• State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 38 subscribers
  • Views 676 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Orion Platform and DefenderATP

jfaldmo

We have recently enabled DefenderATP on our Orion Servers, a Main Polling Engine and two APEs. The website is on the Main Polling engine too of course. When DefenderATP was installed/enabled on the server the MPE is on it slowed down the website so much it became practically unusable. 

Excluding the SolarWinds directory from being monitored is no longer an option, (thanks nation-state hackers.) Is anyone else running Defender ATP without it impacting Orion performance, and if so what are the key settings that prevents it from impacting Orion's performance?

Thanks!

  • 0

    Real-time anti-virus works by blocking user and application access each and every time a file is either read or written to. Only once the file has been verified 'clean' is the read or write operation allowed to execute. At least until the next time the file is accessed. Then this process repeats again.

    For certain file types that are constantly read or written to, such as databases or log files, this can significantly impair the performance of the application. Orion, for example, has SQLite (.db) and SQL Server Compact (.SFD) database files which are constantly rotating data in and out. Similarly, blocking occurs in applications when log file (.log) writes are delayed as a result of real-time antivirus scaning.

  • 0 in reply to aLTeReGo

    Thanks  

    Defender ATP has been enabled again on my Main Polling Engine. If we start to see slowness again then we will try to exclude the .db and .sfd files, and possibly the log files, to see if that helps. 

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.