Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all articles
Browse latest Browse all 10484

SEP LiveUpdate Anti Virus Def Updates versus Mac Time Machine Backups

$
0
0
I need a solution

Want to know if the "EngineYYYYMMDD" folders, which appear to be temporary when SEP LiveUpdate anti-virus definitions are updated, may be deleted from Time Capsule that were backed-up via Time Machine? The folders are apparently temporarily created and exists in local hard-drive folder /Library/Application Support/Symantec/AntiVirus/until a subsequent anti-virus definition update occurs at which point a newer EngineYYYYMMDD folder is created and the previous one is deleted.  Each EngineYYYYMMDD folder appears to contain a complete copy of all files in folder /Library/Application Support/Symantec/AntiVirus/Engine/ that were present just before the current anti-virus def update.

An 67 day Time Machine/Time Capsule backup analysis of the /Library/Application Support/Symantec/AntiVirus/folders located on my Mac local hard-drive reveals that a cumulative of 29 GB of data (mostly VIRSCAN DAT files) have been backed-up.  That equates to approximately 430 MB per day on average with a projected annual rate of 157 GB.  When a narrower view is taken of just the EngineYYYYMMDD folders the average daily backup rate is 247 MB with a projected annual rate of 90 GB.  If the EngineYYYYMMDD folders are of no consequence or are of minuscule importance, and are not needed from a SEP disaster recovery perspective (not having to perform a fresh install of SEP) then more than 16 GB may be immediately deleted from Time Capsule and approximately 90 GB backup space may be saved annually.  (A pdf file is attached that supports this post.)

It is a fact that Time Machine does not allow wild-card character usage when specifying a backup exclusion.  Assuming that the EngineYYYYMMDD folders are of no vital value and wild-card exclusions are possible with Time Machine, then manual Time Machine/Time Capsule deletion would not be necessary.  A Time Machine wild-card character enhancement request was been submitted to Apple on 11/19/13 to address this potential backup issue.

Further thought regarding this matter leads one to believe that SEP application developers could modify local hard-drive folder/file structure and LiveUpdate (and manual anti virus def update) logic to ameliorate more than 99% of the ongoing MB's/GB's that are being captured and backed-up by Time Machine and possibly other commercial backup applications as a result of LiveUpdate anti virus definition updates.

Of particular note is the amount of SEP related update MB's/GB's being routinely backed-up by Time Machine appears to be an order of magnitude (more than 10 times) larger than all other backup demands associated with my MAC.  That is significant!

Back in the day when one was working in the IT/IS sector it was conventional thinking that something generating or causing unwanted/unnecessary hard-drive usage (activity or storage) was a security threat due to the fact that desired valid information/data preservation and employee productivity were at risk.


Viewing all articles
Browse latest Browse all 10484

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>