How Can We Help?

Table of Contents

How well does DriveLock Scale

Print
You are here:
< All Topics

DriveLock Scalability:

There are a number of things to consider when preparing your environment and Drivelock for Scale.
A number of questions will need to be asked prior to defining how much resource you should allocate.

Please review below to recieve a brief understanding of the questions you should ask.

Policy Deployment

The requirement to pass policy to your endpoints should be considered. We offer a number of methods to do this

  • CSP Centrally Stored Policy delivered (via port (http)6066, (https)6067 , however can be changed)
  • Flat File via ftp (commonly port 21, however can be changed)
  • UNC path
  • Group Policy (Prefered for Scale)

Naturally the scalability of the policy with Group Policy is vast. However the other side of the coin is the data collection requirements.

SQL (MSSQL)

As all the data is initially stored within SQL, the number of connections it can provide depends on what collection intervals you are using (application logs, device logs, shadow files, windows event details, etc.)
e.g: If you are collecting every 5 minutes for 5000 machines, this creates a massive amount of request congestion. We would recommend an audit of what data needs to be collected and the intervals in which they should report.

However saying this, as SQL can be clustered if you require load balancing.

If you are using the device control component, the load is significantly less then the application control counterpart. SQL and the system requirements are greatly reduced.

FileShadowing

If you are using File Shadowing as part of the device control conponent we do recommend you store these on an accessible file server away from anything connected to your SQL/SAN as these data transfers can certainly add up.
Note: This is configurable and can be changed via policy whenever you like.

Server Load Distribution

We also have what we call a ‘linked server’. This helps facilitate traffic between a remote server or WAN based communication point back to the central console. This enabled the request load to be distributed among the number of linked servers you have.

if you have larger networks with a security requirements, this is a great way to ensure distribution of traffic is handled locally with a single Linked server responsible for compressing and packaging the information back to the DriveLock Enterprise Server Database.

We do hope that from the short information above you see the easy availabiltiy for scale.
For further questions on Load / Resource requirements, please dont hesitate to reach out to our team to help.

Tags:
Categories