Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7538
Views
10
Helpful
6
Replies

WSA clustering / configuration sync

Go to solution
Marcel Maeder
Level 4
Level 4

‎02-08-2013 06:29 AM

Hello

Is it possible to build a cluster with two WebSecurity Appliances? Or at least synchronize the configuration?

Regards Marcel

1 person had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Francisco Rodriguez
Level 1
Level 1

‎02-08-2013 08:03 AM

Hello:

    Officially this is not supported out of the box, you need the Ironport M appliance to centralize and distributed the same config to the other WSA.
    Since not always everything it's an absolute truth, there is a way using a linux box in the middle acting as an Ironport M that is able to register these changes and populate them to the rest of WSA, but this solution was built in house and work pretty well. The problem is that it's not supported by Cisco.

Regards

Francisco Rodriguez P.

View solution in original post

Go to solution
Tao Yang
Cisco Employee
Cisco Employee
In response to ymadheka

‎06-22-2016 11:38 PM

WSA cluster is only for data traffic. You still need SMA for centralized policy management.

View solution in original post

6 Replies 6

Go to solution
Francisco Rodriguez
Level 1
Level 1

‎02-08-2013 08:03 AM

Hello:

    Officially this is not supported out of the box, you need the Ironport M appliance to centralize and distributed the same config to the other WSA.
    Since not always everything it's an absolute truth, there is a way using a linux box in the middle acting as an Ironport M that is able to register these changes and populate them to the rest of WSA, but this solution was built in house and work pretty well. The problem is that it's not supported by Cisco.

Regards

Francisco Rodriguez P.

Go to solution
ymadheka
Level 4
Level 4

‎06-22-2016 11:19 PM

Hi Team,

Do we still require M-series to do the above, have read in the documentation about the master slave configuration of WSA appliances to do the policy synchronization.

0 Helpful

Go to solution
Tao Yang
Cisco Employee
Cisco Employee
In response to ymadheka

‎06-22-2016 11:38 PM

WSA cluster is only for data traffic. You still need SMA for centralized policy management.

Go to solution
ymadheka
Level 4
Level 4
In response to Tao Yang

‎06-23-2016 12:29 AM

Hi Tao,

Thanks for the quick revert.

Does it require any specific version for the clustering to work, wanted to ensure that we are running the compatible version at customer end.

0 Helpful

Go to solution
Tao Yang
Cisco Employee
Cisco Employee
In response to ymadheka

‎06-23-2016 05:15 PM

WSA HA was introduced in WSA version 8.5.x. Please refer to the following release notes for more details. Hope it helps.

http://www.cisco.com/c/dam/en/us/td/docs/security/wsa/wsa8-5/WSA_8-5-x_Release_Notes.pdf

0 Helpful

Go to solution
yohannugera
Level 1
Level 1
In response to Tao Yang

‎10-18-2018 12:19 AM

If we have a management appliance in the middle, what is the sort of clustering applicable in this scenario? Active/Active or Active/Standby?

0 Helpful
Customers Also Viewed These Support Documents