Bandwidth Throttling
Updated: 01 May 2010 | 10 comments
Status:
Reviewed
This would be a huge help to allow dsitribution globally from the SEP without potential of taking down small offices. This is needed for:
1. Definitions and Updates
2. Product installation and upgrades
Prefer to use a Microsoft BITS approach too, so if a client disconnects the data that has been sent will not be lost.
GUPS are nice, but life would be easier if the central console could do this.
Idea Filed Under:
Comments
But we need more than just
But we need more than just throttling and resumable downloads...we need each client to use background bandwidth. Because each client potentially has vastly different amounts of bandwidth available.
One SEP client might be on a VPN connection over 56k dialup, another on a broadband VPN tunnel, while a third has local 10GB connectivity or is located on the SEPM machine. Throttling won't help, here, unless they're all throttled back to the bandwidth the 56k dialup connection can tolerate.
Not to say throttling is unimportant: It would be important for making sure the SEPMs aren't overwhelmed.
I've never understood why Symantec didn't use their own LiveUpdate technology for software updates...they've used it successfully in the consumer security products for years.
But since you mention BITS, IMO, Symantec should just use BITS and not keep reinventing the wheel!
BITS
With SEP 12 for SBS we have already moved away from using IIS and into Apache. This makes using BITS a little awkward.
A shame, because BITS works
A shame, because BITS works awfully well. So I repeat: Symantec, please stop reinventing the wheel!
This functionality already exists (from the SEPM side)
There is already a function to throttle the amount of bandwidth used by client updates (virus definitions or updated install packages).
Currently the SEPM does these updates via the website in IIS.
IIS has bandwidth limiting functionality built-in under site properties.
See also this Knowledge Base
See also this Knowledge Base article:
Title: 'How to throttle network bandwidth used by the Endpoint Protection Manager (SEPM) website in Microsoft's Internet Information Server (IIS)'
Document ID: 2008032806522248
service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008032806522248
It does?
IIS bandwidth limiting is for the whole IIS site, not per client. That won't work.
Bandwidth throttling from the LiveUpdate servers is only available LiveUpdate to LiveUpdate and only if you mange the LiveUpdate servers from a central LiveUpdate and distribute from it. Quite honestly, I have had to rebuild LiveUpdate servers a number of times already and maintaining the list of LiveUpdate servers to push to would have been a nightmare to replicate. Meanwhile, each LiveUpdate server is downloading at full bandwidth.
GUP's only do bandwidth throttling if you remember to make the registry change in our install package (not included by default in the Symantec install package)
If there is a bandwidth throttling option in the SEPM, please point out how to get there.
The optimal approach is, quite honestly, QOS, but we cannot do that in our environment, as we have a very large distributed network that does not allow for proper QOS settings to carry through the environment.
Symantec Endpoint Protection RU5
We would be able to control bandwidth utilisation between GUP and SEPM in RU5. Meanwhile this could be done via the registry as documented in http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/1d395b5bec0673ae8025752200793c17?OpenDocument.
Take note, this is between GUP and SEPM. Client can retrieve update from the nearest GUP.
Alan Lee
Principal Regional Product Manager, Enterprise Security Group, Symantec
Non GUP bandwidth throttling
Does this registry settings also works for non GUP client? Why it is only for GUPs? When the technology is here, why it cannot by implemented to every single SEP client?
Bandwidth Throttling
I tried the recommendations listed in the KB article on changing the performance settings in IIS to reduce bandwidth consumption, but it had no effect. In our environment we configured a SEPM for each of our offices figuring that would reduce traffic between the offices as the local SEPMs would distribute the new definitions to its respective clients. For the past year and a half we have been having communications issues with our remote offices which I have recently confirmed are attributed to virus definition replication between the SEPMs. Other than scheduling the replication during off hours are there any recommendations on how to better control how much bandwith is used by this process? It looks like RU5 has something like this for the GUPs, but I would think that communications between SEPMs would have more configuration options.
Thank you in advance.
I can confirm that the
I can confirm that the IIS Bandwidth throttling is all but useless. Different sites on our network have vastly different connections. I can't set a realistic limit for all sites using IIS.
Would you like to reply?
Login or Register to post your comment.