|Email Plug-in (Reporting):||1.1.0-114|
|Email Plug-in (Encryption):||1.2.1-118|
I would like to implement a cluster of 2x Cisco IronPort ESA appliances in an Active/Active manner.
It requires 4000 mail users, so how many license on each ESA appliance do I need to install? I suppose 2000 on each ESA.
When one of the ESA fails, is it possible for the remaining one to handle the load of 4000 users?
I am pretty new to this field. Please help.
Thanks and Regards,
Tuan, CCIE #26930
For 4000 user size, you can purchase a dual appliance bundle with 1, 3 or 5 year license with 4000 mailbox licenses. You will be given 2 x C370 with Centralized Management license (together with licenses of your bundled feature set).
You can run both in active/active configuration. With centralized management license, both can be formed as a cluster and you can manage the cluster configuration over web interface of one of the appliances.
Regarding whether one unit can handle the load, it will depend on your traffic load (peak message per hour, average message size, antispam, antivirus, outbreak filter, DLP, encryption, content filters, etc.). In my experience, one C370 should be able to handle traffic of similar size enterprise.
With SenderBase reputation filtering, you should already throttle/block 90+% of bad traffic coming from poor/bad reputation IP hosts. You can also make sure of the new AsyncOS 7.6 'rate limit for envelope sender' to throttle mass mailing attack of same sender (also internal outbreak emails).
Please get in touch with your partner for the details and they can also show you a demo. You can also get a evaluation unit from our partner to put it live. We can configure IronPort to be almost transparent on top of your existing mail gateway/server to prove its performance, antispam efficacy and other email security features.
I have a similar concern. Do a cluster of 2 share the licenses, or each one of the ESA needs to have the total licenses? For instance, 1000 licenses can be shared by 2 ESA in a cluster? Thank you.
Based on this thread https://supportforums.cisco.com/thread/2221575 my understanding is that you should buy licenses for the number of users you have in the company and the number of appliances installed doesn't matter.
Can someone confirm?
Correct, the number of appliances (physical or virtual) does not matter, you license users not appliances.