Chapter 2 Deployment Planning
Scalable Deployments
Software Considerations
•CSA MC is only supported on Windows 2003 R2 Standard and Enterprise operating systems. Only Hardware Configurations 1 and 2 (referenced in previous tables) support Windows 2003 R2 Standard. Hardware Configuration 3 with 8GB RAM requires Windows 2003 R2 Enterprise to take advantage of the increased memory. Refer to the Microsoft web site product information section for details.
•To support any deployment over 1,000 agents, you should use Microsoft SQL Server 2005 in lieu of Microsoft SQL Server Express. Only Hardware Configuration 1 supports Microsoft SQL Server 2005 Workgroup or Standard editions with their 4GB RAM limitation.
Note Your memory consumption needs should dictate your CSA MC operating system choice, i.e. Windows 2003 R2 Standard and Enterprise.
Configuration Recommendations for Scalability
If you intend to scale to a deployment of approximately 100,000 agents, there are some configuration recommendations you should consider.
Set Polling Interval
With 100,000 agents deployed across your enterprise, you want to ensure that no more than 20 agents are communicating with the MC approximately every second or so. Therefore, with a deployment of this size, it is recommended that you set the polling interval to no less than 1 hour. You can have some systems polling in every hour and others polling in later than that. But on average, a 1 hour or higher polling interval is appropriate. Be sure to have the polling hint functionality enabled, as well.
Use Content Engines
For large deployments, it is highly recommended that you use content engines with transparent web caching. It makes sense to direct groups of agents to different content engines in large deployment scenarios. Content engines reduce the load on the MC by caching rule downloads and software updates.
|
| Installing Management Center for Cisco Security Agents 5.2 |
|
|
|
|
| ||
|
|
| ||
|
|
|
