manualshive.com logo in svg

McAfee ENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE, Руководство пользователя

Практическое руководство "McAfee ENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE" предоставляет пользователю возможность загрузить бесплатное руководство для оптимального использования продукта. Скачивайте его с manualshive.com и следуйте рекомендациям для повышения безопасности и эффективности шифрования на рабочих станциях.

Поделиться
Скачать
background image

7

 

 

Server

 

Configuration

 

 
 

Basic

 

Server

 

Requirements

 

The

 

Endpoint

 

Encryption

 

Communications

 

Server

 

process

 

runs

 

under

 

Microsoft

 

Windows

 

2000/2003.

  

Currently

 

some

 

customers

 

report

 

that

 

it

 

works

 

well

 

under

 

Windows

 

2008,

 

however

 

McAfee

 

has

 

not

 

officially

 

certified

 

this.

  

Please

 

see

 

the

 

McAfee

 

KnowledgeBase

 

article

 

KB53698

 

for

 

current

 

information

 

on

 

supported

 

environments.

 

 

The

 

performance

 

required

 

depends

 

primarily

 

upon

 

the

 

number

 

of

 

concurrent

 

connections

 

an

 

enterprise

 

can

 

experience

 

and

 

the

 

number

 

of

 

concurrent

 

object

 

creation

 

events.

  

Real

 

world

 

implementations

 

suggest

 

the

 

following

 

minimum

 

and

 

recommended

 

configurations.

 

 

Note

 

the

 

term

 

“Object

 

Directory”

 

used

 

throughout

 

this

 

guide

 

refers

 

to

 

the

 

database

 

or

 

store

 

for

 

users,

 

endpoints

 

and

 

other

 

settings,

 

and

 

files

 

for

 

Endpoint

 

Encryption

 

management.

 

 

Recommended

 

Server

 

Hardware

 

 

 

20

2000

 

users/systems

 

 

Minimum

 

single

 

server

 

configuration

  

 

 

Dedicated

 

Server

 

 

2

 

GHz

 

Dual

 

core

 

processor

 

 

2

 

GB

 

Ram

  

 

4

 

GB

 

free

 

hard

 

disk,

 

RAID1

 

 

100

 

Mb

 

Network

  

 

Virtual

 

or

 

Shared

 

Server

 

can

 

be

 

used

 

for

 

low

 

numbers.

 

Please

 

see

 

Virtual

 

Server

 

section

 

in

 

this

 

guide.

  

Virtual

 

hardware

 

has

 

to

 

be

 

of

 

higher

 

specification

 

if

 

resources

 

are

 

shared.

 

See

 

Page

 

11.

 

2000

5000

 

users/systems

 

 

Recommended

 

single

 

server

 

configuration

 

 

 

Dedicated

 

Server

  

 

2.4

 

GHz

 

2

 

Dual

 

or

 

1

 

Quad

 

core

 

processor

 

 

4

 

GB

 

Ram

 

 

4

 

GB

 

free

 

hard

 

disk,

 

RAID5

 

 

100

 

Mb

 

Network

 

 

 

5000

50,000

 

users/systems

  

 

Recommended

 

single

 

server

 

configuration

 

 

 

Dedicated

 

Server

  

 

3

 

GHz

 

2

 

Dual

 

/

 

1

 

Quad

 

core

 

processor

 

 

4

 

GB

 

RAM

  

 

RAID5

 

10

 

K

 

RPM

 

Direct

attached

 

Storage,

 

100

 

GB

  

 

Gigabit

 

or

 

3x

 

100

 

Mb

 

Network

 

50,000

150,000

 

users/systems

  

 

Recommended

 

single

 

server

 

configuration

 

 

 

Dedicated

 

Server

  

 

3.0

 

GHz

 

or

 

higher

 

2

 

Quad

 

/

 

4

 

Dual

 

core

 

(8

 

cores).

 

 

6

 

GB

 

RAM

  

 

RAID5

 

Direct

attached

 

Storage.

 

15

 

K

 

RPM.

 

250

 

GB

  

 

Gigabit

 

or

 

4x

 

100Mb

 

Network

 

 

Mentioned

 

RAID

 

refers

 

to

 

hardware

 

RAID,

 

not

 

software.

  

Enable

 

caching

 

on

 

RAID

 

if

 

possible,

 

but

 

ensure

 

suitable

 

UPS

 

power

 

is

 

available.

 

Migrating

 

an

 

environment

 

between

 

hardware

 

platforms

 

is

 

simple

 

so

 

it

 

is

 

possible

 

to

 

start

 

with

 

a

 

minimal

 

configuration

 

and

 

later

 

extend

 

it

 

to

 

a

 

higher

 

configuration

 

in

 

accordance

 

with

 

performance

 

monitoring

 

and

 

capacity

 

planning.

  

NOTE

:

 

These

 

may

 

vary

 

depending

 

on

 

other

 

configuration

 

settings.

 

 

Содержание ENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE

Страница 1: ...1 McAfee Endpoint Encryption Enterprise Best Practices Guide November 2009...

Страница 2: ...d No part of this publication may be reproduced transmitted transcribed stored in a retrieval system or translated into any language in any form or by any means without the written permission of McAfe...

Страница 3: ...OF 5000 USER MACHINE OBJECT DIRECTORY 10 VIRTUAL SERVERS 10 GLOBAL DEPLOYMENTS 11 OPTIMISATION ACTIONS 11 OPTIMISATION ACTIONS OVERVIEW 12 NAME INDEXING DBCFG INI 13 WARNINGS 13 DBCFG INI 13 GROUP SI...

Страница 4: ...19 CLEARING THE AUDIT 19 DELETED ITEMS CLEANUP 20 CHECKING FOR DATABASE CORRUPTION 20 WHY DOES THE DATABASE GET CORRUPTED 20 ORPHANED OBJECTS 21 RESTORE COMMANDS 21 CLEANUP COMMANDS 21 DUMP MACHINE D...

Страница 5: ...e product and the environment in which it is being used before arriving at any decision on implementation strategy Calculations and figures in this guide are based on field evidence and not theoretica...

Страница 6: ...a distributed way For example the Web Helpdesk component can be installed on a dedicated web server while the rest of the components are on a separate Endpoint Encryption Server However the majority o...

Страница 7: ...hared Server can be used for low numbers Please see Virtual Server section in this guide Virtual hardware has to be of higher specification if resources are shared See Page 11 2000 5000 users systems...

Страница 8: ...nvironment has not been fully tested at this time in engineering Load Balancing Given the best configuration is usually a single high performance server with DAS then the least optimal way to perform...

Страница 9: ...s The default settings of the Communication Server limit the queue to 200 entries a balance between taking connections and processing connections After that point the connections are refused This is a...

Страница 10: ...use of Virtual Servers is a result of Lack of resources dedicated to the virtual server Dynamically assigned resources to the virtual server which starves it of the necessary performance during peak p...

Страница 11: ...y is necessary it is better to include endpoints from all regions in the pilot phase Optimisation Actions NOTE These are generic recommendations based on experience but not always be suitable for your...

Страница 12: ...me to five minutes Disable NTFS Last Access Update with a registry change Increase the size of the NTFS Master File Table MFT with a registry change Optimize backups Exclude the Object Directory and t...

Страница 13: ...smaller than 5000 systems otherwise you find the number by multiplying the number of users or systems in the database by 0 6 Example If the number of users in the database is 10 000 the Locktimeout s...

Страница 14: ...lable from your McAfee representative Attribs SingleFile No If this is set to Yes the attributes for objects will be placed into a single file instead of each one having their own file Not generally u...

Страница 15: ...ours NOTE A similar setting KeepAliveInterval has a default 1000 1 second this setting is correct so do not change this Last Access Time Stamp NtfsDisableLastAccessUpdate With large databases it is po...

Страница 16: ...3 or 4 instead of the default value of 1 Object Directory Backup Tool Setup If you set up your Object Directory backup tool make sure it is not running too many times a day because the in between tim...

Страница 17: ...ed you schedule EEPC command line tool SBADMCL to cleanup machine audit and the user audit See Endpoint Encryption Object Directory Maintenance section below File Cache on Raid Hard Drive Controller L...

Страница 18: ...containing old deleted users systems and other objects and are found through the System tab in the Endpoint Encryption Manager These objects can slow searches down If these objects are needed for aud...

Страница 19: ...ds please see the Endpoint Encryption Scripting Tool User Guide which is found in most normal installations of the Endpoint Encryption Manager Extracting and Clearing Audit from the Database The audit...

Страница 20: ...within the Object Directory is renamed The extension of the folder is renamed from RMV to WPE With a very large database these empty removed folders can sometimes slow down searches In a test lab try...

Страница 21: ...have a full backup of SBDATA before doing this Restore Commands To restore orphaned user objects back into a group use this command SBADMCL Command RestoreUsers Adminuser Admin Adminpwd mypassword Gr...

Страница 22: ...ects in the DumpMaDesc log can be deleted from the database If the normal deletion doesn t work use Windows Explorer to browse to the actual location in the database and delete the physical folder In...

Страница 23: ...utes servicing each client EEPC has excellent password synchronization across all the endpoint clients a user is assigned to It is therefore logical that adding thousands of users to each machine will...

Страница 24: ...nate Requests This option stops the machine from entering hibernation mode Note this option is not supported in Vista With later versions of EEPC v5 x this should normally be left disabled to allow no...

Страница 25: ...ppear as a fixed drive and therefore swaps with the fixed disk after booting from it It can cause recovery problems with Remove or Emergency Boot for example Alternatively use with a floppy disk drive...

Страница 26: ...tion to encrypted data Using one autoboot user for too many machines Instead use more autoboot users to reduce the multiple connections and load on the autoboot user object in the database Autoboot us...

Отзывы:

Нет отзывов

Похожие инструкции для ENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE

Panasonic PT-D10000 Series Setup And Operation Manual preview
PT-D10000 Series
Бренд: Panasonic Страницы: 37
Omron WS02-NCTC1-E - 07-2001 Operation Manual preview
WS02-NCTC1-E - 07-2001
Бренд: Omron Страницы: 116
ALK CoPilot CoPilot Live Smartphone User Manual preview
CoPilot CoPilot Live Smartphone
Бренд: ALK Страницы: 42
Belkin SMROUTERUPDATINGFIRMWARE Firmware Upgrade Manual preview
SMROUTERUPDATINGFIRMWARE
Бренд: Belkin Страницы: 4
Ulead DVD MOVIEFACTORY 5 User Manual preview
DVD MOVIEFACTORY 5
Бренд: Ulead Страницы: 72
Red Hat APPLICATION STACK 1.4 RELEASE Release Note preview
APPLICATION STACK 1.4 RELEASE
Бренд: Red Hat Страницы: 22
A&D WinCT-Plus Instruction Manual preview
WinCT-Plus
Бренд: A&D Страницы: 36
i3 International SRX PRO User Manual preview
SRX PRO
Бренд: i3 International Страницы: 220
Fiat Formidable mOByDic 3210 Series User Manual preview
Formidable mOByDic 3210 Series
Бренд: Fiat Страницы: 17
pagertec DELUX Installation Instructions Manual preview
DELUX
Бренд: pagertec Страницы: 16
MACROMEDIA DIRECTOR MX-LINGO DICTIONARY Manual preview
DIRECTOR MX-LINGO DICTIONARY
Бренд: MACROMEDIA Страницы: 756
Wavecom WISMO Quik Q2406 Customer Design Manuallines preview
WISMO Quik Q2406
Бренд: Wavecom Страницы: 53
Omega Engineering M-4066 User Manual preview
M-4066
Бренд: Omega Engineering Страницы: 63
Garmin nRoute Help Manual preview
nRoute
Бренд: Garmin Страницы: 130
Canon 9320A010 - EOS Rebel XSi Starter Instruction Manual preview
9320A010 - EOS Rebel XSi Starter
Бренд: Canon Страницы: 55
Axium Keypad Manager 3.0 User Manual preview
Keypad Manager 3.0
Бренд: Axium Страницы: 38
Canon Viewer User Manual preview
Viewer
Бренд: Canon Страницы: 55
GRASS VALLEY JUPITER SOFT PANELS Datasheet preview
JUPITER SOFT PANELS
Бренд: GRASS VALLEY Страницы: 2

Бренды по названию

Популярные бренды

Загрузить еще бренды