I got some questions this week on VMWare and where the virtual appliance is.
All Webwasher related downloads reside on this portal: https://extranet.webwasher.com, to gain access it is suggested to contact customer service to set up an account for you.
In the portal you need to navigate to Software > McAfee Web Gateway 7 > Download to download the .iso.
The ISO can be mounted in VMWare to act as installation source.
For a VM to just test the product, you should setup the VM to have
min. 2048GB of Ram
35+GB of disk space
floppy is optional
USB is optional
min. one NIC
If you need a sizing for your virtual environment, please request assistance through your account manager/sales engineer.
It is notable, that copying a VMWare with MWG will corrput the installation, due to a change of the UUID inside the BIOS. MWG uses the UUID as unique identifier for the machine.
If you want to create a default one to spawn new instance from, just install an instance. After the install of the packages, you will be asked if you want to reboot, halt, or shell. At this point, select halt. After the VM has halted (message on the console) shut it down and use this VM as template.
Make sure you attend the initial startup from a VSphere console to enter the initial config wizard and setup up basic connectivity.
Also, when VMware wants the operating system type, I use either CentOS 64-bit, Red Hat Enterprise Linux5 64-bit, or Other Linux 2.6 64-bit.
They all seem to do about the same thing...unless Michael suggests otherwise.
I have my web gateway 7 set up on a virtual appliance. According to the product guide the recommended memory is 2G, I am constantly peaked at 1.98G.
Is this the true memory that is used? How much memory does the appliance normally consume?
Linux memory management:
All used memory is staying allocated to the former requester. In case another programm needs more memory, the kernel will shift recourses from A to B. If not requested, memory will remain with MWG in case it required this amount of mem at one point of time. Important is that MWG is not massively swapping. In case it is, add more mem to the VM.
We are a new customer to McAfee's MWG. We are going to deploy version 7 since the software has stabilized.
We have a test VM configured with 4GB ram since it was swapping as much as 1.5GB with negligible activity at 2 GB ram.
We are using 2.8 GB of the 200 GB disk space. We will log browsing data to a logging server and to a MSSQL database used by Web Reporter. The daily log files are compressed. We are keeping 14 days of logs.
Regarding sizing the VM for MWG 7, the documentation says to use 200 GB - excessive in my opinion/experience. You said to use 35+GB of disk space for a test VM. Can we size production VMs to be used by less than 50 people at 40 GB?
I have checked with McAfee already (opened a ticket) and they said to go with the configuration in the documentation without giving a reason. The WW500E uses 160 GB of disk space and the WW1100E uses 146 GB of disk space. Odd that support would say to use 200 GB regardless of the number of users.
I would greatly appreciate your input since we are trying to deploy the VMs and the 200 GB footprint will require additional resources in some locations.
the intention for VMWare support has been not to generate a footrpint reduction, but allow running MWG on an existing hardware.
When you think about ISOs and one downloads 10 of them and each is 4.5 GB in size, this will generate 4.5GB x 10 x 2 = 90GB of diskspace at one point of time throughout the process. Thus we have the requirement for much available diskstorage. The above scenario is not really artificial as user generated traffic is uncontrolable.
Additionally when thinking about Windows Updates and cab archives in general, they offer a great compression rate, which means that a 300MB update package, can easily end up being 900MB internally when unshrinking all members. If you now think that only some of your PC will do this at the same point of time...
Thank you for your insight on VM sizing. We have 13 locations, with as many as 675 users to as few as 8 users in a location. Although it is possible a few of our IT staff could download a 4.5 GB ISO file, it would probably be in multiple locations, and not all at the same time. Testing shows the files are stored in a temporary directory and are removed either when the user retrieves the file, or after some period of time if they have not been retrieved.
As a point of interest, the WW500E model, which is currently the smallest offered by McAfee, has 160 GB of disk space (not 200 GB).
Regarding the Windows CAB files, does McAfee expand each one and scan for viruses before they are made available?
Lastly, please explain your example of 4.5 GB downloads for 10 users - why is the amount doubled?
We are having a difficult time in justifying 200 GB for our smallest locations, where the resources are limited.
The Web Gateway will scan all archives that are not excluded from the AV scanner or blocked by the media type filter.
If you trust or whish not to scan update downloads from Microsoft the Web Gateway has a default rule you can implement to your white list or gateway antimalware rule.
As for Micheal's example the reason for doubling the resources needed is the file is saved to local disk (cache) for scanning purposes. Again, so if you download a 1GB file the Web Gateway makes a copy locally for scanning by the AV engines = 2GB.
Please see image for the Microsoft rule mentioned above.on 12/13/10 1:11:15 PM CST