Summary
Know the different Scan Cache settings, so you can calculate how much additional memory you need for the DSVA.
The Scan Cache function, which can enhance DSVA performance, was introduced in Deep Security 9.0. However, these settings are not included in the Scan Cache Configuration because the settings determine how the DSVA manages Scan Cache rather than how scan caching is carried out.
Scan Cache settings are controlled at the policy level, and can be accessed by opening a Policy Editor and going to Settings > Scan > Virtual Appliance Scans area.
Details
These are the Scan Cache settings:
- Max Concurrent Scans
This determines the number of scans that the Virtual Appliance will perform at the same time. The recommended number is four. If you increase this number beyond eight, scan performance may begin to degrade. Scan requests are queued by the Virtual Appliance and carried out in the order in which they arrive.
- Max On-Demand Malware Scan Cache Entries
This determines, for Manual or Scheduled Malware Scans, the maximum number of records that identify and describe a file or other type of scannable content to keep. One million entries will use approximately 100MB of memory.
- Max Malware Real-Time Scan Cache Entries
This determines, for Real-Time Malware Scans, the maximum number of records that identify and describe a file or other type of scannable content to keep. One million entries will use approximately 100MB of memory.
- Max Integrity Monitoring Scan Cache Entries
This determines, for Integrity Monitoring, the maximum number of entities included in the baseline data for Integrity Monitoring. Two hundred thousand entities will use approximately 100MB of memory.
Based on these settings, determine the amount of memory you have to add to your DSVA. For the steps on how to expand memory, refer to this KB article: Increasing Deep Security Virtual Appliance memory.