CM and Policy management

vishalwaghmare · ‎12-28-2011

I am new to the Cisco WAAS world and exploring existing deployment. We have 40+ WAAS devices (WAE, Network module) in our network managed by Central Manager. We have number of policies configured on the WAAS especially for pass-thru. Due to the CM and group config all policies get applied on all devices even though they are not relevent for the traffic. I would like to know best practices for policy configuration/managment. Is it better to have all policies applied on all devices or per device policy?

pdinapoli · ‎12-28-2011

Typically - the best practice would be to have all your devices added to a single device group, and you maintain your application policies within that device group. this is the least complicated, and avoids the risk of ending up with mis-matched policies resulting in behavior other than what you're expecting.

You can create custom device groups and custom application policies for each group...but assuming you're all under the realm of a single enterprise or business unit, or whatever...there is not a compelling reason to complicate your install like this.

if you do have some compelling reason - maybe regional differences, or perhaps different entities within a corporate realm - you might have reasons to split things out into different groups...but this is not typically the case.

Example screen shot: I am the administrator of a "managed waas" product for my customer base...and since each group corresponds to a different corporate entity - I have to do this for various application policy reasons.

If you can - keep it simple - use the all devices group, and maybe time zone groups if you span multiple time zones.

Feel free to private message me if you want more detail.

Paul Di Napoli

ADP Dealer Services

Network Solutions

paul.dinapoli@adp.com

503.490.5853