12-06-2018 12:05 AM - edited 02-20-2020 09:07 PM
Hello,
We use Cisco AMP (cloud) and we have about 4000 endpoints. When we started the endpoints update, a lot endpoints started to update at the same times and our bandwidht was painfully impacted.
Can you please share with me an recommended update procedure ? I know some community members use SCCM to do that, It will be nice if someone can share the procedure.
Thank you.
12-06-2018 07:35 AM
Instructions for SCCM deployment can be found in the "AMP Deployment Strategy Guide".
The latest version is linked from this page:
12-07-2018 06:29 AM
How about making a new group with update window set and then just move machines from group to another in staggered allotments.
Thats what i plan on doing in my environment which is over 160k endpoints. This past go around we used SCCM and it had it's own issues where it was supposed to reboot the machine and it did not do it. even thought the sccm logs said it did
01-06-2019 11:31 PM
Hello,
yes, you are right, we have to improve this feature or the scheduling for Signature updates. We are working actively with Customers/Partners to generate us much as possible feature requests for AMP4E.
Enclosed two things for Tetra.
Details:
Scheduling must be configured more in Detail. E.g. adding a Time and a random value within a time range
when the client does the update. When clients are starting the update at the same time this generated high
load in vdi environment (boot storm) or bigger locations.
Wen updating signatures or upgrading the product the update/upgrade mechanism must meet the network topology.
Also if there are time windows where no traffic is allowed on specific WAN links this must be able to
be configured in AMP console.
Companies with many network locations and mobile users are needing a dynamic selection of the update servers.
The update scheduling must fit the network topology and other organizational needs.
This is also needed to avoid high load on limited WAN links at the customer like radio link connections,
WAN optimization and so on.
So if you agree with this needed updates please contact your Cisco representative to open a feature request.
Greetings,
Thorsten
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide