Specifications
Large-scale deployment considerations
100 |
Make sure you have performed the name indexing before you start deploying your
clients. The recommendation is to first deploy one single client and then perform a
logon to the database. This single logon will initiate the name indexing to start and
after that the remaining clients can be deployed.
NOTE:Nameindexingisnotthesameasdatabasecompression.Compressionoftheobjectdirectoryisnot
recognizedtorenderanyperformanceimprovementsforEndpointEncryptionforFilesandFoldersand,
thus,notrecommended.Consequently,theparametersfor[Attribs]
and [Tracking]ofthe
dbcfg.inifileshallbedisabled.Also,thereisnoneedtosetanyvaluesforthe[idassignments]inthe
dbcfg.inifile.
Key caching
If possible, try to make use of the encryption key caching feature. This may be
impossible due to security reasons. However, considering this option for any
encryption key created will help reduce the communication payload on the Endpoint
Encryption Server.
Avoid other “9 a.m.” database payloads
If possible, try to avoid other payloads on the machine hosting the Endpoint
Encryption object directory and the Endpoint Encryption Servers.
Examples of such extra payloads are object directory backups and Endpoint Encryption
for PC synchronizations.
For directory backups, please consider a scheduling later during the day.
For Endpoint Encryption for PC synchronizations, please consider using the
synchronization delay options. See the Endpoint Encryption for PC – Administrators’
Guide for details.
Exclude from antivirus real-time scanning
If you happen to have anti-virus software on the computer hosting the central object
directory and the Endpoint Encryption communication servers, consider excluding the
following process and directory from real-time scanning (if possible and allowed by
your anti-virus policy):
• Process: SbDbServer.exe
•
Directory: [SYSDRIVE:\Program Files\SBAdmin]
This will dramatically improve the response times in the communication between the
client and the server.