Community
User Guides
Support
Community
Help Forums
English Forum
General
About our Community
General Discussion
News and Feedback
Products
F-Secure SAFE
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Other products
Beta programs
Feature Requests
Finnish Forum (Tukifoorumi)
Tuotteet Kotiin
F-Secure SAFE
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Muut tietoturvatuotteet
Support Articles
Language
English
Suomi
Deutsch
Français
日本語
Svenska
Dansk
Italiano
Nederlands
Norsk
Polski
中文 (繁體)
Products & Services
F-Secure TOTAL
F-Secure SAFE / Internet Security / Anti-Virus
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Other products
Common topics
User Guides
Support
Login
|
Register
Performance issues caused from DeepGuard - F-Secure Community
<main> <article class="userContent"> <h3 data-version="3" data-article="000023249" data-id="issue">Issue:</h3> <p>We use different ERP applications that are installed on different servers, where F-Secure Server Security 14.xx is running.End users starts these applications from network shares. This means the network shares can be differently, and appilcations as well. Now, we have noticed that are lot of delays, and everything seems to be slow, when accessing these applications. We have been excluding the network shares, but nothing has changes so far. Disabling DeepGuard helps. <br> <br> </p> <h3 data-id="resolution">Resolution:</h3> <p>Note: Before digging into the problem, there are two prerequisites that F-Secure demands from customers using our products.<br></p><ol><li> URL addresses for F-Secure update services: <a rel="nofollow" href="https://community.f-secure.com/discussion/11407/url-addresses-for-f-secure-update-services">https://community.f-secure.com/discussion/11407/url-addresses-for-f-secure-update-services</a> This means that *.f-secure.com and *.fsapi.com needs to be allowed from your Firewall in addition for services to work correctly.</li><li> You need to have Security Cloud enabled for all of your Clients, unless its some isolated Host. You may find more information about the Security Cloud here:<br><a href="https://www.f-secure.com/en/web/legal_global/privacy/security-cloud" rel="nofollow">https://www.f-secure.com/en/web/legal_global/privacy/security-cloud</a></li></ol><ul><li>Security Cloud can be enabled using Policy Manager Console. The option is located under advanced settings, Client for the F-Secure Security Cloud. Object identifier: 1.3.6.1.4.1.2213.57</li></ul><b>Regarding the performance issues cased from DeepGuard</b><br>There are always two levels. The obvious one is if DeepGuard that knows if the application is whitelisted, if it is, DG doesn't monitor it, so less performance hit.<br>If DG doesn't know it's clean, it will monitor it and that can cause performance issues. Excluding will obviously also work to "fix" the performance issues since DG again doesn't monitor the excluded applications. Whitelisting is just a safer way to reduce the monitoring level that DG does.<br><br>For applications running from network shared there's the additional performance hit coming from the SHA1 calculation of the application. Since the binary is on a network share, we can't assume anything about it or cache the results so DG driver will always compute the SHA1 when it see the process launching. Whitelisting doesn't affect this in any way and exclusion is the only way to avoid this performance problem<br><br>The latter problem mainly affects cases where the application is being launched a lot as in like several times a minute. It also depends on the network speed and file server load and many things.<br>Usually whitelisting the application is sufficient to avoid performance issues.<br>So, you can add example application.exe to excluded processes to optimize disk performance using Policy Manager Console, but you can also add the whole path to excluded applications under real-time scan.<br>If you are not sure, if the application is clean and can be excluded, you can always submit the executable of that application to us for further analyses. To do so, please use the SaaS Service: <a rel="nofollow" href="https://www.f-secure.com/en/business/support-and-downloads/submit-a-sample">https://www.f-secure.com/en/business/support-and-downloads/submit-a-sample</a><br> <p>Article no: 000023249</p> </article> </main>