cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2374
Views
5
Helpful
2
Replies

ESA Clustering questions

Michael Bale
Level 1
Level 1

Is it correct you don't need a special license to set up clustering with ESA?

To do centralized reporting, spam quarantine, and message tracking you still need a centralized management appliance right?

What is the best way to migrate an existing two device environment to use clustering and avoid any issues?  


What's the best way to identify any settings that will not work in the cluster and will need to be dealt with manually?  I understand IP/Routing information and quarantine is still handled on a per device basis.  Will this affect any content rules that send things to the quarantine, or will these work properly for the device the rules activate on?  For example, if you have a content filter that sends to policy quarantine or adds a header to send to local quarantine.  


I want to avoid any issues when switching to clustered configuration.  Is there a good walkthrough of the process for migrating an existing environment to clustering, I can only find really old articles on clustering.

Is there any advantage of CCS over using SSH?

2 Replies 2

1. No... I don't remember when they added it, but clustering is included now. 

2. Yes, you still need an SMA (vm or hardware) to do centralized reporting/tracking/quarantines

3. No "migration" needed.  Make sure you have DNS records in place for all of the interfaces, pick one to be the first member, join it to a cluster, join the second one to the cluster... you're done...   The first member is the one whose config will be replicated, so pick the one with the config you want.

4. I don't think so... but I'll let those that actually use it pipe up.

5. ditto...

Sriram Subramanian
Cisco Employee
Cisco Employee

Hello,

The Clustering is part of the Cisco ESA Appliance and does not require a special license.

You will need to point your DNS records to all the interface on the appliance and then join the appliances you have into a cluster configuration. Once the ESA is configured in clustering mode, most of the configuration is synced between the appliances except for the IP Interface. You can always override the setting in case you need to have custom configuration on a appliance.

To have centralized Spam Quarantine\Reporting, you will need an Cisco SMA Appliance.

You can find more information related to clustering here:

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118174-technote-esa-00.html

SSH uses Port 22 and CCS uses port 2222 for communication. SSH is recommended as it is secure.