler features...
These permissions sets are required
Dashboards
Dashboards, Queries
Queries
Queries
Registering hypervisors
Registered servers
Events on virtual machines
Systems, System Tree access, Threat Event Log
Configure permission sets
Update the read/write access permissions assigned to the user roles for McAfee MOVE Scheduler,
which are defined for your ePolicy Orchestrator environment.
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | User Management | Permission Sets.
2
Select a user role from the Permission Sets list.
3
Next to MOVE Scheduler 2.5.2 Policy, click Edit.
4
Select the permission level.
5
Click Save.
For more information on permission sets, see the ePolicy Orchestrator documentation.
20
McAfee MOVE Scheduler 2.5.2
Product Guide
3
Monitoring and managing
McAfee MOVE Scheduler allows you to monitor the status of virtual servers and their managed virtual
machines from the ePolicy Orchestrator console. You can create scan policies and monitor scan status
and compliance.
Contents
Managing your virtual environment
Configuring templates
Configuring policies
Charts and queries
Managing your virtual environment
McAfee MOVE Scheduler manages the scanning of your VMs from ePolicy Orchestrator.
After you register a XEN Pool or VMware vCenter servers in ePolicy Orchestrator, McAfee MOVE
Scheduler retrieves information about the hypervisors and their virtual machines, and adds the details
to the System Tree.
How VMs are organized in the System Tree
McAfee MOVE Scheduler creates a group named MOVE Scheduler Virtual Infrastructure in the System Tree
under My Organization. It adds all virtual infrastructure details from registered XEN Pool, VMware vCenter,
and ESX servers to this group.
McAfee MOVE Scheduler expects to manage all entries in the MOVE Scheduler Virtual Infrastructure group. Don't
alter the contents of this group. Doing so causes unexpected results.
Typically, you organize systems in the System Tree any way that makes sense for your environment.
Virtual servers, however, must be organized in this specialized group.
Identifying with the VM tag
McAfee MOVE Scheduler applies a VM tag to all virtual systems that are added to ePolicy Orchestrator.
This tag makes it easy to identify virtual machines in the System Tree. The tag is applied when a
hypervisor is registered with ePolicy Orchestrator, and is periodically updated.
McAfee MOVE Scheduler 2.5.2
Product Guide
21
3
Monitoring and managing
Configuring templates
Configuring templates
McAfee MOVE Scheduler uses templates to schedule scans on virtual machines.
A template is a disabled scan task like VirusScan Enterprise on-demand scan tasks.The template tasks
specify the settings used during scans that are scheduled by McAfee MOVE Scheduler. Templates must
be disabled and assigned to the My Organization group in the System Tree. You can copy and disable
existing VirusScan Enterprise on-demand scan tasks to create these templates.
Create an on-demand scan template
This template task is used by the McAfee MOVE Scheduler policy to schedule on-demand scans for
online virtual machines. This template defines what is scanned by the on-demand anti-virus scan task.
Task
For option definitions, click ? in the interface.
1
Select the My Organization group in the System Tree.
McAfee MOVE Scheduler templates must be assigned to the My Organization level. The McAfee MOVE
Scheduler policy detects only templates assigned at this location.
2
Click Menu | Systems (for McAfee ePO 4.6.x) or Systems Section (for McAfee ePO 5.1) | System Tree | Assigned Client
Tasks.
3
Click Actions | New Client Task Assignment.
4
Select Product: Virus Scan Enterprise 8.8.0 and Task type : On Demand Scan.
5
Click Create New Task.
6
Configure these settings, then click Save.
7
•
Task Name — Enter the name of the task, for example, Template task for on-demand scan
scheduling.
•
Description — Add a description for the template task.
Configure the task according to your environment's requirements, then click Next.
See the VirusScan Enterprise Product Guide for details.
8
In the Schedule page, select Disabled for the schedule status.
This setting is critical — the schedule status must be set as Disabled so it can be detected by McAfee
MOVE Scheduler and added to a McAfee MOVE Scheduler policy.
9
Configure other schedule settings as required, then click Next.
10 Review and verify the details, then click Save.
If you want different task settings on different virtual machines, create another task for those virtual
machines, and mark that task as Disabled.
Configuring policies
Policy information for McAfee MOVE Scheduler is grouped into a single Scheduler category.
You can create or modify as many policies as you need. The McAfee MOVE Scheduler extension
includes a preconfigured McAfee Default policy, which cannot be edited or deleted but can be copied or
used as a base for new policies.
22
McAfee MOVE Scheduler 2.5.2
Product Guide
3
Monitoring and managing
Configuring policies
This policy allows the administrator to define how and when anti-virus scans run on a hypervisor, and
are applied to the hypervisor instead of the virtual machine (VM) or system.
Create a policy
Create a new McAfee MOVE Scheduler policy to change behavior on managed virtual systems.
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | Policy | Policy Catalog.
2
From the Product drop-down list, select MOVE Scheduler 2.5.2, then click New Policy.
3
From the New Policy page, enter these settings, then click OK.
4
5
•
Create a policy based on this existing policy — Select the base policy (for example, McAfee Default policy)
for the new policy.
•
Policy Name — Type a name for the new policy (for example, MOVE ODS Server Policy).
•
Notes — Enter a description of the new policy.
From the Policy Settings page, enter these settings.
Maximum concurrent
scans per Hypervisor
Limits the number of concurrent scans to be run on the virtual machines of
a hypervisor.
Maximum concurrent
scans per storage
Limits the number of concurrent scans to be run on the virtual machines of
a hypervisor that are on the same storage.
Scan Frequency
Select the scan period for the policy. Currently, only Weekly setting is
available — this creates at least one on-demand scan attempt every week.
(A week is defined as Monday through Sunday.)
VSE Task Name
Select the template task for on-demand scans. This task is listed with
disabled VirusScan Enterprise on-demand scan tasks that are applied at the
My Organization level in the System Tree. One VirusScan Enterprise template can
be assigned per policy.
Scan Time
Set or clear the time slots to specify available scan times. Green denotes a
time slot where a scan can start and white denotes a time when a scan
can't start. Grid cells can be toggled available (green) or unavailable (white)
by clicking the cell, column header, or row header.
Start new scans only if
average CPU usage of
hypervisor in last 5
minutes is less than NNN
%
Select to specify that new scans should be started only when the average
CPU usage of the hypervisor over the last five minutes is less than the
specified percentage. Deselect to start a new scan whenever it is possible
based on other settings.
Click Save.
Apply a policy
McAfee MOVE Scheduler policies differ from traditional ePolicy Orchestrator policies; they are applied
to the hypervisor instead of to the managed system.
McAfee MOVE Scheduler 2.5.2
Product Guide
23
3
Monitoring and managing
Charts and queries
Task
For option definitions, click ? in the interface.
1
From the ePolicy Orchestrator console, click Menu | Systems (for McAfee ePO 4.6.x) or Systems Section (for
McAfee ePO 5.1) | System Tree.
2
Select the MOVE Scheduler Virtual Infrastructure group or hypervisor containing the target virtual
machines.
3
Click Assigned Policies.
4
In the Product drop-down list, select MOVE Scheduler 2.5.2.
5
On the Actions column of the McAfee Default policy, select Edit assignment.
6
On the Policy Assignments page, change these settings:
7
•
Inherit from — Select Break inheritance and assign the policy and settings below option.
•
Assigned Policy — Select the policy that you created earlier from the Assign Policy drop-down list.
Click Save.
Charts and queries
Charts and queries provide data about a particular item and filter the data for specific subsets. For
example, high-level events reported by particular clients for a specified time period. Reports
incorporate queries and can be scheduled and sent as a PDF file or email message.
Table 3-1 Charts
Chart
Details
Hypervisor Table
Lists the hypervisors that are members of the registered servers, and displays the
managed virtual machines associated with the hypervisors.
Compliance for the
Last 7 Days
Displays a pie chart of virtual machines indicating their compliance status.
A system is considered compliant if the most recent scan was completed
successfully.
You can click on the chart to drill down into the details of the scan on each virtual
machine in the group, whether compliant or noncompliant.
Click Details to view the last 7 days' on the hypervisor where that virtual machine
was running. You can scroll to view the entire period. To view the scan-specific
details like scan type or actual scan period, hover the cursor over a scan bar.
Scan Activity per
Hypervisor
Provides the details of completed, running, and in-progress scans on each
hypervisor for the last 24 hours.
To view scan activity and CPU usage over the last 24 hours, click a specific
hypervisor.
Table 3-2 Queries
Query
Description
MOVE Scheduler: AV Scan Compliance Displays a pie chart of systems indicating compliance status. A
system is considered compliant if it has been successfully scanned in
the last 7 days.
MOVE Scheduler: AV Scan Log
24
McAfee MOVE Scheduler 2.5.2
Provides details of the scans scheduled in the last 7 days.
Product Guide
3
Monitoring and managing
Charts and queries
Table 3-2 Queries (continued)
Query
Description
MOVE Scheduler: Error Logs
Displays internal error logs. For example, if the ePolicy Orchestrator
server is unable to connect to XenPool due to invalid credentials.
MOVE Scheduler: Running AV Scans
By Storage
Displays the details of running anti-virus scans by storage.
View hypervisor details
McAfee MOVE Scheduler provides important hypervisor information to track your virtual environment.
Task
For option definitions, click ? in the interface.
1
View the hypervisor list: Click Menu | Reporting | MOVE Scheduler.
2
View all hypervisors: Click MOVE Scheduler Virtual Infrastructure, expand the server tree, then select a
server.
3
View the list of related virtual machines: Click the server, select the requested hypervisor, then
select Actions | Show Related Virtual Machines.
The System : System Information page lists all related virtual machines. You can perform various actions
on any listed virtual machine. For example, you can wake up the McAfee Agent on a virtual
machine by selecting it and clicking Wake Up Agents.
Purge scan log
The McAfee MOVE Scheduler operation generates internal events that accumulate in the database.
The ePolicy Orchestrator server task Move Scheduler: Purge Scan Logs is disabled by default and can be run
manually or enabled and run based on the selected criteria. You can purge the scan log to manage the
size of the database.
To...
Do this...
View the server task
Click Menu | Automation | Server Tasks.
Run the McAfee MOVE Scheduler: Purge Scan Logs
task
Select Run for the associated task.
Schedule the McAfee MOVE Scheduler: Purge Scan
Logs task
1 Select Edit for each task.
2 In the Schedule Status field, select Enabled, then click Next.
3 Select the available actions, then click Next.
4 Define the task schedule, then click Next.
5 Click Save.
McAfee MOVE Scheduler 2.5.2
Product Guide
25
3
Monitoring and managing
Charts and queries
26
McAfee MOVE Scheduler 2.5.2
Product Guide
Index
A
I
about this guide 5
agent
assign deployment task 13, 19
assign uninstall task 16
create deployment task 13, 18
create uninstall task 15
deploy with ePolicy Orchestrator 4.6 13, 18, 19
agent package, check in 10, 18
installation
assign deployment task 13, 19
check in deployment package 10, 18
common problems 14
create agent deployment task 13, 18
download packages 10
extensions 11, 17
register hypervisors 12
troubleshooting 14
C
Citrix XenServer, requirements 10
client tasks
agent deployment 13, 18
assign agent deployment task 13, 19
assign agent uninstall task 16
create agent uninstall task 15
components
downloading 9, 10
overview 8
configuration 20
conventions and icons used in this guide 5
D
documentation
product-specific, finding 6
typographical conventions and icons 5
E
ePolicy Orchestrator
add deployment package 10, 18
install 11, 17
register hypervisors 12
System Tree organization 21
uninstall 16
M
McAfee MOVE Scheduler
introduction 7
McAfee ServicePortal, accessing 6
O
operating systems, requirements 10
P
packages
download
check in agent package 10
permission sets
list 20
modify 20
overview 20
required 20
policies
applying 23
create 23
difference from standard policy usage 22
options summary 23
overview 22
R
H
hypervisors
register 12
register in ePolicy Orchestrator 12
show related systems 25
view details 25
McAfee MOVE Scheduler 2.5.2
requirements
software 9
S
ServicePortal, finding product documentation 6
supported platforms, requirements 10
Product Guide
27
Index
System Tree
adding hypervisors 21
applying policies 23
organization 21, 22
view hypervisor details 25
T
uninstallation
assign agent task 16
create client task 15
remove ePolicy Orchestrator extension 16
V
technical support, finding product information 6
templates
create on-demand scan 22
definition 22
example 22
troubleshooting 14
28
U
McAfee MOVE Scheduler 2.5.2
virtual machines, tagging 12, 21
VMware ESX, supported versions 10
VMware ESXi, supported versions 10
VMware vCenter, supported versions 10
Product Guide
00

Download Report

MOVE Scheduler 2.5.2 Product Guide - Knowledge Center

Paperzz.com

Your Paperzz