Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Amount of Configuration Replication (CCR) receivers supported in InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2

    • Updated:
    • 29 Apr 2019
    • Product/Version:
    • Interscan Web Security Virtual Appliance 6.5
    • InterScan Web Security Virtual Appliance 6.5
    • Platform:
    • N/A N/A
Summary

Configuration Replication (CCR) provides IWSVA device registration and configuration replication from an IWSVA source instance to an IWSVA receiver instance. When you would like to copy the policies and configuration files of one IWSVA device to one or more other IWSVA destinations on a manual or recurring basis, use Configuration Replication. You can set policies to configure replication frequency and select a root account to export the configuration files from the replication source.

By searching the code, it is found that IWSVA does not set limitations to the maximum number of CCR receivers. However, IWSVA Sustain team did not test that how many CCR receivers can be deployed with one CCR source.

Because the CCR function copies a large number of files between the CCR receivers and the CCR source, there is no good metric to illustrate the validity of the CCR function, and also the CCR function is affected by the network conditions and the performance of the machine itself. A large number of CCR receivers which simultaneously copy a large number of files from one CCR source may affect the normal use of IWSVA.

Details
Public

A scenario of one CCR source and up to 10 CCR receivers has been fully tested and supported, since the CCR function works normally.

The test is based on the following steps:

  1. Go to Administration > IWSVA Configuration > Replication Configuration.
  2. Choose a server role of Configuration replication source.
  3. Check Configuration replication source and click Save.

    A pop-up message appears to confirm a successful replication source has been established. Click OK.

  4. Click Save.
  1. Go to Administration > IWSVA Configuration > Replication Configuration.
  2. Choose a server role of Configuration receiver.
  3. Check Configuration receiver and enter a replication source management IP address, port, and security protocol.

    Specify the name and password of the Replication Source Administrator Account (admin) used to export the configuration files from the replication source.

  4. Click Save.
  1. Go to HTTP > HTTPS Decryption > Policies.
  2. Select Enable HTTPS Decryption.
  3. Click Save.
  4. Create a new HTTPS decryption policy.
  5. Click Save.
  6. Click Deploy Policies.
  1. Go to Administration > IWSVA Configuration > Replication Configuration.
  2. Select all the receiver list which register to IWSVA and click Replicate Now.

    There will be a pop-up window to notify you to choose from the following replication methods. One method is Policy Replication; the other method is Policy & Configuration Replication.

     
    The IWSVA service will restart.

    You can choose either of them, and after you select it and click OK, the process of CCR will start.

  1. Go to HTTP > HTTPS Decryption > Policies in the IWSVA which acts as CCR receiver.
  2. Check whether the HTTPS decryption policies are the same as the IWSVA which acts as CCR source or not.
  3. After checking, the new HTTPS decryption policies in CCR receivers are the same as the CCR source.
Premium
Internal
Rating:
Category:
Configure
Solution Id:
1122548
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.