Endpoint Protection

 View Only
  • 1.  Deployment

    Posted Aug 14, 2009 04:49 PM
    I have posted something like this before for information but wanted to post this once more to see how others think about this plan?

    I work for a decent sized school district.  We have about 25 sites. 4 High Schools, 1 Transportation, 1 District Office, and about 20 K-8 Schools.

    Avg Clients:
    High Schools = 1000
    K-8     =    200 - 500
    Trans =  25
    District  = 150

    Most our servers are at District as well.

    So I was planning out a Load balancing SEPM at Distict. 2 Servers.  Then a SEPM at all 4 high schools.  The at the K-8's would make the server we have there a GUP.

    My question is would you have the High School SEPM sync logs back and forth between all 6 SEPM's?  Or just have them forward the logs to the 2 at District? 

    We need to keep network traffic down as much as possible....  also I have setup 26 different locations within my polices so laptops going from one school to another will always pick up the GUP or SEPM at that site?  Any other suggestions??????

    Thanks,

    Kris


  • 2.  RE: Deployment

    Posted Aug 14, 2009 05:02 PM

    Forwarding the logs to the District  would be better

    In order to keep  network traffic down as much as possible.. go with GUP, Replication will take a huge amout of bandwidth



  • 3.  RE: Deployment

    Posted Aug 14, 2009 05:07 PM
    Pull mode saves bandwidth versus Push mode. Also default check-in is 5 minutes, can easily be toned down to 15-30 minutes. 


  • 4.  RE: Deployment

    Posted Aug 14, 2009 05:50 PM
    Yes.

    Keep clients in PULL mode and setup GUP at each location..


    For PULL mode configuration:

    Follow these steps:

    1. Log in to the SEPM.
    2. Click the Clients view.
    3. Select the Group to configure and turn off Policy Inheritance (if at a level other than My Company).
    4. Under the Policies tab.
    5. Click the Communication Settings link under Location Independent Settings.
    6. Set the Download radio button to Pull Mode.
    7. Set the Heartbeat Interval to at least 30 minutes (recommend 60 minutes).
    8. Click OK.
    For GUP Setup check:

    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/39e094426b9d082588257456006d4ac6?OpenDocument

    Hope this helps :-)


    Thanks :-)



  • 5.  RE: Deployment

    Posted Aug 15, 2009 07:00 PM
    This is something I always suggest to people when they are concerned about bandwidth. You should increase the number of content revisions to keep. The default value is 3 content revisions and by default live update shoots off every 4 hours. So when the computers are on and liveupdate runs then you download the deltas for each revision (very small file). But if your computer has missed more than the last 3 revisions then you will download the full revision which is ~40mb. So if you increase this from 3 revisions to keep to lets say 6 or 9 then the majority of the time you will only download the deltas. This saves a ton on bandwidth. This is why peoples networks are usually bogged down on monday mornings. ie) They leave their computers off during the weekend, missing more than 3 content revisions and then have to download the full file on monday. So increase this number and you will only download deltas. The downside if that you have to keep the content revisions stored locally on the harddrive. So you don't want to keep too many because 40 mb a pop adds up quick. Also gup helps a lot and setting to pull mode as suggested above will help ; )

    Cheers
    Grant