There are seven Movere executables that need to be whitelisted:
- Movere Console
- Movere.Console.WPF.exe – The Movere Console
- Movere.Service.exe – The Movere service that orchestrates scanning
- Targeted Windows endpoint
- FrameworkVerifier.exe – Required to verify the endpoints .NET Fx version, and trigger the scan
- Movere.Bot2.Local.exe – Required to locally inventory a Windows device running .NET 2.0 through 3.5
- Movere.Bot4.Local.exe – Required to locally inventory a Windows device running .NET 4.0 or higher
- Movere.Arc2.exe – Required to ARC scan a Windows device running .NET 3.5
- Movere.Arc4.exe – Required to ARC scan a Windows device running .NET 4.0 or higher
We now have four unique tenant regions, and each region has specific URL's and IP addresses, all of the URLs for the tenant region should be whitelisted.
For a comprehensive list of all URLs and IPs addresses used by Movere, please see Movere URLs and IP Addresses for Whitelisting.
Network Address Translation (NAT)
A customer may use NAT to map ‘ftapi1.movere.io’ to an internal IP address. Internally they will target the IP address they created, which will then re-direct to the correct Movere IP address. When a customer does this, they must tell the device the Movere Console is being run from how to correctly map the internal IP address to the external Movere IP address. To do this, a DNS entry must be created for that device.
- Navigate to: c:\Windows\System32\Drivers\etc and open the ‘hosts’ file with notepad
- At the bottom of this file enter the NAT address they have setup, e.g.: 192.168.1.5 ftapi1.movere.io
- Attempt to download the token.txt file. If successful, then scanning can begin.