Minimum number of servers for Scanning and Reputation Server

Hi!

I'm planning of deploying Scanning and Reputation Server. What would be a minimal amount of servers (or workstations) running on virtual environment that SRS made a noticeable boost in performance? Ofcourse that depends on various things, but can you give me rough estimates?

Find more posts tagged with

Comments

Vad

Hello hyvokar,

> Any idea if it works with Esxi5.5 / 6.0 ?

Yes, it works.

Regarding your first question. Presence of SRS shifts the load caused by virus scanning from server/workstation to SRS. So, even having one server connected to SRS you will get improvements in its performance in comparison with default installation of same Server Security product.

Best regards,

Vad

etomcat

Hello,

You cannot deploy one (1) F-Secure Scanning and Reputation Server (FSAV SRS) meaningfully. If it encounters a "funny" file which crashes the scanning engines, it will take time for the processes to restart themselves and all your virtual guests running OSCE agent would grind to a halt during that time.

Because of this, at least two (2) FSAV SRS appliances need to be created in every physical host computer in the virtualizing environment and you need to specify them in "round robin" manner in the OSCE configuration. I would say this setup only makes sense generally if you have 8-10 or more VMs (guests) per host, I think it cannot make sense with less than 5-6 guests in any way or shape?

(One could think about having multiple physical hosts for virtualization, but only one FSAV SRS appliance per host. In that case SRS redundancy / failover could be provided, theoretically, over physical connection between the hosts, but F-Secure developers found SRS can only work properly if the line speed is equivalent to 10Gbps or more.

That is easy to meet within a single host, where ethernet speed between guest VMs is emulated by VMware through RAM memory. Between physical hosts however, currently only rich enterprises are able to afford 10G ethernet or fancy fiber optic interconnects and most operators are still using 1 gigabit UTP cable.

Therefore you will need at least two FSAV SRS appliances running in every physical host for production-level reliability.)

This is my unofficial opinion.

Best Regards: Tamas Feher, Hungary.

hyvokar

Also, release notes states that SRS version 11 is compatible with esxi 5.0 and 5.1. Any idea if it works with Esxi5.5 / 6.0 ?