Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 3940 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Enterprise Console User limit

Azwan

Hi Guys,

Need to verify for Sophos Enterprise Console version 5.2 how many Enduser client does it support for single console?.

Reason I'm asking is that on recent project deployment for customer that have 5k> user, SEC start  encounter  problem with client reporting example client status didn't tally with client status once installation hit above 4k installation.

Sophos Deployment:

Client branch (Total Branch 90) (Total User 4000)

HQ (Total user 2000)

:40381


This thread was automatically locked due to age.
  • 0

    Hello Azwan,

    sounds like the behaviour described in Using Enterprise Console and RMS on Microsoft Windows Server 2008. (note that the number applies to the directly connected endpoints, not the total managed) - although AFAIK it applies to Server 2008 and not 2008 R2. But anyway it might be a good idea to consider the use of message relays.

    Christian

    :40383
  • 0

    HI Christian,

    Sorry I didn't mention that current Sophos infra is already using Message relay server once hit 4k sophos console start having issue mostly RMS . 

    :40431
  • 0

    Hello Azwan,

    how many message relays are in use and how many clients are talking directly to the management server? TCPView can show you the connections on the server (there might be quite a lot so you should disable updating which is a little bit tricky). If there are literally thousands then either the message relay configuration is not working as it should (if the connections are owned by RouterNT.exe) or some other application is responsible (ruling out some issues with the TCP stack).

    Christian

    :40451
  • 0

    Hi Christian,

    Total 90 relay message (1 every branch) with VPN connection with firewall policy drop idle connection.

    However we have configure Sophos Message Router at message relay to restart if envelope are piling up to 300 or failed to connect with parent server to solve the drop idle connection issue using knowledgebase below but still didn't solve the issue.

    http://www.sophos.com/en-us/support/knowledgebase/114601.aspx

    :40485
  • 0

    Hello Azwan,

    so there is an issue with the upstream connections from the message relays? The number of (relayed) clients shouldn't play a significant role - 2000 direct connections from HQ + <100 MRs is well below the known "problem threshold". As said, I'd check if there is an unreasonable number of connections on the server and if, whether the situation improves (at least temporarily) if you restart the RouterNT service on the server. Maybe the idle and subsequently dropped connections linger on the server (although I don't know if they could have an impact).

    Christian     

    :40509
  • 0

    Hi Christain,

    We even restart server on both side Parent and ChildSUM still didn't resolve the issue wonder why, we also suspect maybe database have some  issue since there are time where connected PC is 0 at console beside RMS issue.

    :40513
  • 0

    Hello Azwan,

    guess we can't solve this here w/o help of Support - looks like it is necessary to dig deeper into configuration and logs - so you better contact them directly.

    Christian

    :40521