Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Scanning files on write, but not read on Virtual Desktops

Created: 31 Jul 2013 | 2 comments

We are working with VDI (Virtual Desktop) machines and we are configuring the SEP 12 policies.  Our VDI admin is requesting that we set Auto Protect to "Scan when a file is modified", instead of "Scan when a file is accessed or modified."  In other words, scan on write, but not on read.  Obviously this recommendation would improve performance, but I'm trying to think of scenarios where this setting would be a security risk. 

The VDI image is read-only, thus all changes will be lost when the machine is powered down or rebooted, however the file system of the VDI instance is obvoiusly writeable while it is live. 

Is this setting recommended by Symantec?

Operating Systems:

Comments 2 CommentsJump to latest comment

.Brian's picture

Of course it is best practice to scan when a file is accessed or modified but you have to do what works best for your scenario. The good thing for you is changes are lost when rebooted so you can respond quickly to any risks. This is a pretty nice layer to have.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

mkeil's picture

Maybe this document will help you to improve the performance ein your virtual environment: http://www.symantec.com/docs/TECH197344

 

Regards, 

mkeil

Please "Mark as Solution" if my post is useful