Summary of our issue: We have a new 10 Gb virtual Infrastructure running ESXi 5.5 U3. We have installed fresh copies of Windows Server 2012 R2 as 2 Virtual Machines running on the same host. Both are connected to the same VSwitch. Using JPerf to test the network throughput we are getting a solid 8Gbps throughput between these clients. The clients only had Java, JPerf, and VMware Tools for the VMxnet3 adapter drivers. (I believe 8Gbps is the maximum Windows will do by default with a single thread due to a QOS GPO setting) After installing Symantec Endpoint Protection Client 12.1.6 a (or 12.1.4 or seems any version of 12.1) our bandwidth is severly imparied. With 12.1.6a installed on both VM's our throughput is kicked down to 1.8 Gbps maximum throughput using the same tests. The only fix for this that I have found is to uninstall SEP completely although this is not a preferred fix.
Today I worked with Symantec (Still have an open case) and they claim the SEPM (Management Console) is the culprit and we upgraded it to the latest version. I inquired as to why it would have anything to do with client to client traffic, her response was this link.
http://www.symantec.com/connect/articles/tips-installing-sep-low-bandwidth-environment
I cannot see the link between this article and our issue but we updated to the latest version as we needed to anyway.
I figured if its SEPM is the culprit then I will install 2 unmanaged clients with their latest version of the client. SEP 12.1.6 a
After I did this my servers that were getting 8 Gbps continuous throughput were bottlenecked down to 1.8 Gbps. It is clearly an issue with their client. Uninstalling the client completely restores full network bandwidth. (I also uninstalled each piece of SEP one by one to see if it was the IPS or Firewall but nothing fully restored the full bandwidth except completely uninstalling.)
I am still reaching out to Symantec on this but thought I would share and start a discussion.
If I had to take a guess you too will experience this slowness on a 10Gb network using Symantec. Curious if anyone else has experienced this as well.
I understand there will be some impact on system performance with a tool like AV running but this seems excessive and needs addressed.