Bandwidth Usage

The bandwidth required for communication between servers and between clients and servers in the Endpoint Security environment depends on many factors.

Client to Server Communication

The communication between the Endpoint Security client and the Endpoint Security Management or Policy Server includes:

• Endpoint Security clients send a heartbeat message to the Endpoint Security Server at 60 second intervals (by default) to check if policy updates are necessary.

• Endpoint Security clients send a sync message to the Endpoint Security server when synchronization is necessary. The sync includes monitoring data from the blades installed on the Endpoint Security clients.

• Endpoint Security clients send blade-related payloads to the Endpoint Security server when necessary.

• Endpoint Security clients upload logs to the Endpoint Security server,

Endpoint Security client to Endpoint Security Management or Policy server required bandwidth is based on these factors:

• The Heartbeat interval - The frequency at which Endpoint Security clients communicate with Endpoint Security servers to make sure that all policies are up to date.

• Which Endpoint Security Blades are installed on the Endpoint Security client.

Client to Server Traffic

This table shows the estimated traffic for 1,000 deployed Endpoint Security clients with the default heartbeat interval (60 seconds). The table is organized by Endpoint Security blade.

Component	Traffic Inbound to server Kb/s
Device Agent	236
Anti-Malware updates	0.2
Full Disk Encryption	34
Media Encryption & Port Protection	3
Application Control	15
Behavioral Guard	3
SandBlast Agent	2

Note - If the Anti-Malware blade is installed, clients must download the Anti-Malware database after installation. The average size of the full database download is 145 Mb for each Endpoint Security client. This database is updated every few hours.

The traffic is linear. To calculate the estimated traffic, multiply the values in the table above by the number of Endpoint Security clients deployed (note that the values above are for 1,000 deployed Endpoint Security clients).

For example:

In an environment with 20,000 Endpoint Security clients with Full Disk Encryption and Media Encryption & Port Protection installed:

Inbound traffic: (20*236) + (20*34) + (20*3) = 5,460 Kb/s

Policy Server to Management Server Communication

Endpoint Policy Servers communicate with the Endpoint Security Management Server to retrieve system information to answer Endpoint Security client requests.

The communication between the Endpoint Policy Server and the Endpoint Security Management Server includes:

• Endpoint Policy Servers get from the Endpoint Security Management Server:

  • Policies and installation packages.

  • Anti-Malware updates.

  • All files that they need for synchronization.

• Endpoint Policy Servers send a Policy Server heartbeat message to the Endpoint Security Management Server at an interval of 60 seconds, by default.

• Endpoint Policy Servers send a sync messages to the Endpoint Security Management Server when synchronization is necessary.

• Endpoint Policy Servers send monitoring events to the Endpoint Security Management Server at 60 second intervals or when there are more than 1,000 events.

• Endpoint Policy Servers send all database-related messages directly to the Endpoint Security Management Server.

Endpoint Policy Servers to Endpoint Security Management Server required bandwidth is based on these factors:

• The Endpoint Policy Server Heartbeat interval

• The Monitoring data upload rate.

• The size of the scanned Active Directory.