Scribd Logo
Upload

Welcome to Scribd!

  • Trellix Move Antivirus Solution Brief

    Uploaded by

    Camrick
    30 views4 pages
    .

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    .

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    30 views4 pages

    Trellix Move Antivirus Solution Brief

    Uploaded by

    Camrick
    .

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    SOLUTION BRIEF

    Trellix MOVE
    AntiVirus
    Performance
    Advantages
    SOLUTION BRIEF

    Trellix MOVE AntiVirus


    Performance Advantages
    Trellix Management for Optimized Virtual Environments AntiVirus
    (Trellix MOVE AntiVirus) for virtual desktops and servers is uniquely
    designed to relieve the overhead of traditional antivirus and provide
    even better protection. Our performance tests show that by optimizing
    and offloading virus scanning, Trellix MOVE AntiVirus enables you to
    minimize the performance impact on virtual servers and reduce security
    resources. Here are some of the advantages that Trellix MOVE AntiVirus
    offers over traditional endpoint security.

    Trellix MOVE
    Benefits Traditional Antivirus
    Antivirus

    Smaller foot print in each virtual machine (VM)  

    Higher VM consolidation ratios  

    No virus definition (DAT) updates in every VM  

    Antivirus scan storms eliminated  

    Scan avoidance leveraging a clean file cache  

    Reduced power consumption  

    Optimized scheduling for on-demand scans  

    Test Setup

    All performance tests use this setup

    Host Dell R620 Server, Intel Xeon CPU E5- 26900 @ 2.899 GHz (total 16 core)
    and 192 GB RAM

    Virtual Machine Microsoft Windows 7 x64, 1vCPU, 2 GB

    vSphere ESXi ESXi 6.0

    Virtualization Software XenDesktop 7.6

    Network Broadcom gigabit switches

    Storage Dell EqualLogic 70-0400 iSCSI SAN

    Scan Configuration Default Product settings

    Microsoft Office Office 2010

    Trellix MOVE AntiVirus Performance Advantages 2


    SOLUTION BRIEF

    Performance Test Results On-demand scan (ODS) storm


    DAT storm test with cache test
    All test clients for traditional antivirus receive DAT Due to numerous concurrent scans, host resources
    updates in parallel, creating a heavy load on the with clients running traditional antivirus are severely
    underlying hypervisor. Trellix MOVE AntiVirus performs impacted during an ODS storm. Clients with Trellix
    updates on the offload scan server so that they do MOVE AntiVirus perform much better because
    not negatively impact virtual machines caching avoids repeatedly scanning the same files
    (VMs), resulting in significant advantages over across clients. This produced these improvements
    traditional antivirus. over traditional antivirus during an ODS storm.
    ƒ 87% less CPU usage ƒ 70% less CPU usage
    ƒ 93% less network usage ƒ 75% less network usage
    ƒ 92% less disk usage ƒ 75% less disk usage

    DAT Storm ODS Storm

    150,000 200,000
    128,804 130,584
    151,930 153,928
    100,000 150,000
    84,927

    89,531
    43,548
    50,000 100,000
    15,155
    5,832 9,226 9,352
    37,284 38,405 43,341
    0 50,000
    26,361
    13,356
    Trellix MOVE AntiVirus Traditional Antivirus
    (multiplatform) 4.XX 0
    Trellix MOVE AntiVirus Traditional Antivirus
    (multiplatform) 4.XX

    Average CPU Usage (MHz) Average Disk Usage (Kbps) Average CPU Usage (MHz) Average Disk Usage (Kbps)

    Average Active RAM (MB) Average Network Usage (Kbps) Average Active RAM (MB) Average Network Usage (Kbps)

    Figure 1. Figure 2.
    Trellix MOVE AntiVirus performance during a DAT storm. All The graphic depicts resource utilization at the host level when
    parameters were recorded at the host level. Trellix MOVE AntiVirus simultaneously running ODS on 150 VMs. All clients have a
    used one offload scanner with 150 clients. repopulated cache.

    Trellix MOVE AntiVirus Performance Advantages 3


    SOLUTION BRIEF

    Enablement of Trellix Threat


    Intelligence Exchange Test
    Trellix Threat Intelligence Exchange is available for
    multiplatform deployment of Trellix MOVE AntiVirus.
    When a Trellix Threat Intelligence Exchange server
    is configured with Trellix MOVE AntiVirus, fewer files
    are transferred to the offload scanner, resulting in
    significant scan avoidance.

    Total Files Sent to Offload Scanner

    45,000
    39,284
    40,000

    35,000

    30,000

    25,000

    20,000

    15,000
    9,785
    10,000

    5,000

    With Trellix Threat With Trellix Threat


    Intelligence Exchange IntelligenceExchange
    Enabled Disabled

    Figure 3.
    This test, which runs an ODS on 70 VMs with Trellix Threat
    Intelligence Exchange enabled and a pre-populated cache on the
    offload scan server, shows a 75% reduction in file transfer between
    client and offload scan server.

    Summary
    Trellix MOVE AntiVirus improves the security of
    workloads deployed on virtual infrastructure without
    impacting performance and resource utilization.

    Visit Trellix.com to learn more.


    About Trellix
    Trellix is a global company redefining the future of cybersecurity. The company’s open and native extended detection and response (XDR)
    platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations.
    Trellix’s security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and
    automation to empower over 40,000 business and government customers.
    Copyright © 2022 Musarubra US LLC 102022-01

    You might also like