Client to SEPM clogging up network traffic
Created: 06 Oct 2010 | 26 comments
One of my SEP group client creating high network traffic causing network clogging only to that group.
any help?
tnx
Discussion Filed Under:
One of my SEP group client creating high network traffic causing network clogging only to that group.
any help?
tnx
Comments
It is creating traffic to
It is creating traffic to SEPM?
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
are you trying to highlight
are you trying to highlight high network traffic on SEPM or GUP ( on WAN) ?
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
it is creating traffic to
it is creating traffic to SEPM
Whether it is your GUP
Whether it is your GUP PC?
Which is the version of that client?
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
I have no GUP on that
I have no GUP on that group.
client- RU5
SEPM-RU6a MP1
is the client not updated
is the client not updated with the latest signature?
What is the HeartBeat set for this client group? try incresing the HeartBeat and see if it reduces the traffic.
What is the source to know the specific client is generating the traffic? Check if it for configurede port on SEPM?
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Whether the client is up to
Whether the client is up to date? If no update it manually one with intelligent updater ....
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
all updated... tnx
all updated...
tnx
Chenk to which port in SEPM
Chenk to which port in SEPM it is communicating?
If it is to 80/8014 it may be due to virus def corruption in that client.
Clear the defs and update manually and observe
How to clear out corrupted definitions for a Symantec Endpoint Protection Client
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
port 8014...this problem
port 8014...this problem exist on 1 group(500 clients).
tnx
You mean all 500 clients are
You mean all 500 clients are together creating traffic?
What is the appropriate band with usage of each client?
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Create a new group and move
Create a new group and move all clients to that group and see...
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
yes..512 MB
yes..512 MB
What is the HeartBeat set for
What is the HeartBeat set for this client group?
try increasing the HeartBeat and see if it reduces the traffic.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
set to every 4 hrs..
set to every 4 hrs..
any improvemnt in
any improvemnt in bandwidth?
try restricting the IIS connection on the IIS manager
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Is this group of clients
Is this group of clients running the latest definitions?
Is this a constant drain on traffic or does it happen at various intervals?
Is your group in push or pull communication?
Can you provide a screenshot of the communication settings for this group?
IIS Throtteling can help you.
IIS Throtteling can help you.
If you are having 500 clients
If you are having 500 clients in a location it is better to assign one PC/2-3 PC as GUP there.This can reduce the traffic.Because in the client traffic ,the traffic created by virus defs will be more always .SO a GUP can reduce the traffic.
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
yes we will try this
yes we will try this one...
thank you
SEP upgrades failed download bug perhaps?
We use Citrix Branch Repeaters at all our locatoins. Using the monitoring tools in Citrix, we disovered a bug in Symantec Endpoint where clients download part of an update, which fails. Then the clients attempt re-download this same update over and over non stop. Because client updates do not use the GUP but go to the SEPM, the bandwidth limiting specified for the GUP does not apply.
I have a thread in this forum about it. The fix was to delete the failed download of the SEP update from the Symantec folder on the client PCs.
Another alternative is to remove the client update package from the groups in SEPM. Or move these clients into their own group as previously mentioned, and create a new install package for them.
Not sure if that is what you are seeing, however that bug was causing a constant 40Mbps avg of traffic to the SEPM. 80Mbps bursts.
What is the path where the
What is the path where the failed download would be located? I am also experiencing a high network traffic recently, and all Symantec has to say so far is to throttle my IIS bandwidth.
To clear out definitions:
For SEPM:
https://www-secure.symantec.com/connect/articles/how-clear-corrupt-virus-definitions-sepm
For Clients:
http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/691fb01f62f2a700882573c2006d6de7?OpenDocument
“Your most unhappy customers are your greatest source of learning.”
If you can upgrade your
If you can upgrade your clients to RU6 MP1 then the below is fixed:
MCP/MCTS/MCSA - www.compugame.dk
Low bandwidth...
Here's an article on tips for Installing SEP in a low bandwidth environment that might prove useful: click here
Although it doesn't say much in deploying clients. Only updating and setting heartbeat intervals.
“Your most unhappy customers are your greatest source of learning.”
Any update on this?
I started a new post yesterday and I'm hoping someone involved in this thread could shed some light. Thanks!
https://www-secure.symantec.com/connect/forums/sepm-liveupdate-spike
Would you like to reply?
Login or Register to post your comment.