I have a Customer that has about 10 Iron Port 370 Web Security appliances. They want to have a M670 on the West Coast be the Primary Central Manager with a second M670 on the East coast acting in a secondary manager role. I am struggling to locate docs on the Cisco site showing how to set-up the roles between the M670s. Can Anyone Assist?
Thanks in Advance.
In AsyncOS Version 6 and later, redundancy was introduced to allow for message tracking and reporting data to be replicated across two M series appliances. If you configure redundancy("secondaryconfig"), ensure that only one IronPort M-Series Security Management appliance has redundancy enabled along with the respective C-Series appliances.
The following Knowledge Base article covers this type of configuration.
Article #976: How can I configure the M-series appliance for redundancy?
Hope this answers your questions.
In addition to Jerry's response.
Centralized reporting feature for WSA will only work with one SMA (M-series), however you can add one SMA to two SMAs for centralized configuration. Just need to be careful to track which SMA is used to push/publish the configuration to the WSA.