Endpoint Protection

 View Only

  • 1.  Minimun network bandwidth for SEP client remote update

    Posted May 14, 2015 09:15 PM

    What is the minimum network bandwidth required for SEP client to get update from SEPM over WAN link? If the WAN link is 256kbps, 90% used by BAU activity, what is the best recommedation to ensure SEP client still get signature update while not impacting customer BAU business?



  • 2.  RE: Minimun network bandwidth for SEP client remote update

    Posted May 14, 2015 09:18 PM

    If you're on 12.1.5 you can throttle it accordingly:

    Symantec Endpoint Protection Bandwidth Control for Client Communication

    You can also throttle it if you're using GUPs from within that policy.



  • 3.  RE: Minimun network bandwidth for SEP client remote update

    Posted May 15, 2015 12:31 AM

    You can use GUP's on remote location.

     

    See AravindKM articles

    https://www-secure.symantec.com/connect/articles/tips-installing-sep-low-bandwidth-environment

    Optimizing Symantec Endpoint Protection for branch offices

    https://support.symantec.com/en_US/article.TECH94122.html



  • 4.  RE: Minimun network bandwidth for SEP client remote update

    Broadcom Employee
    Posted May 15, 2015 07:14 AM

    There isn't any 100% accurate path to calculate how much badwidth is required for SEP client to get update from SEPM over WAN link.

    However there are settings to control the bandwidth usage.

    Make sure clients are not allowed to bypass GUP if it's failed to provide updates & configure maximum bandwidth allowed for group upodate provider downloads from the management server. By doing this there might be delay to provide definition updates but can avoid bandwidth choke up problem.

    GUP_0.JPG

    If SEP is on RU5 version can check the options given in this article as well:

    http://www.symantec.com/docs/TECH201290



  • 5.  RE: Minimun network bandwidth for SEP client remote update

    Posted May 15, 2015 07:23 AM
    Configure the Gup at Bo location and divert the client to get the update only from Gup system. Port 2967 is require to open for Gup from firewall to communicate with Gup. Configuring doc attached by James007 and Chetan


  • 6.  RE: Minimun network bandwidth for SEP client remote update

    Trusted Advisor
    Posted May 15, 2015 08:47 AM

    Hello,

    Check the Sizing and Scalability Recommendations -

    http://clientui-kb.symantec.com/resources/sites/BUSINESS/content/staging/DOCUMENTATION/4000/DOC4448/en_US/1.0/Endpoint%20Protection%20Sizing%20and%20Scalability%20Best%20Practices_%20v2.3.pdf

    Between SEPM and SEP

    • Heartbeat (with no updates to be exchanged) - When there is no traffic to be exchanged (i.e. no profile to download and no logs to update) then the heartbeat will be between 2 and 3 KB/s.
    • Policies (i.e. AV/AS, Firewall, OS Protection, Host Integrity) - Typically varies between 20 and 80 KB, but can increase if detailed rules are included, or OS protection templates are used. Generally, once you set your policies to suit your network needs, you do not modify them on a regular basis.
    • IPS Signature Updates - Files range between 50 and 100 KB. Symantec supplies updates approximately every quarter unless a specific threat or vulnerability needs to be addressed.
    • AV Signatures - 50 to 100 KB daily for clients, assuming that the signatures are updated successfully every day.
    • Logs - Logs are compressed at the client before they are uploaded to the Symantec Endpoint Protection Manager. Approximately, 800 log entries take up 1KB of file space.

    Regards,