Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 1506 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Networks with more than 5000 computers: Still an issue with 2008R2?

DetlevRackow

Hi,

support told me that the article http://www.sophos.com/support/knowledgebase/article/14635.html is still valid.

So, if I install a new Library on Windows Server 2008R2 standard, it is still necessary to implement message relaying to distribute the clients between two message routers. While this is technically possible, it will make roll-out and the overall infrastructure more complex. While we have about 7000+ PCs, they are all in the same city and connected at network speed, so there is no topological reason for relaying.

Is there any chance that this limitation might be circumvented with a future service pack? Afaik, SP1 for 2008R2 will be in public beta any time soon.

Our main server which hosts EC and SUM is five years old and due for replacement. Since the hardware is still in support at HP, it would be an option to wait for a solution if there might be a solution in the near future.

Best regards,

Detlev

:4219


This thread was automatically locked due to age.
  • 0
    DetlevRackow wrote:
    Still an issue with 2008R2?

    No.

    :4253

     - - - - - - - - - - - -

    Communities Moderator, SOPHOS
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0

    Hello Ruckus,

    thank you for the fast response. Just to make sure I understand this correctly: On a 2008 R2-server, RMS is now able to handle 7000 concurrent connections just like with 2003?

    Best regards,

    Detlev Rackow

    :4257
  • 0

    Sorry for the short reply - I was rushing this morning.

    We saw the issue with Windows 2008 when 5,000 clients were connected.  We haven't seen the issue with 2008 R2 so you should be OK connecting 7,000 clients.  However that many clients all talking directly to the Sophos Management server is not as desirable as message relays - a case of what the upper limit is vs. the recommended approach.

    You should take 7,000 as the limit but a better design would be to break it down and have two message relays feeding into the management server with no clients talking directly.

    :4263

     - - - - - - - - - - - -

    Communities Moderator, SOPHOS
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0

    Thank you for the detailed answer. Currently, we have about 7000 PCs, of which about 2/3 are usually turned on, so we don't plan to max this out.

    Message relaying would not be an issue if we installed SAV from within the console. It can be handled fairly easy this way. However, the initial deployment is done via our desktop management tool (Empirum Pro by Matrix 42), where we deploy a standardized software package against all machines. Sure, we can build two packages and advise administrators to use them for different OUs, but I see this as an alternative just in case we run into trouble.

    We run our current EC on an old Proliant DL 380G4 with 2 HT-cpus and 2GB of Ram without issues, the new machine will be equipped with 2x4 cores and 4GB Ram, so I expect a little more performance from the new setup. Secondary CIDs lie on a file/webserver which serves files to about half the clients.

    Best regards,

    Detlev

    :4275
  • 0

    So after your clients appear in SEC they are put into different groups depending on the OU and get one of two updating policies? If so rms in the CIDs could be customized. Clients would initially connect directly to the management server but reconfigure RMS after updating from the correct location. But as you said you probably don't need it.

    Christian

    :4276
Unfiltered HTML