All machines checking into a single GUP
I'm new to administrating SEP RU7 and have a question about configuring GUPs in an environment. I apologize if this has been answered elsewhere...
Here's the story:
We have a remote site whose bandwidth is getting eaten away by SEP updates (yes, very small data pipe) and we wanted to prevent this from happening by designating a client to be a GUP. So we found a test subject who was willing to do this and configured a single GUP live-update policy on that particular group. The remote machines are in a separate subnet from the rest of machines in the group (all of our groups are LDAP synched by the way). To paint a better picture, all the machines are apart of the same AD OU. We don't have this remote site in it's own OU.
From my understanding, machines that exist in the same subnet of the GUP should be the only machines checking in to the GUP. Other machines should go elsewhere depending on their subnet.
What we saw happen was that all machines in that group, regardless of what subnet they were in, started to check in with that single GUP. Obviously that machine got slammed and machines started to simply not update. We then removed the GUP and all machines besides that remote site's started to behave normally again.
Now, we have other groups that are set up with multiple GUP live-update policies that are not experiencing this issue. Another thing to note is that these other groups are in their own OU container in AD. So, technically, each OU has 2+ GUPs assigned to it.
Is this just something native to the single GUP live-update policy or did we just configure something wrong? Should we break out that small remote site into it's own OU?
Thanks for any help and let me know if clarification is needed.