Antivirus - WSM 3.5
This posting describes some generic best practices regarding antivirus and WSM.
Does anyone now have a suggestion regarding which antivirus software is usable with WSM?
We tried a fairly new version of Trend at a customer in Bergen, this was unusable. The client would take a long time to boot, logon was slow and it would hang for a few minutes after the GUI was loaded. It would also randomly use 100% CPU for a few minutes when in use. We uninstalled Trend and everything was much better immediately.
If someone has working config for Trend that they use in WSM, this would be great. As I don't know the product very well myself, and I don't have administrative access to Trend, I would appreciate some rather detailed instructions, if possible.
Alternativly, is there other products that could be recommended to the customer?
Thanks in advance
We actually don't use antivirus on the clients, as they're all running in volatile cache mode. Of course, the users don't have administrative rights either. If I remember correctly we did som testing with Sophos Anti-Virus on them, and we didn't have any issues. My mind could be playing with me though, it would not have been the first time
In addition to the points in the earlier posting you reference keep the following items in mind as well:
1 - Disable the auto update feature of the antivirus software. This is especially true if you are using Shared (volatile) mode as the update process will attempt to complete on each and every reboot. Updates to the antivirus software should be handled by updating the base OS image
2 - Make sure you are using the On-Access feature of your antivirus software (not sure the exact name of this feature in Trend). Since the virtual disk becomes read only when in Shared mode, there is no need to do a full disk scan on the virtual disk. If a full disk scan is attempted by multiple clients, serious performance issues will occur at the WSM server. The On-Access feature will scan the files added to the write cache files and thus will protect the system without requiring too much overhead from either the client or the server.
SEP with WSM
I am aware of an enterprise that has deployed WSM to approx 10% of their nation-wide offices as a pilot to see how well their software and computing environment performs over this delivery system. Symantec Endpoint Protection is used. However, whereas with physical computers, they employ the use of a software updating tool called Marimba, the streaming desktops are updated with deltas, but these aren't released all that often. I know the streaming OS is setup for volatile mode, as each reboot a fresh copy is loaded. These pilot offices all utilize gigabit switches and there are approx 8-15 workstations in each of these offices. Bootup times are not much different than booting from local OS. I am not aware of any performance issues of or related to SEP.
In our environment we have over 200 wyse clients now and we have AV on everyone of them. We are in the process of switching from Sophos to ESET so we have a fairly large number of clients with each on them. We currently do not see any performance impact by running antivirus as long as we turn off automatic updates and boot time scans etc. The only thing we really leave running is the on-access scanner, this helps mitigate the risk of viruses spreading while ensuring that our images still respond as if the user was sitting in front of a full pc. Hope this helps.
My client using CA 12.1 virus protection suite under WSM3.6 seemed to hang in the final stages of booting up XP. After 5 minutes it still was not up. I uninstalled and reinstalled the free Microsoft Security Essentials suite which seems to work well.
After a complicated and lengthy install of the CA product on our fat pc's - we still seem to get some virus's and malware. Try the Microsft product - it is free.
I am Chetan Savade from Symantec Technical Support Team.
In case you wish to test Symantec Endpoint Protection (SEP), can download trial-ware version from here:
Download - Symantec Endpoint Protection 12 Trialware