Load Balance CSA Servers

Unanswered Question
Feb 12th, 2007

As per title.. Is this possible with CSA 5.0 > ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (4 ratings)
pmccubbin Mon, 02/12/2007 - 05:01

No. The agents are homed to a single Management Console using a FQDN.

As a quick review:

"The CSA MC architecture model consists of a central management center which maintains a database of policies and system nodes, all of which have Cisco Security Agent software installed on their desktops and servers.

Agents register with CSA MC. CSA MC checks its configuration database for a record of the system. When the system is found and authenticated, CSA MC deploys a configured policy for that particular system or grouping of systems.

The Cisco Security Agent software now continually monitors local system activity and polls to the CSA MC at configurable intervals for policy updates. It also sends triggered event alerts to the CSA MC's global event manager. The global event manager examines system event logs and, based on that examination, may trigger an alert notification to the administrator or cause the agent to take a particular action."

Hope this helps.

tsteger1 Mon, 02/12/2007 - 08:57

As Paul stated, the agents report to only one server however you can deploy CSA with one, two or three servers. You split the load by separating the polling, policy and database servers.

How many agents are you deploying? There is a table on page 38 of the install guide that shows different configurations.


pmccubbin Mon, 02/12/2007 - 15:19

Thanks for the backup, Tom! You answered the question better than I did.

FYI, I rate posts, and especially tsteger1. I hope all NetPro people will do the same.



tsteger1 Mon, 02/12/2007 - 15:38

Sure thing Paul. You had the correct answer for what he asked.

(PS, thanks for the vote)



This Discussion