Starting with Symantec Endpoint Protection v14.2 RU1, a new feature was added within the Intrusion Prevention Policy named Server Performance Tuning that contains two different options, Out-of-band Scanning and Use Signature Subset for Servers. The intention of these features is to allow additional tuning for the IPS module and definitions in high-throughput scenarios, which are typically Servers providing network-based services. However, these features can be used on endpoints of all types as desired, as long as they are supported by the SEP client itself.
Out-of-band Scanning tells the SEP client to use a multi-threaded processing approach for all network traffic examination via the IPS module, which has an overall effect of reducing the performance impact of using the IPS module. The use of this feature does not reduce the efficacy of the IPS module in any way.
Use Signature Subset for Servers is a smaller, consolidated and optimized set of IPS signatures intended for use in high-throughput scenarios, regardless of the endpoint type.
Note: In the Intrusion Prevention policy on the SEP Manager, the user interface calls out the use of the Out-of-band scanning feature as possibly conflicting with Windows Filtering Platform drivers, on Server operating systems. Therefore it is highly advisable to thoroughly test this option with a Server operating system, in a testing environment, prior to enabling it on production Server operating systems.