Calling the Force.com REST API from BizTalk Server – Multiple Endpoints

Over the last two months, I’ve been working on a VDI refresh engagement, involving technologies such as VMware Horizon View 5.2, vCNS (vShield) and McAfee Move, agentless solution.  The customer previously used a standard McAfee agent solution, with the agent installed in every Windows virtual desktop. However they own the license for the agentless solution, and thought this would a suitable time to investigate this, to optimize the environment and provide the best performance, whilst continuing to protect their virtual desktops.

With the agentless solution, a virtual security appliance is run on each host, and performs all the scanning, plus definition and policy updates.  This dramatically reduces the load on the host in terms of memory and CPU, and also the Windows virtual desktop, as there’s no requirement for the agent to be installed in Windows.  The benefits are clear, with increased virtual desktop performance and anti-virus updates and scanning storms, a thing of the past.  You can also manage the solution from the McAfee ePolicy Orchestrator software.

Therefore, after research and a trial period, I deployed the agentless solution and I thought I’d document the process and quirks\issues I found along the way, in case a future engagement involves this or a similar agentless solution.  I hope others may also find this useful?

First of all, the McAfee Move solution and product guide can be found here:

• You can perform this step from either the vSphere Client or vShield Manager.  I prefer to use the latter, just to verify things from the vShield Manager point of view. Browse to your host(s) and select, using the Inventory menu down the left and view the summary from the right hand side.

• Install the vShield Endpoint component and wait for verification the install has completed, you can view the various tasks from the vSphere client.  Once completed successfully, you’ll observe a similar outcome to the below.

• Check the Endpoint Status, including the Events log.

• Perform this step for all remaining hosts.
• Now the vCNS and required components (Endpoint) have been installed, the McAfee Move Virtual Security appliances (VSA) can now be deployed.

In preparation for the McAfee Move virtual security appliances (VSA) on each ESXi host, McAfee ePolicy Orchestrator software, which acts as the management station for the solution needs to be deployed.  The latest version 5.01 was downloaded and installed onto Windows Server 2008.  This was performed by the customer, but it’s a simple process, selecting either a SQL Express or dedicated SQL Server installation, depending on the size of your environment. For more information, refer to the McAfee documentation or external references at the end of the post.

Following the ePO deployment, you need to install ‘Product Extensions’ to extend the functionality of the ePO software and allow for the Move agentless solution.

• Within ePO install the extensions via Menu>Software>Extensions>Install Extension Main product extension MOVE-AV-AL_EXT_3.0.0.zip License extension MOVE-AV-AL_License_EXT_3.0.0.zip
• Deploy the VSA using the McAfee MOVE-AV-Agentless OVF (MOVE-AV-AL-OVF_3.0.0.zip)

Note: When completing the details in the Properties section of the Deploy OVF template, I found some of these settings did not apply after the deployment of the VM. For example, if you set a new admin password for the svaadmin account, for some reason this password does not apply when first setting up the VSA at the console screen, you still need to use the default password of admin.

Also, settings such as the vShield and ePO did not apply either, and I had to re-enter these through the console. 

• Complete the configuration of the appliance at the console screen from the vSphere client.  I ran through the whole setup just to ensure all the relevant settings were correct, as some do not apply (for some reason?), from the deployment of the VSA from the OVF wizard.