Best practices for configuring the required number of scanners
Last Modified: 2023-04-12 08:49:10 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Best practices for configuring the required number of scanners
Technical Articles ID:
KB81962
Last Modified: 2023-04-12 08:49:10 Etc/GMT Environment
Endpoint Security Storage Protection (ENSSP) 2.x
SummaryThis article provides you with best practices for configuring the software with the recommended number of scanners.
Definitions
Physical scanner count The minimum scanner count = 1 x Requestors + 1 Examples:
NOTE: You can follow this formula in a lab environment, but you must supplement the formula as needed in production. Best practices scanner count The best practices scanner count = 2 x Requestors Examples:
NOTES:
VM scanners
WARNING: Both storage appliance and antivirus vendors don’t recommend VM scanners. VMs are subject to many more limiting factors than standalone nodes. The reason is because of their interaction with and presence on the hypervisor with many other nodes. All nodes compete for resources. VM scanners can be constructed so that there’s little or no difference between their performance, compared to physical scanners for any given scenario. But, this construction requires planning and diligent monitoring. Storage appliances are some of the most expensive assets in an IT organization. Because they’re charged with protecting an enterprise's most sensitive and important data, it makes them an unideal area for cost cutting. If VM scanners are to be used, the below guidance must be observed. Best practices for VM systems:
Virtualization factors to consider The following list describes the performance-sensitive functions that you must consider when using VM scanners:
Related InformationAffected ProductsLanguages:This article is available in the following languages: |
|