This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos for Virtual - Agent Install on Gold Image

We are trialing Sophos for virtual. We have two ESXi Clusters with four nodes in each cluster. I have deployed a SSVM onto each of the ESXi Hosts but when you install the Agent you have to specify the IP address. If I use the IP address of the SSVM on Host one for the install on the Gold image and then deploy 200 vm's from this gold image, am i right in thinking these will all report to the SSVM on ESX host one rather balancing the load across the SSVM's on the ESX hosts they are running on ?   

Thanks in advance.



This thread was automatically locked due to age.
Parents
  • Hello 

    Currently this is how the product works. In your scenario all of the GVMs using the same golden image will be protected by one the SVM regardless if they are on another host.

    We are looking at plans for auto discovery, including redundancy and fail over in future enhancements to Sophos for Virtual Environments.

     

    One option is to have a golden image for each of the SVMs.

     

    Thanks 

     

    Mark 

  • Hi Mark - thanks for the reply.

     

    Do you have an estimated timescale for the enhancements you mentioned ?

  • We are currently planning the releases and scope, once I have more I can share with this forum. 

  • Hello Mark,

    so... one further question to this topic. How many guest VMs can one SSVM protect? The example of 200 VMs was given - we are planning to deploy 1200 VMs with SSVM protection. We are already sad that we can't optain redundancy but do we get a load problem too with one SSVM?

     

    Thank you in advance

  • Hello 

    It is difficult to determine how many GVMs can be protected by one SVM unless we know the environment you will create. ie Size of the physical server; what is the resource split of the GVMs, what the GVMS are doing; your network setup etc.

     

    We find, for the most part, that as long as the virtual environment as a whole can cope with a multitude of VMs then SVE will not cause any larger overhead. 

    SVM scan times do improve with more GVMs as we utilize caching on both GVM and SVM. So if the SVMs find a file that is clean it adds it to its own cache but also updates all the GVMs caches - so before a GVM sends a file to be scanned, it will check its cache to see if the file is in. As more and more GVMs are being scanned, the number of files needed to be scanned are greatly reduced. 

Reply
  • Hello 

    It is difficult to determine how many GVMs can be protected by one SVM unless we know the environment you will create. ie Size of the physical server; what is the resource split of the GVMs, what the GVMS are doing; your network setup etc.

     

    We find, for the most part, that as long as the virtual environment as a whole can cope with a multitude of VMs then SVE will not cause any larger overhead. 

    SVM scan times do improve with more GVMs as we utilize caching on both GVM and SVM. So if the SVMs find a file that is clean it adds it to its own cache but also updates all the GVMs caches - so before a GVM sends a file to be scanned, it will check its cache to see if the file is in. As more and more GVMs are being scanned, the number of files needed to be scanned are greatly reduced. 

Children
No Data