Video Screencast Help

Endpoint Protection AV

Created: 19 May 2010 • Updated: 21 Jun 2010 | 8 comments
This issue has been solved. See solution.

Hi,

We would ilke to install Endpoint Protection AV and we would ilke to know if it is a good point to install this software on a Hyper-V virtual machine rather than a physical machine (Best practice).

Thanks for your help

Regards

Comments 8 CommentsJump to latest comment

Koosah's picture

You would want to install the antivirus protection to all machines virtual and physical. I run hyper-v and my host os is protected along with all clients since you cannot scan the virtual hard drives with the host scanner

Symantec Technical Specialist

Please don't forget to mark which thread solved your issue!

biker007fr's picture

Hi,
Thanks for your answer.
I don't understand exactly your point with the virtual HD scan.
Do you mean that :
- Host scanner won't scan Hyper-V virtual machine HD
- You need to install a Sym AV client on each Hyper-V virtual machine for their HD to be scanned
Regards

AravindKM's picture

- Host scanner won't scan Hyper-V virtual machine HD

You have to create a scanning exclusion for this.Other wise it will cause performance issues

- You need to install a Sym AV client on each Hyper-V virtual machine for their HD to be scanned

Yes you have to do this..

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

P_K_'s picture

If you have an infrastructure in my opnion  it is better to install on a Physical machine

Title: 'Top 10 Symantec Best Practices - Deploying Symantec Endpoint Protection Architecture'
Document ID: 2009012721190648
> Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2009012721190648?Open&seg=ent

Title: 'Compatibility of Symantec Endpoint Protection with Microsoft Hyper-V'
Document ID: 2008101604454248
> Web URL: http://service1.symantec.com/support/ent-security....

Title: 'Support policy for Symantec AntiVirus Corporate Edition and Symantec Endpoint Protection on "virtual computers"'
Document ID: 2004022310441648
> Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2004022310441648?Open&seg=ent

MCT MCSE-2012 Symantec Technical Specialist (SCTS)

SOLUTION
OSU-SYSMgr's picture

I assume you're talking the SEP Management server as a VM.   We tried that, but as the number of clients grew so did the demands on the VM.  We were up around 3000 clients and even with the SQL database on a seperate server the demands became too great with CPU utilization constantly up around 80% and sometimes hanging at 100% for an extended time.  We had to move it off to a physical box.   We are now up around 6000 clients and it is running much better with CPU utilization averaging 40%.  We did have one spike in the last 30 days that took it to 80%. 

So, for a small shop a VM would work well.  I'd recommend that if you are going to have the database on the same host that you provide lots of resources.   You might also consider bringing up a second SEPM server on a different VM host so you can to load balance or at the very least have it act as a fail over.

J.Bonner's picture

We have over 40,000 clients and run our SEPM servers on virtual machines. Perhaps the key is we have 3 load balanced SEPM servers. IMHO, it's cheaper to light up two or three VMs -- on Hyper-V hosts that can run up to 8 virtual machines each -- than it is to purchase and devote an entire physical server to the task.

Jon