Hi All,
Searching Symantec FAQ, I have come across an interesting topic and would like to post and share here with this topic:
We want to put Endpoint Protection on our terminal server but do not fully understand how the service works when set up that way. Can you explain?
FAQ
When Endpoint Protection is installed on a terminal server, the server runs an application engine. The server delivers antivirus and Spyware Protection for all of the logon sessions to the terminal server. As computers connect to the terminal server, each new connection opens a separate session to run the user interface. The server installation enables multiple users to get independent access to the application as needed.
These sessions appear as multiple instances of ccApp.exe and SmcGuid.exe in the server processes listing; 64-bit terminal servers also display multiple instances of ProtectionUtilSurrogate.exe. The design endeavors to minimize resource consumption by these connections, however, for a heavily loaded terminal server you may need to modify the registry. The Symantec User Forum documents several registry tweaks in this thread:
Symantec User Forum.
http://www.symantec.com/connect/forums/sep-11-and-terminal-server-or-citrix
in MR3, SmcGui should be less resource intensive anyway (each version gets more new, better optimised code) however, in order to prevent SmcGui from loading for each user session you can now use the following registry key (rather than renaming SmcGui)
HKLM\SOFTWARE\Symantec\Symantec\Endpoint Protection\SMC\LaunchSmcGui
Set it to DWORD 0, rather than DWORD 1
Message Edited by Paul Murgatroyd on 10-07-2008 02:12 AM
Message Edited by Paul Murgatroyd on 10-15-2008 09:27 PM