Screencasts - Hilfsvideos

Insight Cache Use when not running active Scans

Created: 03 Juli 2013 • Aktualisiert: 03 Juli 2013 | 5 Kommentare
Dieses Problem wurde gelöst. Siehe Lösung.

Hi All,

In our backend deployment we are using SEPP 12 with Insight Cache. We are currently in the process of deploying SEPP 12 into our (1000 concurrent desktop) VMware View enviroment. In the View enviroment we arent using active scans, only on access. The reason for this is that we are using clean Non-Persistent linked clones and do not want to add additional load by starting Scans, even randomized.

Now here's the question: Is there any use in implementing Insight Cache in an enviroment like our VDI deployment?



Operating Systems:

Kommentare KommentareZum neuesten Kommentar

das Bild der Rafeeqs

Shared Insight Cache is only available for the clients that perform scheduled scans and manual scans. if you dont have these two then its of no use.

das Bild der SebastianZs

Agreed with Rafeeq - SIC has only use with scheduled or manual scans - have a look at following KB:

About Shared Insight Cache

padding: 1px;padding-bottom: 3px ;font: 12px Arial; text-align: left;">Article:HOWTO81020 padding: 1px;font: 12px Arial; text-align: left;"> |  padding: 0px;font: 12px Arial; text-align: left;">Created: 2012-10-24 padding: 1px;font: 12px Arial; text-align: left;"> |  padding: 1px;font: 12px Arial; text-align: left;">Updated: 2013-06-06 padding: 1px;font: 12px Arial; text-align: left;"> |  padding: 1px;font: 12px Arial; text-align: left;">Article URL

Shared Insight Cache use improves performance in virtual infrastructures. Files that Symantec Endpoint Protection clients have determined to be clean are added to the cache. The subsequent scans that use the same virus definitions version can ignore the files that are in the Shared Insight Cache. Shared Insight Cache is used only for scheduled and manual scans.

das Bild der Ambesh_444s


Shared Insight Cache is a Web service that runs independently of the client. However, you must configure Symantec Endpoint Protection to specify the location of Shared Insight Cache so that your clients can communicate with it. Shared Insight Cache communicates with the clients throughHTTPor HTTPS. The client's HTTP connection is maintained until the scan is finished.

Note: Shared Insight Cache is only available for the clients that perform scheduled scans and manual scans

Helpful Links:

Symantec Endpoint Protection Shared Insight Cache User Guide 12.1

Shared Insight Cache - Best Practices and Sizing guide

Installation and Configuration of SEP Shared Insight Cache

Viewing Shared Insight Cache events in the Cache Server log

How Shared Insight Cache works

About the Symantec Endpoint Protection Shared Insight Cache tool

Customizing Shared Insight Cache settings

Thank& Regards,


"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

das Bild der AjinBabus



Insight allows scans to skip trusted good files. Some files contain typical vulnerabilities. After those files are scanned initially, subsequent scans can skip the files since vulnerability definitions rarely change. Insight also uses file reputation data to skip the files that Symantec trusts as good (more secure) or the community trusts as good (less secure). Using the Insight option might improve scan performance.

What is Virtual Image Exception?

Administrators leverage base images to build virtual machines for their virtual desktop infrastructure (VDI) environment. The Symantec Virtual Image Exception tool lets your clients bypass scanning base image files for threats, which reduces the resource load on disk I/O. It also improves CPU scanning process performance in your VDI environment.

Before you enable this feature in Symantec Endpoint Protection Manager, first run the Virtual Image Exception tool against the base image files. The Virtual Image Exception tool marks the base image files by adding an attribute. If the file changes, this attribute is removed. This tool is found in the /tools/VirtualImageException folder on the Symantec Endpoint Protection product disc. For more information about how to use this tool, see theSymantec Endpoint Protection Virtual Image Exception User Guide, which is located in the same folder.

This feature is disabled by default. Enable the feature so that when your client goes to scan a file, it looks for this attribute. If the base image file is marked and remains unchanged, the client skips scanning the file.


Symantec Endpoint Protection supports the Virtual Image Exception tool for both managed clients and unmanaged clients.