Symantec Endpoint Protection 14: GUP Best Practices

GUP Best Practices

Symantec Endpoint Protection 14: GUP Best Practices

In this article we talk about GUP best practices to achieve maximum effectiveness and efficiency within your SEP environment.

 

GUP Health

Invest in a tool that will quickly allow you to visualize the health of your GUPs in a matter of seconds. Advanced reporting allows you to find the information you need without the need for digging deep within the SEP console. There are good tools available that allow you to spend more time fixing problems instead of researching them, like SOLVE for SEP. SOLVE was purpose-built to deliver optimal SEP metrics, and highlights GUP health statistics for security and infrastructure teams alike.

Network Bandwidth

Bandwidth usage can be significantly reduced by placing GUPs strategically within the environment. Symantec recommends that a GUP be on the same local network segment as all clients it supports.

Why? Because each GUP must have sufficient bandwidth to deliver content packages of up to 600 MB to the clients it serves, up to 3 times a day.

Client Support

GUPs can support up to 10,000 clients at a time, however, you will need to have hardware to support it and modify the Windows Server to support more simultaneous connections.

GUP Disk Space

There are two instances in which GUPs automatically delete content from its cache:

  • If content size exceeds the Maximum disk cache size for content updates setting. If this happens, the GUP deletes the oldest definitions to make room. Set Maximum disk cache size for content updates to at least 2000 MB.
  • If content is older than the Delete content updates if unused setting, the GUP will remove the old content.

Hardware/Software Limitations

Does a machine acting as a GUP experience additional load on CPU, memory and/or IO?

While there is an increase, but it’s minimal. These factors increase based on the number of clients updating from the GUP, the size of the delta (or full content update), and the frequency of the updates within the environment.

Availability of GUPs

Machines that are configured as GUPs should be connected 24/7 for maximum benefit in downloading updates and distributing to their clients.

Taking your GUP reporting up a notch, with GUP best practices

Tools like SOLVE exist to allow SEP customers to visualize your SEP data in a matters of seconds – giving you actionable insights instantly. With role-based access control, system admins can provide context-relative dashboards and report to anyone, from auditors and compliance to the IT department and executive management…all without giving unnecessary access to the product management console.

SOLVE Group Update Provider Overview Dashboard

SOLVE Dashboard for Total Group Update Providers Details

 

Related Content:

What is a GUP (Group Update Provider)?

Take Your SEP Reporting to the Next Level with SOLVE