2 Replies Latest reply on Jun 22, 2017 8:36 AM by creese40

    Low risk & high Risk

    creese40

      Would anyone have any suggestions or recommended settings for servers?

       

       

      Cornell

        • 1. Re: Low risk & high Risk
          tao

          Some application processes are known to generate high I/O (Input/Output); these processes also compete with VSE scanning activities. Generic examples of such programs are Backup applications, Encryption software and Server Monitoring tools.

           

          VSE scans the file being read as well as the file being written/modified adding about a millisecond of overhead per event. This is fast, but multiplied by thousands, it equates to visible performance impact. This is not because VSE is taking too long but because the application/software/tools are making so many requests per second.

           

          For granularity, I have experienced that configuring different scanning policies for high-risk, low-risk, and default processes for a server has improved server performance and made the server team very happy.

           

          McAfee Corporate KB - Why some processes should be added to low-risk exclusions KB66036

           

          How to figure out what to add to low/high; if you are utalizing any type of Backup applications, Encryption software and Server Monitoring tools; that may be good starting point.  Also, take a look at McAfee Profiler: allows you to analyze activity by the VSE On-Access Scanner (OAS).  McAfee Profiler gather statistics on processes and files that are accessed by the VSE On-Access Scanner (OAS). This data can assist investigating performance issues and/or leveraging the Default/Low/Hi scanning profiles to create a configuration based on the data collected.

           

          McAfee Profiler

          McAfee Corporate KB - Understanding High-Risk, Low-Risk, and Default processes configuration and usage KB55139

          1 of 1 people found this helpful
          • 2. Re: Low risk & high Risk
            creese40

            Thank you