Endpoint Protection

 View Only

  • 1.  Large SEP Download killed network

    Posted Mar 21, 2011 05:40 AM

    Hi,

      We have recently put in SEP into one of our accounts. The SEP server is in the DC and is connected to an MPLS network with a 100Mb line with 5 sites of 100 users down 5 * 100Mb/s lines onto the same cloud. Recently the entire network ground to a hault, when the monitoring tools were analysed it showed SEP had pushed out 54GB/s data to the 500 client PC's and maxed out the 100Mb/s lines.

     Can we limit SEP to only push to a max number of PC's at one time. it looks like a 100 MB upgrade was pushed to all 500 PCs at once. Surely SEP should be able to limit what it does on the network?

     

    thanks,



  • 2.  RE: Large SEP Download killed network

    Broadcom Employee
    Posted Mar 21, 2011 05:51 AM

    Hi,

    GUP - Group update provider can help you to save bandwidth consumption.

    Go through links for more details.

    http://www.symantec.com/business/support/index?page=content&id=TECH96419&locale=en_US

    http://www.symantec.com/business/support/index?page=content&id=TECH96417&locale=en_US

    http://www.symantec.com/business/support/index?page=content&id=TECH97190&locale=en_US



  • 3.  RE: Large SEP Download killed network

    Trusted Advisor
    Posted Mar 21, 2011 06:09 AM

    Hello,

    Absolutely.

    First of All, what Symantec Endpoint Protection version have you installed?

     

    This may give you some idea for controlling bandwidth usage..


    Tips For Installing SEP In A Low Bandwidth Environment

    https://www-secure.symantec.com/connect/articles/tips-installing-sep-low-bandwidth-environment

     

    Also, Check the Following:

    How To Optimize Endpoint Protection for Branch Offices using GUPs, Load Balancing, and Location Awareness

    http://www.symantec.com/business/support/index?page=content&id=TECH94122&actp=search&viewlocale=en_US&searchid=1300464815085

     

    Some basic guidelines for GUP hardware/software considerations are as follows:

    1. Ensure that the machine being used to serve as the GUP has sufficient reserves of CPU/memory capacity to allow for its normal operations to continue while serving content to clients
    2. By default, Windows is configured to allow a maximum of 5000 TCP connections simultaneously. With this configuration, the GUP is capable of serving 40 client connections per second.
    3. Windows can be configured to allow a maximum of 65534 TCP connections simultaneously. With this configuration, the GUP is capable of serving approximately 180 client connections per second.

     



  • 4.  RE: Large SEP Download killed network

    Posted Mar 21, 2011 08:59 AM

    I would also add make sure your running a current build of SEP we had nightmares with this with the early releases.  Around MR3 or 4 it got alot better.  We use GUP's in all our offices and keep the SEPM at the data center as a fail over point for if  a GUP is down for more than 24 hours.   You can even throttle how many machine can hit a GUP at once.   If you have servers in each location I would recommend letting the server double as a GUP as it should be able to handle the traffic better than an desktop.