Cisco Community
English
Register
Would you like to learn more about how to determine if you need an RMA? - REGISTER TODAY!
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
2010
Views
0
Helpful
3
Replies
bsrinu001
Beginner
Beginner
‎04-11-2017 12:01 PM
‎04-11-2017 12:01 PM

How to load balance two ESA

Hi Team,

I would like to know how to load balance ( create failover ) of one ESA to the other, and also how to check two ESAs are load balanced ?. Thank you  

Labels:
1 person had this problem
0 Helpful
3 REPLIES 3
Ken Stieers
Engager
Engager
‎04-11-2017 12:15 PM
‎04-11-2017 12:15 PM

Load balancing ESAs is all in how you get the traffic to them, they don't communicate or monitor one another.

The "easiest" is to put a load balancer cluster in front of them (F5, Citrix Netscaler, etc...), just like for web sites, but on port 25...

You can do some with DNS MX records.  you'll get something close to balancing... your DNS provider may allow you to "load balance", where they'll give out different addresses for the same request on a round robin or weighted fashion.

For outbound mail, your email software may be smart and balance which ESA it sends to, or it may not, in which case, a load balancer may be your best bet....

Look at the overview reporting page to see if they are getting similar traffic volumes....

0 Helpful
Venkatesh Attuluri
Cisco Employee
Cisco Employee
‎04-12-2017 08:34 AM
‎04-12-2017 08:34 AM

to load balancing you use  DNS MX or A records by having equal weight  hosts

0 Helpful
Sriram Subramanian
Cisco Employee
Cisco Employee
‎04-13-2017 06:04 AM
‎04-13-2017 06:04 AM

Hello,

The load balance on the ESA needs to be done using the DNS MX or A record. Once DNS load balanced, it would be recommended to configure the ESA appliance in a cluster mode which would share the configuration between both the appliance.

Cluster configuration can only be configured using the command line.

You can find more information here:

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/200885-ESA-Cluster-Requirements-and-Setup.html

0 Helpful
Latest Contents
Azure AD SSO with multiple ISE Portals
Created by Greg Gibbs on 05-11-2021 04:11 PM
0
5
0
5
Introduction With the enhancements in ISE 3.0 for integrating with Azure AD via SAML IdP, it is now possible to leverage Microsoft Single Sign-On for multiple ISE Portals (for example Sponsor and Guest/BYOD Portals). At the time of this writing, ISE cann... view more
ISE BYOD Flow Using Azure AD
Created by Greg Gibbs on 05-10-2021 10:02 PM
0
10
0
10
IntroductionPrerequisitesConfiguration Introduction With the enhancements in ISE 3.0 for integrating with Azure AD via SAML IdP, it is now possible to create a BYOD Flow to provide Wireless network access using an employee’s Azure AD credentials. The use... view more
Cisco + Splunk Integrations Add-on List
Created by Sar on 05-07-2021 12:27 AM
0
5
0
5
The table below shows the whole Cisco Security solutions + Splunk integrations add-ons. Kindly let me know if I have missed some add-ons or if there are any new updates. Thank you!   Hope this will be helpful for everyone who is looking for Splunk in... view more
FMC API | ACP - Delete disabled rules and generate report.
Created by Anupam Pavithran on 05-06-2021 06:48 AM
0
5
0
5
A python based script to generate report if there are disabled rules under an Access Control Policy and an option to delete those rules in bulk.   Preparation Step 1 Download the script on PCStep 2 Make sure python3 is installed on PC and have reach... view more
FMC API | ACP Double logging detection and mitigation script
Created by Anupam Pavithran on 05-06-2021 06:09 AM
0
5
0
5
A python based script to generate report if there are double logging on FMC ACP (logging at beginning and end), having rule action "Allow" or "Trust". (Option1 ) Also, the logging at the begging will be disabled if logging is detected for both beginning ... view more
Content for Community-Ad

This widget could not be displayed.