Thank you for using McAfee VirusScan Enterprise for Offline Virtual Image 2.1.0. This document contains important information about this release. We strongly recommend that you read the entire document.
Features in the current release of the software are described below:
By default, Artemis settings from VirusScan Enterprise On-Access Scan will be used.
If you intend to configure different Artemis settings for Storage:
Known issues in this release of the software are described below.
ePolicy Orchestrator does not show an extension for products that do not have a policy associated with the product. VirusScan Enterprise for Offline Virtual Images is a scheduled task, so it does not use a policy. Therefore, when you install the VirusScan Enterprise for Offline Virtual Image extension in the ePolicy Orchestrator repository, a placeholder policy is provided for this product so that the product appears in the list of installed extensions. The placeholder policy is blank. Access the VirusScan Enterprise for Offline Virtual Image task from the client tasks section of the ePolicy Orchestrator console.
VirusScan Enterprise for Offline Virtual Image 2.1.0 only supports ESX, vCenter, and Xen servers that use the default port values.
While a VirusScan Enterprise for Offline Virtual Image 2.1.0 scan is running, it attaches the drives it scans to the local computer. You may see this if you open Microsoft Windows Explorer. However these drives are not accessible to the end user. The drives are removed once the scan is completed.
These .lck files remain on the workstation or server if the virtual server is abnormally terminated (for example, using a system reset) or if the virtual machine is not properly shutdown. Removing the .lck file allows the VirusScan Enterprise for Offline Virtual Image 2.1.0 file based scan to proceed.
If the computer conducting a virtual machine scan is turned off during the scan, it leaves the disks for that virtual machine in a locked state. Re-running the scan should unlock the disks. However, the VMware feature that allows VirusScan Enterprise for Offline Virtual Image to unlock the virtual machine's disks has known issues which should be resolved with VMware's KL U1 release. Until VMware addresses this issue you might need to wait several hours for the ESX server to unlock the disks, or power cycle the ESX server to unlock the virtual machine's disks.
You can scan dynamic disks with all virtual image types except for Xen. Dynamic disk scanning is not supported with Xen on any operating system. If a Xen virtual image is scanned and it contains a dynamic disk, that disk is not scanned and the following error might appear in the log:
Failed to scan virtual drive G:. hdc () on host may be a removable drive that is empty.
Do not run multiple VirusScan Enterprise Offline Virtual Image 2.1.0 scan tasks for Citrix XenServer based virtual machines. The VirusScan Enterprise Offline Virtual Image 2.1.0 is unable to properly handle this situation and we are working on a solution for the release. If you would like to run concurrent VirusScan Enterprise Offline Virtual Image 2.1.0 scan tasks install VirusScan Enterprise Offline Virtual Image 2.1.0 on two separate virtual machines to accomplish this.
When using the VirusScan Enterprise Offline Virtual Image 2.1.0 to scan virtual machines for Citrix XenServer there must be at least a 3 minute gap between a scan completing and the start of the next scan.
VirusScan Enterprise for Offline Virtual Image is currently not supported on Microsoft Hyper-V if configured to a SAN or NAS as the backend storage.
A local scan of a Virtual Hard Disk (VHD) file does not perform the clean or delete action. Disk images, for example VHD files, and ISO images are scanned as read only, so any detections found can not be cleaned or deleted.
Copying host DAT files of the same version fails after downgrading the VirusScan Enterprise DATs manually or using SuperDAT on the virtual machine.
The preferred method to scan images on a Hyper-V server is to install the Offline Virtual Images software on the Hyper-V server and create the scans on that server.
If you want to scan the Hyper-V virtual machines from a different machine you must access the Hyper-V machine through a uniform naming convention (UNC) path.
The failure occurs because the paths to the virtual hard drive (VHD) files used by the virtual machine are stored as absolute paths. These absolute paths include the drive letter which causes the remote machine to fail to locate the VHD files.
VMware gives you the option to have a virtual machine use a physical drive rather than a virtual disk file. A machine using this configuration cannot be scanned by VirusScan Enterprise for Offline Virtual Image. Since the machine is pointing to a physical drive, you can still scan the drive by creating a virtual image scan (ODS) to scan it.
Do not run concurrent scans of images with multiple partitions having the same name. For example, if you run multiple virtual image scan (ODS) tasks simultaneously on two images and both have three partitions (for example, C, E, and F) the scan that first assigns the drive letters E and F to the partitions will be completed successfully. The other task cannot mount the partitions E and F of the second image and displays the error, "E and F may be removable drives on the host that are empty."
Either run the scans serially or use more than one physical machine with VirusScan Enterprise for Offline Virtual Image installed to run parallel scans.
Password protection is not available for this product. When you configure the VirusScan Console Tools | User Interface Options for this product, password protection cannot be configured.
If you run VirusScan Enterprise Repair Installation from the VirusScan Console, you must run the VirusScan Enterprise for Offline Virtual Image VSEOVISetup.exe again and select Repair from the Program Maintenance dialog box.
Scanning an ESX image connected to SAN or NAS storage fails from a standalone system, if the Copy DATs optionis enabled.
Workaround — To resolve this issue, refer to the McAfee KnowledgeBase articles:
| Operating system | KB article URL |
|---|---|
| Microsoft Windows XP | |
| Microsoft Windows 2003 Server |
The McAfee documentation is designed to provide you with the information you need during each phase of product implementation, from evaluating a new product to maintaining existing ones. Depending on the product, additional documents might be available. After a product is released additional information regarding the product is entered into the online Knowledgebase available on McAfee ServicePortal.
|
Use this task to go to the release notes and other product documentation for McAfee enterprise products.
COPYRIGHT
Copyright © 2011 McAfee, Inc. All Rights Reserved.
No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies.
TRADEMARK ATTRIBUTIONS
AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.