Endpoint Purge in 2.4

skilpatr · ‎02-27-2019

Are there any differences in the way the endpoint purge feature functions with respect to version 2.2 and 2.4? In 2.2P9 large endpoint groups of 10k+ seem to have difficulty sometimes. Wondering if they are improvements in 2.4.

Jason Kunst · ‎02-27-2019

I would recommend working with the TAC for deep analysis. The current recommended long term release is 2.4 and has more quality improvements and fixes. I will rely on other community members to see if they have any comments. I would also recommend standing up 2.4 in parallel to start testing out a migration plan

Arne Bier · ‎03-01-2019

In ISE 2.3 I would reliably crash the PAN node if I tried purging more than 500 endpoints from the Context Visibility web page. Application services would restart.

Since ISE 2.4 I have not seen that again. But it has left a bad taste in my mouth.

I have a customer who has over 15,000 endpoints in their database and it's constantly growing - I know that only 2000 of those endpoints are needed. But I don't trust that ISE 2.2 system from falling over if I try deleting the old endpoints.

Basic functionality that we should not even question - it should just work. Probably a million SQL queries get executed and that's enough to cause the wheels to come off.