Endpoint Protection

 View Only

  • 1.  Abnormal Network Bandwidth usage from SEPM Server to clients

    Posted May 08, 2012 07:53 AM

    Hello Guys,

    The last two week i have a problematic issue with my environment's network bandwidth. I'm using SEP 11 with 3200-3300  user attached to it.

    A half of sep clients are contacted to sep server by using WAN. Following to SEP Server configuration, i have the Number of content revisions to keep set to - 15. Also i have configured communications settings to pull  mode instead of push mode.
    So, everything was ok since promotion of SEP Server till these days, but already twice in the last week i have a huge number of usage of network bandwidth.

    After investigation i saw that clients are downloading from sep server full definitions instead of deltas and network bandwidth usage increase more and more. Usually SEPM have the last 15 definitions located on a server default location.

    In general, except of these two unlucky and too loaded days sep clients usually are downloading deltas and traffic flow between SEP Server and clients is quite normal.

    I don't know what are causing this problem, i'm in the process of the investigation and i need the proper solution to fix this problem in order not to repeat abnormal bandwidth usage between main office and branches.


    Have you ever had an issue like this ? or if you have some experience with that.. ?


    Thanks in advance,



  • 2.  RE: Abnormal Network Bandwidth usage from SEPM Server to clients

    Posted May 08, 2012 08:05 AM

    Any recent chages to LU policy? Also how may SEPMs you have? Are you using GUP for WAN clients?



  • 3.  RE: Abnormal Network Bandwidth usage from SEPM Server to clients

    Trusted Advisor
    Posted May 08, 2012 08:10 AM

    Hello,

    Are there any GUP set between SEPM and SEP clients?

    What version of SEP 11.x are running on these machines?

    Could you check these Best Practices which may be applicable for your environment:

    How To Optimize Endpoint Protection for Branch Offices using GUPs, Load Balancing, and Location Awareness

    http://www.symantec.com/docs/TECH94122

    Tips For Installing SEP In A Low Bandwidth Environment

    https://www-secure.symantec.com/connect/articles/tips-installing-sep-low-bandwidth-environment

    Hope that helps!!


  • 4.  RE: Abnormal Network Bandwidth usage from SEPM Server to clients
    Best Answer

    Posted May 08, 2012 05:08 PM

    1. Keep IIS Logging on for Content and Client Packages, its easy to find which client downloaded FUll.zip instead of Delta package and its easier to troubleshoot and find root cause.

    2. Was that client not updated for long time ? and how many clients were pulling the full definitions ?

    3. Number of Contents to Keep..keep it 30 days,So that it has more delta for full 30 days.

    4. For WAN side if they are in groups then suggest you to keep GUP for each group/subnet. eg: you have 10 remote locations with 2-10 or more clients in each location then it makes sense to have a GUP, unless by WAN you mean all clients connecting through VPN from their home.