Sangfor Technologies | WAN Optimisation Blog

WAN Optimisation and Kaspersky

Anti-virus protection, such as Kaspersky, on a corporate WAN has evolved from separate applications doing their own thing, acquiring their own updates from the internet and only alerting the user as to any threat discovered on their computer into being centrally managed by a server console from where they will collect their updates, receive configuration policies and send their status and alerts to.

As you can imagine, all this extra chatter between a network full of client applications and their controlling server will add to the background level of traffic flowing across the WAN infrastructure of a business, with bursts of data consumption whenever a policy is updated or a scheduled task completes and each client affected reports back. Due to the scaling nature of the traffic – which can reach to multiple GB’s per week - something needs to be done to bring it under control before it impacts on your other business applications and general productivity.

Using WAN Optimisation from Sangfor will dramatically reduce Kaspersky’s bandwidth utilisation as it will cache any update files and minimise the flood of traffic whenever clients update and compresses any management communications.

Taking one of our customers as an example, their Kaspersky solution covering 4 sites with a total of 100 users would see an average daily traffic of 1GB across their WAN to the central management server at their head office. After optimisation this traffic sees a reduction of 75 to 85%, bringing data consumption rates down to 250MB or lower.

However, to reach this level of optimisation you will need to disable the encryption settings via the Kaspersky management console policy settings, forcing the traffic onto TCP port 14000 rather than port 13000. With this change in place, the spikes of traffic generated between all or groups of computers and your management servers can be smoothed out and their impact on latency sensitive applications such as Citrix and Remote Desktop significantly reduced or eliminated entirely, allowing your users to get on with their work while keeping the network secure from threats.