McAfee® MOVE AntiVirus delivers security for VDI and server virtualization without compromising performance.
McAfee Management for Optimized Virtual Environments (MOVE) AntiVirus for virtual desktops and servers is uniquely designed to relieve the overhead of traditional virus scans, yet provide the protection and performance essential for success.
Enterprises are considering or may have already deployed VDI and want the flexibility to either build images dynamically at logon or serve persistent images from the data center to the end user. The ability to provide more control over data and data access drives return on investment. However, moving to serve these endpoints from within the data center has some infrastructure implications. The dynamic nature of provisioning desktops and their overall load in a virtualized environment is hard enough to model, and capacity planning is also a challenge. Anti-virus that is not designed for virtual environments makes this task even more complex. Even though the user desktop has been virtualized and can run traditional anti-virus software within the individual virtual machine (VM), the cumulative performance impact on the infrastructure can be profound. This directly affects the total number of virtual desktops that can be supported and decreases the expectations of operational returns.
With today’s persistent threats and the proliferation of malware, running endpoints without anti-virus is not an option. With the consolidation of corporate data within the data center, the need to be more vigilant and provide constant protection actually increases because activity at the endpoint is now closer to critical data and servers than ever before. Virtualization provides the ability to quickly repair and mitigate the spread of viruses by generating pristine desktop images and decreasing risk, but on-access virus scanning is still essential.
How McAfee MOVE AntiVirus Is Different
McAfee enables customers to use their current McAfee VirusScan® Enterprise protection and optimize it for virtualized environments. McAfee MOVE AntiVirus is an add-on component that is designed to support on-access scans and update functions within virtual desktop environments, greatly reducing the infrastructure impacts seen with traditional anti-virus deployments. Supporting hosted VDI with VMware View and Citrix XenDesktop, a lightweight endpoint component communicates to the McAfee MOVE AntiVirus virtual appliance to broker the anti-virus processing on behalf of each VM desktop. Each VM can be configured with unique, individual policies set in the McAfee ePolicy Orchestrator® (McAfee ePO™) management console, or the VMs can be managed as a collective work group.
Images created dynamically or persistently will have protection throughout the VDI session. Within virtualized environments, ensuring that .DAT updates are timely and on-access scanning is enabled provides critical active protection during each session. Even though you can re-image quickly, the goal is to eliminate the need to do so in the first place. McAfee MOVE AntiVirus for virtual desktops provides this capability and is highly effective at not degrading the user experience or impacting the load of the hypervisor.
The scalability that can be achieved when anti-virus scanning is performed outside of the individual VM dramatically reduces resource requirements in the overall environment. This McAfee product supports more than 100,000 desktops (virtual and physical) and is continually updated, thanks to McAfee Global Threat Intelligence™. The McAfee MOVE AntiVirus virtual appliance provides the most recent signatures, and it handles the offload processing of on-access scanning, updating each VM with the results. Memory resource allocation for each VM decreases and can be released back to the resource pool for more effective utilization. Regardless of a VM desktop’s previous state, the McAfee MOVE AntiVirus virtual appliance ensures continuous protection through its active sessions.
Virtual Servers and Anti-Virus
Servers normally are configured to provide on-demand anti-virus scanning during non-business hours to minimize disruption. When these systems are migrated into a virtual environment, scheduling of multiple virtual servers can cause CPU spikes and interfere with other operational activities, such as patching and backups, which sometimes are scheduled at the same time. Today, the best practice is to randomize the scheduling of on-demand scanning, but it is not ideal and is not hypervisor aware. Being hypervisor aware helps you understand the overall state and load of the hypervisor so you can minimize operational scheduling conflicts that may affect efficient security processing.
Operational Flexibility with McAfee MOVE AntiVirus
McAfee MOVE AntiVirus provides McAfee VirusScan Enterprise with improved security management specifically designed for virtualized environments. This operational flexibility and control of resources used for security processing is lacking today. McAfee was one of the original providers of server offline scanning and now makes VMs hypervisor aware, so that scheduled scans can be performed based on the overall load of the hypervisor. When diverse servers are deployed within a single hypervisor, this ensures that critical operational activities are not disrupted due to unexpected resource issues.
For today’s systems, where 24/7 performance is a must, server virtualization allows for flexible provisioning and migration within hypervisors to accommodate resource requirements. McAfee MOVE AntiVirus for virtualized servers can provide offline security for servers that are not active. This ensures that they are protected and ready to initialize immediately without the delay of virus scanning. Servers that are continually performing due to their service-level agreements can be protected with McAfee MOVE AntiVirus, which optimizes McAfee VirusScan Enterprise through hypervisor-aware scheduling, thus minimizing the overall operational impact of the security processing.
For more information, please click here
