Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: High Disk Utilization on Newly Booted VDIs

App Control: High Disk Utilization on Newly Booted VDIs

Environment

  • App Control Agent: All Supported Versions
  • Microsoft Windows: All Supported Versions
  • Virtual Environment

Symptoms

  • High Disk Utilization at boot
  • Slower than average log in times

Cause

The VDI device is reporting large numbers of changes in the USN Journal which causes the Agent to conduct a cache check, to find all the changes made. 

Resolution

  1. Verify that the VDI Golden Image is in its own Policy.
  2. Navigate to https://ServerAddress/agent_config.php
  3. Click Show Filters > Value > contains > usn_journal_flags > Apply
  4. Either modify the existing Agent Config for the VDI Policy, or click Add Agent Config and use the following:
    • Name: Disable CC3 on USN Journal Reported Changes
    • Host ID: 0
    • Platform: Windows
    • Value:
      usn_journal_flags=0
    • Policy: Select the relevant VDI Policy (or Policies)
    • Status: Enabled
  5. Save the Agent Config and verify the changes are applied to the Golden Image (and Clones) accordingly.

Additional Notes

For more information regarding these and other changes please see the document 

Related Content


Labels (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎09-04-2020
Views:
1858
Contributors