11-15-2013 09:47 AM
I have a customer who has 3 ESAs and 1 SMA. They are interested in purchasing a backup SMA and have asked whether it was possible to create an SMA cluster, where all 3 ESAs would point to that cluster and all tracking, reporting and quarantine data would be readily available. From what I gather, currently you can only setup a backup SMA and schedule a periodic backup, in which case, at any given point, a customer's exposure is current time minus time of last periodic backup. Is there a way to accomplish what my customer is asking i.e. create an active-active SMA cluster?
11-15-2013 09:53 AM
hi Enam,
it is not possible to create cluster between sma and esa devices (SMA + ESA )
you can only create clutser between either ESA devices or SMA devices
11-15-2013 10:10 AM
OK, so it IS possible to cluster multiple SMAs? If so, can you provide more details on how this is done and what the SMA cluster can do?
11-15-2013 10:14 AM
No - it is only possible to CLUSTER ESA to ESA, SMA cannot be included in a cluster configuration.
You can tie an ESA to a SMA for reporting and centralized purposes --- but, this is not CLUSTER.
CLUSTER is only ESA <-> ESA.
-Robert
11-15-2013 09:00 PM
Hey Robert
But we can create cluster between two SMA devices.
11-18-2013 06:13 AM
No. SMA does not support a cluster, or Centralized Management feature key --- which is the feature key required to enable the cluster commands (clusterconfig, clustercheck, clustermode) on an ESA.
You may only enable cluster between an ESA and another ESA, or multiple ESA appliances.
The original question:
They are interested in purchasing a backup SMA and have asked whether it was possible to create an SMA cluster, where all 3 ESAs would point to that cluster and all tracking, reporting and quarantine data would be readily available. From what I gather, currently you can only setup a backup SMA and schedule a periodic backup, in which case, at any given point, a customer's exposure is current time minus time of last periodic backup. Is there a way to accomplish what my customer is asking i.e. create an active-active SMA cluster?
To answer the original question - you would have to run 'backupconfig' and schedule a timeframe to run the transfer of data between the primary SMA and the backup/"secondary" SMA.
Please see the following KB for assistance:
http://tools.cisco.com/squish/E186b
Running the 'backup' between SMA appliances is not considered "clustering".
Hope that helps!
-Robert
(I'll paste the KB article below --- since other's have reported issues w/ the links correctly working w/ the Knowledge Base.)
https://ironport.custhelp.com/app/answers/list
#########################
1. Both M-series devices have to be on the same AsyncOS version (7.2 and higher only)
2. The target M-series device has to have enough disk space for backup
a. Navigate to System Administration > Disk Management (see online documentation on how to allocate if some disk is left over).
If you don't have enough disk space during the setup you might get a message similar to this:
-------
Verifying target machine for version compatibility and disk space...
Backup cannot be scheduled. Reason: There is not enough space for Centralized
Spam Quarantine, Centralized Email Tracking, Centralized Reporting. Please
increase disk allocation for these services on the target machine.
-------
OR
------
Verifying target machine for version compatibility and disk space...
Backup cannot be scheduled. Reason: There is not enough space for Centralized
Web Tracking. Please increase disk allocation for these services on the target
machine.
------
You should check disk quota as mentioned in 2(a) above on the target machine as well.
The two SMA one M650 (source of DB system named m650sma.run) and target M1050 (destination backup of DB system named m1050sma.run and IP 192.168.15.1)
I. The first thing you want to do is to login to the CLI on the source M series (in our test sma1.example.com) and execute the following commands.
-----------------
sma1.example.com> backupconfig
Choose the operation you want to perform:
- VIEW - View scheduled backups
- VERIFY - Verify if backup can be scheduled to a remote machine
- SCHEDULE - Schedule backup to an appliance
- CANCEL - Cancel a scheduled backup
- STATUS - Show the status of a backup in progress.
- SETUP - Configure backup parameters.
[]> setup
Enter level of verbosity:
[0]> 0 < this can be 0 or 3 0=lowest verbosity of backup logs and 3 is the highest>
Compression is desirable on slow connections, but will only slow down backup on
fast networks. Would you like to enable compression? [N]>
Choose the operation you want to perform:
- VIEW - View scheduled backups
- VERIFY - Verify if backup can be scheduled to a remote machine
- SCHEDULE - Schedule backup to an appliance
- CANCEL - Cancel a scheduled backup
- STATUS - Show the status of a backup in progress.
- SETUP - Configure backup parameters.
[]> verify
Enter the IP address of a machine to transfer data to.
[]> 192.168.15.1
Enter a name to identify this appliance
[]> sma2.example.com
Please enter username and password:
Username:
[]> admin
Password:
[]>
Verifying target machine for version compatibility and disk space...
Backup can be scheduled on to 192.168.15.1.
Choose the operation you want to perform:
- VIEW - View scheduled backups
- VERIFY - Verify if backup can be scheduled to a remote machine
- SCHEDULE - Schedule backup to an appliance
- CANCEL - Cancel a scheduled backup
- STATUS - Show the status of a backup in progress.
- SETUP - Configure backup parameters.
[]> schedule
Enter the IP address of a machine to transfer data to.
[]> 192.168.15.1
Enter a name to identify this appliance
[]> sma2.example.com
Please enter username and password:
Username:
[]> admin
Password:
[]>
Verifying target machine for version compatibility and disk space...
1. Set up a repeating backup schedule
2. Schedule a single backup
3. Start a single backup now
[1]>
1. Daily
2. Weekly
3. Monthly
[1]> 3
What day of the month would you like the backup to occur?
[1]>
What time of day would you like the backup to start? Please enter in HH:MM
format.
[]> 02:00
Please enter a name for this backup job:
[]> weekly
Backup "weekly" has been scheduled successfully.
Choose the operation you want to perform:
- VIEW - View scheduled backups
- VERIFY - Verify if backup can be scheduled to a remote machine
- SCHEDULE - Schedule backup to an appliance
- CANCEL - Cancel a scheduled backup
- STATUS - Show the status of a backup in progress.
- SETUP - Configure backup parameters.
[]> view
Scheduled Backups:
# Name IP Schedule
= ====== =============== ================================
1 weekly To 192.168.15.1 on day 1 of every month at 02:00
Choose the operation you want to perform:
- VIEW - View scheduled backups
- VERIFY - Verify if backup can be scheduled to a remote machine
- SCHEDULE - Schedule backup to an appliance
- CANCEL - Cancel a scheduled backup
- STATUS - Show the status of a backup in progress.
- SETUP - Configure backup parameters.
[]>
sma1.example.com> commit
Please enter some comments describing your changes:
[]> scheduled a weekly backup
Changes committed: Wed Mar 16 18:09:51 2011 GMT
sma1.example.com>
11-18-2013 08:24 AM
So just to confirm, the secondaryconfig command, which used to allow you to copy log files to two different SMAs, has been deprecated? The command still exists and there are KB articles referring to it, but there is no help and no mention in the latest manuals. Thanks.
11-27-2013 08:25 PM
The 'secondaryconfig' command is still present - but, not recommended, due to CPU resource loss and other defects.
For those who have used in the past, and wish to continue using - it is recommended to NOT upgrade to 8.0+, OR only to use the 'backupconfig' for data redundancy between appliances.
Hope this helps!
-Robert
(*If you have received the answer to your original question, and found this helpful/correct - please mark the question as answered, and be sure to leave a rating to reflect!)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide