Tips For Installing SEP In A Low Bandwidth Environment
1) Keep the Heart Beat intervals to 1 hour and randomize it for 5 Minute .Also keep it in pull mode (Clients----> < The group which the clients reside>---->Policies (Right side)--- >Communication Settings)
Refer the below figure
2)Keep the liveupdate frequency as daily and schedule it..Symantec will release multiple updates in a day. So if we select a low frequency it will download more revisions and will cause more load on the network.(Admin ---->Servers--->local site---->edit site properties---->liveupdate )
Refer the below figure
3)Use GUP for the virus definition Distribution .Ensure that you are using MR4 or later (Both in SEPM and in all the clients.).RU5 is recommendable
Symantec Endpoint Protection 11.0 Group Update Provider (GUP)
4)Enable bandwidth throttling for the GUP
How to configure GUP bandwidth throttling in Symantec Endpoint Protection 11.0 MR4?
For RU5 you can do this in the GUI of SEPM.(LU policy --->server settings--->Group update provider). Refer the below figures .
Then assign it to the groups.
5)Update the Installation Package before installing the SEP client .This will reduce the initial download update size.
How to deploy the Symantec Endpoint Protection (SEP) client Release Update 5 or later with current virus definitions and intrusion prevention signatures.
6)Keep the no. of revision as 30.It will ensure that if a PC is connecting at least once in a 30 days also it will download only delta updates.(If a client is not connecting to SEPM Day by day the delta size will go up). Refer the below figure.
7)If you want you can control the bandwidth of SEPM, But be careful while doing this because it may affect the clients communication badly.
Adjust the maximum bandwidth setting in IIS to a value that is less than the slowest WAN connection.
Configure IIS Performance Options:
Click Start, point to Administrative Tools, then click Internet Information Services (IIS) Manager.
Click to expand Server Name, then click to expand Web Sites.
Right-click the web site that is hosting the Endpoint Protection Manager content (either Default Web Site or Symantec Web Server), then click Properties.
Click the Performance tab.
Limit bandwidth usage in one of two ways:
i)Adjust Bandwidth throttling.
Click to select the Limit the network bandwidth available to this Web site check-box.
Adjust the Maximum bandwidth setting to total less than the slowest network link.
Click Apply to save changes.
Refer the below figure
ii)Modify the total number of web site connections:
Click Connections limited to.
Adjust the total number of connections allowed to this website to alleviate bandwidth usage issues while still maintaining functionality.
Click Apply to save changes.
Refer the below figure
Note: when setting max connections for the site make sure to include enough connections to allow the manager to function as well (The SEPM- Console uses 3 connections when open).
Note: If the SEPM is installed to the default web site it is possible that connectivity to other content within that site will become unavailable until a connection is released for use.
8) If you are having more clients in remote location and you do not want to mange centrally, Install individual SEPMs in each location and configure one central LUA point the SEPMs to download the updates
Installation and configuration of LUA
Installing and configuring LiveUpdate Administrator 2.x
For pointing to LUA refer below figures
For more information regarding the bandwidth usage of a client refer below article.
How much bandwidth is used by a SEP Client in One day ?
9)f you want to manage the policies centrally do as follows
How to Perform Offline Replication between 2 Remote Sites when normal replication is failing due to Bandwidth Issues.
and configure one central LUA point the SEPMs to download the updates
Make the following changes in the replication partner properties after doing the replication
Uncheck the logs, Content and Client packages replication. Schedule the replication time to off business hours. Refer the below figure.
For pointing to LUA refer below figures
For more information regarding the bandwidth usage of a client refer below article.
How much bandwidth is used by a SEP Client in One day ?
Note: Minimize the number of replication partners to reduce the complexity...
Comments
nice article
nice article
Re
Great Article.
Very helpful.
Regards, M.R
Very Informative article.
Very Informative article.
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
Thank you for the comments..
Thank you for the comments..
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Very nice and helpful
Very nice and helpful article, AravindKM.
May I suggest only one thing : use "computer mode" for distant clients when you are using a link which is prone to failure (as ours).
When freshly installed and regularly, distant clients open communication with SEPM ; and if link is not reliable enough ; they tend to appear on default group not in the right one. Moving distant clients to the right group won't cause much trouble when using "computer mode".
Banky
hi
good one..
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Very informative article.
Very informative article.
Hi Aravind what ya its
Hi Aravind what ya its great......I know very well about symantec its over show.
Sthen i gave one pont to u
Sthen i gave one pont to u enjoy it..........
Dear Aravind, Very good
Dear Aravind,
Very good article and good resource for new SEPM implementers.
Thanks
Raghav
Great article - really like
Great article - really like all the screen shots high lighting the fields.
I'm reading thru all the related articles as well.
We use GUP's already but MR5 has new options which I need to understand.
Have a look in this
Have a look in this article
Whats new in Group Update Providers in RU5 release of Symantec Endpoint Protection 11.0
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Good one Aravind
Good one Aravind
Prachand Kumar MCSE-2003 Symantec Technical Specialist (SCTS)
Thank you for all your
Thank you for all your comments.
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
so helpful and very
so helpful and very interesting..thank you for creating this one.
;-)
great collection of screen
great collection of screen shots
*bump*
Any idea on deployment and upgrade on low bandwidth environments?
The article is generally for definition updates.
“Your most unhappy customers are your greatest source of learning.”
Hi -
I have been working on this same issue.
I'm somewhat against the idea of manual upgrades, so I'm looking at package deployment. This however brings a bunch of challenges into SEP/SEPM.
The following article describes deploying packages to remote sites using IIS. If you use DNS to provide an IP address of an IIS server per site when a common hostname is queried, you could have this deployed package be retrieved locally from the SEP clients.
https://www-secure.symantec.com/connect/articles/h...
My plans are to implement the above on the sites GUPs, and then use a scheduled RoboCopy task to ensure that the IIS content folders are kept up to date on the various site servers.
Greg
Good tips for Bandwidth
Good tips for Bandwidth reducation in the Environment need to follow and read all the links available .
Thanks People
Bandwidth throttling not working in RU5
As a follow up to the implementation that I was doing, I have found that bandwidth throttling between GUPs and the central management server may not work as intended. I would thusly suggest not using this, and if required, look at using IIS bandwidth throttling instead.
After working with Symantec support for many days without resolution as to why the clients were not getting any updates, I finally just disabled bandwidth throttling and everything started working normally.
Excellent!
Very good article!
congratulations..
Leon Homar
Wow. Thanks for the detailed
Wow. Thanks for the detailed explanation
Gracias!
Excelente articulo! Muchas gracias por compartir esto.
Would you like to reply?
Login or Register to post your comment.