Scanning and Reputation server client limit?

Hi,

We are planning to get protection to our VMware VDI-desktops. SVCE seems like very interesting product.
I have video from old webinar, where mr. Harri Ruusinen tell that one Scanning and Reputation server can handle about 100 client machines. What is the reason for that 100 client limit? Does SRS start eating too much memory or Disk IO? What about case that in one physical host we have 300 virtual desktops: scenario 1) We install 3 SRS server, each with 100 client or Scenario 2) we cannot use more than 100 clients after start using SVCE/SRS?

Answers will be appreciated

Best Answer

Comments

  • BenBen Posts: 2,641 F-Secure Product Expert

    Hello Mikki,

     

    There is no strict limits for the number of virtual clients. However in practice you should stay below 100 clients or you might encounter problems. 

    1)Multiplying the SRS instances is indeed the solution to handled a greater number of virtual clients. 

  • JachymJachym Posts: 10

    Hi,

    I have one question coherent to this topic. Is there any kind of advertence that SRS is under stress etc? I mean how can I check that my SRS is able to serve current number of hosts successfully? Any log message, rejected requests, utilisation, on SRS or host side...

    Second question: will be in new version of PMS visible that Offlod scanning is installed? The same as you can see in PMS if Internet shield or Browsing protection is installed and status of them.

     

    Br,

    Jachym

  • MikkiMikki Posts: 3
    Thank you Ben for answering. We are very interested what is the reason about that 100 limit. Is it limit about that Linux appliance or what? What problems may come?
    What if allocate more resources to SRS (cpu and ram), can it serve more than 100 clients then?
    br Mikki
  • MikkiMikki Posts: 3
    Thank you Dimitriy for more explanation. We will try this product next week in our enviroment. Nice to know that there is many helpful person in this forum!
    BR, Mikki
  • etomcatetomcat Posts: 1,319 Superuser

    Hello,

     

    You should have multiple SRS servers to avoid a single point of failure. What if a "funny" file crashes the virus scanning engine in SRS? It takes time for the services to restart, but the other SRS server(s) could provide un-interrupted scanning service during that time!

     

    What if you have to upgrade SRS version? With multiple servers upgraded one-by-one, any downtime can be avoided for the clients. Remember that F-Secure CS is unable to revert to locally hosted scan engines in case of SRS connection problems.

     

    Best Regards: Tamas Feher, Hungary.

This discussion has been closed.