Installing the Symantec protection engine for the first time and want some advice from Symantec.

Here are a few adjustments to the default configurations that could help prevent issues and boost performance:

1.)Set the time to extract files on the Protection Engine to 2/3 of that of the connector. This will help ensure the connector never times out during a Symantec Protection Engine scan.

2.)Consider adjusting the maximum extract size of the file that meets or exceeds the default setting which is 100MB. Many file scan issues can be attributed to this value being set too low. Zip files can expand out to many times their compressed size. It is advised to increase this setting to meet the demand of the particular environment. Monitor and adjust as needed. max extract size has a maximum of 2000MB that can be input into this field.

3.)Do not have the connector send the protection engine files larger than it is configured to scan. For example, if the protection engine is configured to handle only 100MB maximum file size, but the connector is not, the connector still sends over the file for the protection engine to make the determination that the file is too big. This causes increased processing overhead, and increased bandwidth consumption and also adds latency to the transaction.

4.)Adjust the in-memory file system to the maximum of 2GB if resources permit (for versions prior to protection engine 7.8). Default in-memory file system setting is configured relatively low compared with average modern-day hardware capabilities. If the protection engine has available RAM it is advised to increase this number to the maximum since in-memory scanning is faster than scanning files off disk. This will increase the performance of the protection engine. The reason that the maximum limit is 2GB is due to the limitations of the  32-bit architecture. Protection engine is a 32-bit program for versions prior to 7.8.

5.)Consider reducing the "Threshold number of queued requests" from 100 down to 1. When a protection engine is working at maximum capacity, it will start queuing requests. At this point, users will likely notice a delay when trying to access files especially if the protection engine is processing a lot of large files. To help alleviate this scenario reduce the threshold for queued requests. Once set to 1 the connector will sense that the protection engine is busy and send the requests to a different protection engine.

6.)Use more than 2 protection engines per filer. 2 is merely a starting point. Implement as many as possible, hardware resources permitting, to be able to handle peak load.