cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Episode 57 - Maximizing AnyConnect Performance During the COVID-19 Pandemic

4874
Views
20
Helpful
3
Comments

Show Name:

Maximizing AnyConnect Performance During the COVID-19 Pandemic

Contributors:

Kevin Klous, Security Technical Leader, Cisco

Shannon Wellington, Technical Consulting Engineer, Cisco

Jay Young, Security Technical Leader, Cisco

Wen Zhang, Security Technical Leader, Cisco

Posting Date:

March 2020

Description:

In this episode, the podcast team welcomes back two former hosts Wen and Jay along with a special guest Shannon Wellington to discuss the recent phenomenon of rapid Remote-Access VPN (RAVPN) AnyConnect traffic spikes across the globe as a result of the COVID-19 epidemic that is pushing people to work from home.  This includes discussions about issues being seen in the Cisco TAC as well as steps that can be taken to maximize performance through configuration changes and deployment modifications.  We also touch on what network administrators need to consider to take a holistic approach from a policy and network capacity perspective as they navigate these unprecedented times.

Listen Now    (MP3 54 MB; 57:43 mins)

 Subscribe to the Podcast in iTunes by clicking the image below:

button_itunes.gifrss.gif

Show Notes:

AnyConnect Implementation and Performance/Scaling Reference for COVID-19 Preparation

https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/215331-anyconnect-implementation-and-performanc.html

Obtaining an Emergency COVID-19 AnyConnect License
 
Command Reference for 'show traffic'
 
Configure AnyConnect Secure Mobility Client with Split Tunneling on an ASA
 
AnyConnect Remote Access VPN configuration on FTD
 
How to configure ASA or ASAv for Remote Access VPN (Youtube - Jeff Fanelli)
 
Example additional output for 'sysopt traffic detailed-statistics':
IP packet size distribution (values listed in percentages)
Total Packets = 344222:
      32    64    96   128   192   256   512
     0.8  20.6  53.5   1.8   4.1   8.4  10.2

    1024  1536  2048  4096  8192  9216
       0     0     0     0     0     0

Protocol          Total    Conns   Packets   Bytes  Packets    Total
--------          Conns     /Sec     /Conn    /Pkt     /Sec  Packets
SCTP                  0      0.0       N/A     N/A      0.0        0
SCTP-inspected        0      0.0       N/A     N/A      0.0        0
TCP                   1      0.2         0      95     11.0     7712
TCP-inspected         0      0.0       N/A     N/A      0.0        0
UDP                   0      0.0         0     339      0.0        6
UDP-inspected         0      0.0       N/A     N/A      0.0        0
ICMP                  0      0.0        66     135      0.0    11900
ESP                   0      0.0       N/A     N/A      0.0        0
IP                   10      0.0         0      74      0.2    15389
Total:               11      0.2         0      99     11.2    35007

 

Comments
Hall of Fame Guru

Thanks for the timely content.

 

Can you please check your iTunes publishing? The episode (and the previous one #56) doesn't show up in either the iTunes store or the Apple Podcasts app (even though I am subscribed to the series).

 

TAC Security Podcast episodes - iTunes.PNG

Cisco Employee

Marvin,

 

Thank you for the heads-up.  The XML feed had a small issue that prevented the episode from showing and has been corrected.

Hall of Fame Guru

@Kevin Klous you're welcome. I did see the two latest episodes appear in my Apple Podcasts app earlier today.