cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Staggering Full scans

Hello All,

Currently we have 350 clients managed by our EPO and our security policy requires a full daily scan to be performed. All machines start their scan at 6:30PM and this is having serious performance impacts on our ESXi hosts due to excessive CPU utilization, especially since we over-provision.

Can you please point me to literature that shows how to stagger these full scans, I read that some people use Tags however I'm quite new to EPO.

Thanks in advance for any help.

2 Replies

Re: Staggering Full scans

Options:

1) Look into MOVE for your virtualization scanning instead of using traditional VSE.

2) Randomize the start time of the Client Task.  If your scan takes, say, an hour on average, you can randomize across a six-hour window.  In general, only 1/6th of your clients will be scanning at any given time.

3) Create a set of tags (say, "5 PM scan", 6 PM scan", etc.) and apply those tags evenly between your systems.  Create a client task that applies to the group those systems are in and allow that client task to run only on the systems with the correct tag.  The big downside here is that net-new systems will not have a scan task set up unless you manually enable them.

4) Create several subgroups of your current group, and name them "5 PM scan", "6 PM scan", etc.  Distribute your managed clients among those groups and assign each group a client task that runs at the specified time. 

Re: Staggering Full scans

All great responses from tkinkead 


We use a mixture of all of the above suggestions. 


If you have access to MOVE this is a great tool set. It sends all the scan events to a dedicated Offload scan Server and comes in two options, multi platform or agentless. We opted for multi platform due to the Agentless option having less features within the exclusion lists and not having access to the VMWare ESX component required which we were not licensed for. 


We also use the client task randomisation feature in or On demand Scan tasks and our DAT update tasks all assigned using tags. 


Regards

Richard Carpenter

McAfee Volunteer Moderator

Certified McAfee Product Specialist - ePO







More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community