Avamar: Slow VM backup due to contention with VMware vShield Endpoint Trend Micro Deep Security

A VMware virtual machine which backs up to Avamar using a guest client experiences relatively slow backup performance.

If the backup window ends before the backup completes, the job terminates as a 'PARTIAL Backup'.

2014-11-28 03:00:10 avtar Info <5157>: PARTIAL Backup #494 timestamp 2014-11-28 03:00:10, 2,839,250 files, 224,573 folders, 2,589 GB (123 files, 1.724 MB, 0.00% new)
---8<--- SNIP--- 8<---
2014-11-28 03:00:13 avtar Info <5314>: Command failed (2 warnings, exit code 10019: externally cancelled by Administrator)

Avtar client log status and summary messages indicate no unusual values.

• The number of files and folders in the backup is moderate.
• The size of the dataset is moderate.
• The number of changed files is low.
• The amount of changed data rate is low.
• Avtar CPU usage is low to moderate.

The backup performance for the client is lower than the 'typical' speed of 1 million files/hour observed with rotational disks.

In this scenario, the dataset contains file system data with a predominance of unchanging .jpg and .tiff files.

VMware vShield and Trend Micro Deep Security for ESXi were enabled.
This caused additional I/O contention during the backup which competed with Avamar.

This caused the backup time to increase meaning that the job ran beyond the available backup window.

VMware vShield and Trend Micro Deep Security for ESXi were disabled and the backup runtime reduced to <5 hours.

It is suggested to approach the vendor for instructions on how to prevent Deep Security (DSA) from scanning processes so that Avamar ones can be excluded.

The following guidance may be helpful:-
Go to Console > Computer > Antimalware > General > Real-Time Scan > Malware Scan Configuration > Edit.
 
Select the Second Tab > Exclusions > Process Image File List.

Avamar client processes must be excluded from the scan. These include;

• avtar.exe
• avagent.exe
• avvsc.exe
• avscc.exe
• Any and other plugins which call avtar.exe to run backups

External third-party website reference: https://success.trendmicro.com/solution/1115637-understanding-the-difference-between-file-list-and-process-image-file-list-in-deep-security