Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
758
Views
0
Helpful
3
Replies

How to judge WSA's health status and optimize WSA

360rundll
Level 1
Level 1

‎03-08-2016 06:20 AM - edited ‎03-08-2019 05:38 PM

Hi, all

             I want to know how can I judge WSA's health status.  Which point should I pay attention to when inspected. If WSA RAM take 70.2%, CPU

take 18%(System Resource Utilization). What should I notice? And What can I do to optimize WSA policy or network?

And another question, look at the picture(1.png).

             what's the meaning of "Time spent", If Time spent take a lot of time, does it meaning that it cost most of network resource, or it just meaning

that it connected with application server keep connected for a long time? Thanks a lot!

Sincerely Yours

                

Labels:
Preview file
23 KB
0 Helpful
3 Replies 3

Handy Putra
Cisco Employee
Cisco Employee

‎03-09-2016 06:46 PM

WSA RAM can take up to 80% even if the appliance is idle this  is normal for the Web Security Appliance. For performance reasons, the S-Series appliance uses all available memory for caching Internet content.

However if you see the CPU% is very high, you might need to investigate further why this is high since this is indicating that the appliance is very busy and might impact performance.

Would recommend to not configure Identity, Policies and custom URL category especially regular expression to not more than 25 each. If over 25 on each this is consider as expensive configuration especially for regular expression.

The way the appliance process for every single web connections is to try to match Identity, policies, etc from top to bottom till condition match. If you have lots of Identity, policies then it will start from the top and read to bottom till condition met and if you have a large request per second then this will impact the performance since the appliance will be very busy doing that and might use up the resources.

Time Spent is the time calculation for how long users spent in that website/domain

0 Helpful

360rundll
Level 1
Level 1
In response to Handy Putra

‎03-09-2016 08:25 PM

Em。。。Because RAM has take 70%, and we haven't privide nothing new APP online recently while it take 60% in the past. How can I find the reason in response to this issue? Thanks!

0 Helpful

Handy Putra
Cisco Employee
Cisco Employee
In response to 360rundll

‎03-10-2016 02:39 PM

Is there any recent AsycnOS upgrade? was there any additional configuration performed in the appliance? or even changing the log level of certain log file, etc.

Any increase in the number or users or request per seconds?

If you would like to get more deep dive statistic in the appliance and if you have further concern in performance of the appliance, would suggest to contact TAC team for them to analyse your device in depth from remote tunnel access of the appliance.

0 Helpful
Customers Also Viewed These Support Documents