cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Level 10
Report Inappropriate Content
Message 1 of 3

Endpoint Security for Servers 5.2 question

Is Endpoint Security for Servers (ENSS) really needed if I can leverage the ENS On-Demand Scan to schedule a click task to run outside of business hours on the weekend, randomly against VDI workstations/desktops? I don't know if I really need ENSS capability if its only running a scan.

2 Replies
Highlighted

Re: Endpoint Security for Servers 5.2 question

Yes you can schedule On-Demand Scan task against VDI. And with the latest CPU throttling in ENS it can give you some control of the resources from the policy. So what happens if you kick off scanning on a group of systems that are on a single hypervisor, where the CPUs are over provisioned. Normally you get 100% CPU, or something close, on the hypervisor. ENSS lets you use smart scheduling to limit the CPU% on the hypervisor itself. So if you set a limit of 60% for the Hypervisor, then whatever scanning has kicked off will continue, but until those systems complete there scanning, no additional scanning will be kicked off. Once the CPU drops down below 60% additional scanning tasks are kicked off. This can allow for a single scanning task to be used for all of the systems reducing your management time. The scanning is also spread out reducing the impact to virtual systems, and helps prevent scanning storms. Hopefully you ae also using the policy based scanning which can also populate the Endpoint Security: Scan Duration dashboard, so you can see how long your scanning is taking to complete. 

Tracy Lee Howell Jr.
Highlighted
Level 10
Report Inappropriate Content
Message 3 of 3

Re: Endpoint Security for Servers 5.2 question

Thanks for your reply.

The VDI desktops are non-persistent and that is kind of why I'm leaning toward ENS ODS (On-Demand Scan) randomly on the weekends when no one is actually using the desktops.

But also if I configure ENSS setting in ePO with connection to our vCenter service account & etc, doesn't that pull all VDI or virtual systems into ePO for scanning?

 

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community