The Local Update Service enables you to designate computers to serve as local update hosts. The local update hosts efficiently share software updates and definition files with other computers on the same network. This feature reduces Internet traffic to SEP SBE cloud by directing agents to download needed updates from the designated local update host. The conservation of Internet bandwidth by using Local Update Services may be substantial.
Deciding if the Local Update Service can work for you
The Local Update Service provides a tremendous benefit to networks with limited bandwidth for Internet access. The service enables you to configure local update hosts for each network segment. The local update hosts check for definition and software updates every 4 hours and downloads when updates are available. The rough download math for a local update host is:
(35MB*30 days)+170MB/month for additional files=1220MB/month
Without local update hosts, each of your endpoint protection computers does the same thing, consuming your Internet bandwidth. The heavy network load can be complicated when workers turn on their computers in the morning and agents look to the Cloud for updates. Even when you deploy local update hosts, Endpoint Protection computers still consume local network bandwidth to download updates and definition files. However, the downloads consume only local network bandwidth rather than Internet bandwidth. Your strategy for local update host placement can mitigate heavy network loads by spreading out local update hosts by network segment.
To successfully deploy local update hosts to your network, planning and forethought are essential. However, there is no configuration required once you determine the best candidates to be your local update hosts.
Choosing local update hosts
Among the matters to consider are:
How many agents exist on your network?
What is the capacity of your Internet connection?
Is your organization's network routed or bridged between locations?
What is the capacity of the connection between locations?
Does your organization support multiple networks at each location?
What is the network utilization on each network segment?
As a general rule, small to medium-sized businesses using a switched gigabit ethernet network are unlikely to have local network utilization problems. The key topology concern is likely to be a remote office that is bridged to the main network and accesses the Internet over the connection. In such cases, software and definition updates for your agents may clog the network connection between the remote network and the main network. Whether agents seek updates from a local update host on the main network or go to the Internet for updates, the remote office connection suffers. In this case, deploying a local update host to a computer in the remote office relieves the strain on the remote network connection.
When remote offices are routed to the main organization's network and support a local connection to the Internet, the concerns are different. In this case you must consider:
The capacity of the Internet connection
The number of computers supported
If the remote office is small, the potential benefit is small. However, as the number of agents increases so do the benefits. A single local update host can support about 100 agents, 50 agents concurrently.
After considering your network topology and network utilization, you must delegate computers to be local update hosts. Some key requirements are:
Microsoft server operating system preferred
Extended uptime; 24-7 is preferred
Computer name must be unique
VMware hosts are not recommended
Symantec recommends using a dedicated server for the best performance. A local update host reserves 1 GB for cache. This memory consumption makes a few specific computer hardware requirements important:
At least 4GB RAM to enable a local update host on a 32-bit computer.