Is Endpoint Security for Servers (ENSS) really needed if I can leverage the ENS On-Demand Scan to schedule a click task to run outside of business hours on the weekend, randomly against VDI workstations/desktops? I don't know if I really need ENSS capability if its only running a scan.
Yes you can schedule On-Demand Scan task against VDI. And with the latest CPU throttling in ENS it can give you some control of the resources from the policy. So what happens if you kick off scanning on a group of systems that are on a single hypervisor, where the CPUs are over provisioned. Normally you get 100% CPU, or something close, on the hypervisor. ENSS lets you use smart scheduling to limit the CPU% on the hypervisor itself. So if you set a limit of 60% for the Hypervisor, then whatever scanning has kicked off will continue, but until those systems complete there scanning, no additional scanning will be kicked off. Once the CPU drops down below 60% additional scanning tasks are kicked off. This can allow for a single scanning task to be used for all of the systems reducing your management time. The scanning is also spread out reducing the impact to virtual systems, and helps prevent scanning storms. Hopefully you ae also using the policy based scanning which can also populate the Endpoint Security: Scan Duration dashboard, so you can see how long your scanning is taking to complete.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.