SAN Performance versus Anti-Virus

Over the last couple of months, I’ve been pressed to do more with less when it comes to our SAN. So, I started digging to find out how I can optimize and slim down my virtual desktops so that they take up less SAN overhead.

I made several changes in order to accomplish this, but my biggest and most advantageous change was when I manipulated the way our Anti-Virus operates. Here are some changes that I made that you might find helpful in your enterprise:

1.) I lumped all virtual desktops together in one folder in our anti-virus management console. (Our Vm’s are XP SP3)

2.) Then I changed them from a push to a pull method for updates. Basically, the virtual desktops poll the server every 4 hours looking for an update rather than the server just dumping updates to everything once it receives one.

3.) Then I set a 4 hour randomization variable. So, now, all VM’s ask the server for updates every 4 hours and then it installs the updates to the VM at a random time within the 4 hour window.

4.) I turned off enterprise scanning on VM’s. Our AV server was scanning everything every Monday night at 8pm. It was a big drag on the SAN. So, we still scan the physical machines but not the VM’s.

5.) I turned off proactive network scanning for the VM’s. This feature basically scans everything that comes through the NIC. On virtual machines, this translates to SAN read/writes and some latency.

We saw a dramatic drop in SAN traffic after doing these few things. Don’t forget to plan and analyze your anti-virus solution prior to rolling out a virtual desktop solution.

Until Next Time

Techmill

~ by techmill on July 14, 2010.