7 Replies Latest reply on Feb 4, 2011 8:55 AM by clbarnett

    Daily On-Demand Scan

    regcoles

      Hi,

       

      I have changed our daily on-demand scanning routine and I would just like everyone's thoughts on if it's overkill or fine as some test users are complaining on some of the days the scan is slowing down the systems completely. I have set the CPU usage to 10% but it never sticks to it (don't know why)

       

      Daily:

      9.30am - Memory for Rootkits

      3.30pm - Running Processes

       

      This are run at 12.30pm daily.

      Monday                                      Tuesday                                  Wednesday                      Thursday                             Friday

      User Profile Folder                 Windows Folder                        Program Files Folder                   Registry                         User Profile Folder                

      All sub folders                        Cookies                                   Recycle Bin                             Temp Folder                       All sub folders                         

      Boot Sectors                         All sub folders                           All sub folders                          All sub folders                       Boot Sectors                                 

                                                 Boot Sectors                             Boot Sectors                           Boot Sectors

       

      Any suggestions welcome. The company policy is to run a scan everyday.

       

      Regards

      Reg

        • 1. Re: Daily On-Demand Scan
          Sk1dMARK

          I don't believe there is any way around the performance hit.  To alleviate this, we chose to run the scan after normal business hours.  Any chance you can do the same?

           

           

          Regards,

           

          Mark

          • 2. Re: Daily On-Demand Scan
            HermanSchenk

            Hi, What product and patch level are you using ?

            Here with VSE 8.7i  and P4 computers run ok with ODS set to use 20% CPU.

             

            Regards .

            • 3. Re: Daily On-Demand Scan
              regcoles

              Hi,

              We cannot run after business hours as 90% of systems are shutdown at business end because of power/money saving at present. We are looking into using Power Management software to switch systems on at specific times at night but still in testing.
              We are running VSE 8.7i and P4 Agent 4.5.1499 and 4.5.1810

               

              Regards

              Reg

              • 4. Re: Daily On-Demand Scan

                Run it at non peak hours, because it is resource intensive in nature.

                 

                I think once per day is overkill, maybe try bi weekly or weekly. I would try to coordinate with users to leave their machines on at that time, depending on the size of the environment.

                • 5. Re: Daily On-Demand Scan

                  According to McAfee's own recommendations, do not scan running processes.

                   

                  KB67634 "Process scanning is resource intensive and can negatively affect system performance. McAfee recommends that you disable the option to scan Processes on enable unless you require the maximum protection configuration for Access Protection in your environment. " (https://kc.mcafee.com/corporate/index?page=content&id=KB67634&actp=search&search id=1273676278938)

                   

                  I realize this KB article specifically relates to the setting 'scan processes on enable', but the same applies to running a manual scan of running processes while users are trying to work.  Don't do it unless you require maximum protection in your environment.  Most businesses require a balance between protection and productivity.  So, my first recommendation is stop the on-demand scan that scans running processes.

                   

                  Our own policy is to run a full system on-demand scan weekly, not daily.  We have our users do a shutdown/restart at the end of the day instead of a shutdown.  Then, after business hours, we run a scheduled task that first runs an on-demand scan and then powers off the workstation.  Again, a balance between saving power, meeting the business requirements to scan all systems, and still meeting the business requirements of allowing users to be productive during the day.

                  1 of 1 people found this helpful
                  • 6. Re: Daily On-Demand Scan
                    regcoles

                    Hi Cheryl,

                     

                    I think I might have missed a trick here:

                    You get users to restart system and then you run a full On-Demand Scan and then shutdown the system.When you create the task for the full On-Demand scan what schedule type are you using, is it at 'System Startup' and do you use different software to shut the system down. Thanks for the infor regarding running processes.

                     

                    Regards

                    Reg

                    • 7. Re: Daily On-Demand Scan

                      The scheduling is outside of ePO,  a .cmd file scheduled via Windows Task Scheduler that does a command-line scan of the system and then issues a shutdown command (shutdown -s -f -t 10).  If ePO scan tasks allowed the option to run a command after the task is complete, that would let you do it via ePO.

                      1 of 1 people found this helpful