Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2377
Views
5
Helpful
2
Replies

ESA Clustering questions

Michael Bale
Level 1
Level 1

‎04-18-2017 08:40 AM

Is it correct you don't need a special license to set up clustering with ESA?

To do centralized reporting, spam quarantine, and message tracking you still need a centralized management appliance right?

What is the best way to migrate an existing two device environment to use clustering and avoid any issues?  


What's the best way to identify any settings that will not work in the cluster and will need to be dealt with manually?  I understand IP/Routing information and quarantine is still handled on a per device basis.  Will this affect any content rules that send things to the quarantine, or will these work properly for the device the rules activate on?  For example, if you have a content filter that sends to policy quarantine or adds a header to send to local quarantine.  


I want to avoid any issues when switching to clustered configuration.  Is there a good walkthrough of the process for migrating an existing environment to clustering, I can only find really old articles on clustering.

Is there any advantage of CCS over using SSH?

1 person had this problem
Labels:
0 Helpful
2 Replies 2

Ken Stieers
VIP
VIP

‎04-18-2017 09:47 AM

1. No... I don't remember when they added it, but clustering is included now. 

2. Yes, you still need an SMA (vm or hardware) to do centralized reporting/tracking/quarantines

3. No "migration" needed.  Make sure you have DNS records in place for all of the interfaces, pick one to be the first member, join it to a cluster, join the second one to the cluster... you're done...   The first member is the one whose config will be replicated, so pick the one with the config you want.

4. I don't think so... but I'll let those that actually use it pipe up.

5. ditto...

0 Helpful

Sriram Subramanian
Cisco Employee
Cisco Employee

‎04-19-2017 06:13 AM

Hello,

The Clustering is part of the Cisco ESA Appliance and does not require a special license.

You will need to point your DNS records to all the interface on the appliance and then join the appliances you have into a cluster configuration. Once the ESA is configured in clustering mode, most of the configuration is synced between the appliances except for the IP Interface. You can always override the setting in case you need to have custom configuration on a appliance.

To have centralized Spam Quarantine\Reporting, you will need an Cisco SMA Appliance.

You can find more information related to clustering here:

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118174-technote-esa-00.html

SSH uses Port 22 and CCS uses port 2222 for communication. SSH is recommended as it is secure.

Customers Also Viewed These Support Documents