Endpoint Protection Small Business Edition

 View Only

Using a Symbolic Link to Reduce the Space Used by Symantec Endpoint Protection Small Business Edition in the Operating System Partition 

Mar 21, 2013 03:01 PM

This article describes how Symantec Endpoint Protection Small Business Edition can consume a large amount of hard drive space in a Windows operating system partition and details one method for recovering that space.  As with any procedure that is “home-grown,” I recommend that you test this on a purpose-built (i.e., non-production) server before you implement it.

When you install Symantec Endpoint Protection Small Business Edition, the product places a huge demand for space on the operating system partition.  In some cases, even with adequate planning, the cumulative effects of a growing database, its corresponding back-ups, not to mention the intra-day and mid-month signature files, can take up between 8 and 20 GB of space.

The Symantec Endpoint Protection Small Business Edition Implementation Guide states:

Symantec recommends that you back up the database at least weekly. You should store the backup file on another computer.

The backup file is saved in the following folder, by default: Drive:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\backup.

The backups are placed in a .zip file. By default, the backup database file is named date_timestamp.zip, the date on which the backup occurs.

Note: Avoid saving the backup file in the product installation directory. Otherwise, the backup file is removed when the product is uninstalled.

If you want to follow this advice, you are going to have to manually back-up your database, wait for the task to complete, and then manually copy the resulting file (several gigabytes of data) either to another computer or another external drive.

For server administrators or technicians who use StorageCraft’s ShadowProtect to back-up their Windows Servers, one of the cautions that StorageCraft issues is to make sure you are not backing up back-up files.  In this case, their concern is noted – and, according to Symantec, it appears to be unavoidable.

And that bothered me.  After all, if Symantec says that the back-up should be placed on another computer – and that it should not remain in the Program Files folder – then why don’t they offer a mechanism for specifying the output folder when the back-up is begun?  That request has been posed, and not answered, for several versions of the product.

I decided that I would try something different to help a client’s server whose primary partition was going to run short on space if something wasn’t done soon.  In this case, I was going to permanently move the Symantec database back-up file to another drive.

To do this, I utilized the built-in functionality of the Windows NTFS system and created a symbolic link to the database back-up folder and physically moved the contents to another drive.

First, I stopped the two key Symantec services:

  • Symantec Endpoint Protection Manager
  • Symantec Endpoint Protection Manager Web Server

Next, I opened up a command prompt, and running as Administrator, issued the following command (all on one line in the command prompt, but split here for readability):

robocopy
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\backup"
"F:\Symantec\SEPM_DB\Backup" /copyall /mir /xj /dcopy:T

This command created a new folder on the F:\ drive – one that is not backed up by ShadowProtect – based on the original folder on the C:\ drive.  All of the contents were copied, including the folder date/time stamps.

Then, I issued the following command:

mklink /j
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\backup"
"F:\Symantec\SEPM_DB\Backup"

This created the symbolic link between the C:\ drive folder and the F:\ drive folder

Then I issued the final command:

rmdir /s /q
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\backup"

This cleared out the contents and deleted the original directory.

I then closed the command prompt.

Finally, I restarted the Symantec Endpoint Protection Manager service, which automatically started the Symantec Endpoint Protection Manager Web Server

To test this new folder construct, I ran a back-up of the database by clicking the Start menu, selecting All Programs > Symantec Endpoint Protection Manager > Symantec Endpoint Protection Manager Tools > Database Back Up and Restore.

After the back-up was complete, I opened Windows Explorer and navigated to the C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\backup folder.  When I clicked in the address bar, I saw that the reference was F:\Symantec\SEPM_DB\Backup.

So, after less than half an hour, I managed to save my client more than 4 GB of space on their operating system partition.  I now have peace of mind knowing that the database is on a drive that I can manage and back-up as needed, and that it is not taking up unnecessary space in the daily system backups.

Statistics
0 Favorited
1 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Jul 24, 2015 08:09 PM

Worked a charm for a Datto backup system that kept trying to transfer 4GB of backup data every time the SEPM did a backup.

Do you recall if you needed to change the original backup folder name before creating the junction point? When I did this I needed to rename the folder first before creating the junction. 

Thanks,

Dan

 

Jun 27, 2013 06:32 PM

Great article and suggestions, thanks for posting!

The (almost rediculous) amount of space that the Symantec suite consumes on an operating system partition, and the number of changes that can occur here on a weekly basis that are held in multiple locations can wreck havoc with incremental images with Shadowprotect; especially when the incrementals are shipped offsite via internet.

Again, good suggestions and thanks for posting.

Related Entries and Links

No Related Resource entered.