McAfee Move Anti-Virus
March 01, 2013
£20 per virtual desktop and up, depending on the number of desktops.
What it does: Provides ePO managed anti-virus for virtualised environments.
What we liked: Ease of use combined with the ability to integrate a virtual environment into the overall hybrid environment for an ePO-managed, anti-malware capability that is seamless across all of the hybrid components, physical or virtual.
Anti-malware today suffers from a frustrating dichotomy. First, it is, arguably, the most mature of all of the capabilities in the security practitioner's toolkit. Certainly, McAfee is one of the grand old products of the genre. On the other hand, a huge percentage of today's threats - especially advanced persistent threats - are delivered using increasingly sophisticated malware. Throw virtualised environments into the mix and one has a witch's brew of potentially bad news.
McAfee has successfully brought together the application of a centralised policy engine - ePO - with its anti-malware capability in the physical world. There is a strong suite of enterprise-class protection for the physical data centre. Today, though most enterprises of any size are becoming virtualised, so this protection needs to reach into the virtual to be effective. Today's virtualisation extends from servers to endpoints, so the notion of pervasive anti-virus (AV) is even more important. Data and other transmittable files - especially bad files such as malware - can move extremely quickly across a virtualised network backbone, so controlling malware in a virtualised world may well be more important than it is in the physical world. Management for Optimised Virtual Environments (Move) AV addresses this challenge head-on.
Move is optimised for the virtual - and it is hypervisor agnostic. It is managed through ePO policies and it integrates cleanly with other McAfee capabilities in the physical enterprise. Nowhere is a scan storm more threatening to system performance than when it results from AV scanning across a virtual network. Move monitors all of the loads - memory, CPU, IO, disk, hypervisor and more - in the virtual environment and manages itself accordingly.
Should one be using VMware as a hypervisor, Move hooks the vShield API and works directly at the hypervisor level. Overall, this is an efficient, comprehensive approach to integrating a virtualised data centre with a physical data centre, as well as with endpoints. If one is a virtualised shop and not using McAfee as the in-house AV product, Move alone is a good enough reason to rethink the enterprise-wide AV strategy. AV is not the end of the line for Move, either. We were told that new capabilities will be added to it, fleshing out a total security environment that addresses an integrated hybrid environment, all under the control of a single ePO. Not bad for the company that started the widespread acceptance of anti-virus by giving it away.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- The information security implications of M&A deals
- Cyber-security must reflect risk not just regulation
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success