You would like to know how to install the Symantec Endpoint Protection Manager (SEPM) to a VMware image or wedge, and need recommendations for memory, CPU and hard drive performance settings.
The Symantec Endpoint Protection Manager is very I/O intensive and subject to random spikes of heavy resource usages in dealing with clients, HTTP traffic and disk I/O transactions. As a result, a minimally designed VMware may suffer performance issues and “fall behind” in logs, requests for content / policies and definitions. With this in mind, Symantec STRONGLY recommends the following settings as a “functional minimum” set of system requirements:
The VMware image should have the resources tab set as follows for a minimal small environment (1-5000 endpoints)
For larger environments or transactionally noisier environments you may need to increase the "Minimum" settings above significantly. This will help to ensure the Symantec Endpoint Manger does not fall behind in log processing and definitions processing leading to the Symantec Manager 'stalling' and or not being able to be logged into locally or by the Remote Management interface.
Since every VM\hyper-v drive cluster and hardware cluster varies along with work load types Symantec cannot explicitly predict or define a "Hardware level" that may be sufficient for you or your environment. With that in mind Symantec would STRONGLY suggest over-engineering the virtual devices and then trimming down individual facets until a performance and reliably balance can be meet.
A good example baseline may be as follows for a medium deployment. (5000-10000 clients)
4 dedicated cpu cores with a 2ghz minimum speed
8 gigabytes of ram + 8 gigabytes of pagefile space
300 gigabytes of disk storage for the SEPM manager alone.
If the listed specs do not sufficiently keep up with high demand or load situations you would then tune the vmware to have more resources. Increasing the system RAM first, then increasing the cpu core count second.
If you find that even with large amounts of CPU cores (8 or more) and large amounts of RAM (16 gigs or more) the Sepm Manager is not able to keep up with sustained load, you may need to increase the availability of more Disk I/o operations per second to resolve this or see if there is another application on the system or the Raid cluster\lun that is consuming to many IOP/s to allow the SEPM to work properly.
Extra considerations for the SEPM SQL database:
Several tables within the database that SEPM uses are, by default, capable of auto-growing to prevent stalling the publishing of definitions. Allow the SEPM to install and create the database if your security policies permit. If your security policies do not allow for automatic database creation by third party applications, manual database creation is another option for automatic table growth.
Other considerations, reducing load to extend reliability: With the SEPM being a heavy I/O and memory intensive application to host in VMware, there are other things that you can do to help improve reliability under extended high load situations (such as a virus outbreak, mass migration).
These steps will help ensure optimal SEPM performance within a virtual environment. While not as responsive as a true hardware device, this will help to keep the SEPM healthy in long term virtual usage. Please be aware, with the SEPM being I/O intensive, it is important to also consider the I/O needs of other VM systems (such as mail servers or database servers) upon the host OS since installing them with the SEPM can result in I/O bottlenecks occurring in either drive channels or networking.
Login to Subscribe
Please login to set up your subscription.
Get support for your product, with downloads, knowledge base articles, documentation, and more.
Maximize your product competency and validate technical knowledge to gain the most benefit from your IT investments.
Set default language
Do you wish to save this as your future site?