Does anyone know how to correctly size a web gateway model for a customer with 1000 users?
What about a high avaiability desing for this same customer, who has already a ww500 model?
any chance to get the number of requests/second? This would help to have an accurate sizing. Also the desired modules and implementation (explicit, ICAP server, etc.) would be helpful to know.
Redundancy is definitely recommended. I prefer using proxy.pac for achieving this. Do you have any additional information about the requirements?
what we (McAfee) need throughput numbers. The best would be requests/second, which you can grab from the dashboards or the live reports. Based on these numbers, we can size the solution propperly. HA design would mean that you simply add another WW500 to the existing one, so you have 100% failover.
In the HOME -> DASHBOARD -> MCAFEE WEB GATEWAY the equipment shows a proxy request average less than 50/s. In the ICAP server request, less than 70/s. Seemingly, the throughput if ok for a WW500. However, there is a strange thing happenning. In two occasions, the equipment suddenly stopped responding. I searched the log files and saw a warning "memory overload detected". In the dashboard, the MEMORY UTILIZATION is 2GB, which means that all the RAM memory is being consumed.
What should I have to do? Upgrade to a WW1100? Put more memory in this WW500?
Andre, the web gateway is working as the only proxy in the network, explicitly configured in the desktop´s browsers via a GPO in the Active Directory. It filters HTTP, HTTPS and FTP.
so the req/s sound okay on the first view. I am more concerned about the "Overload". This actually means MWG is using too much memory, we should find out why this is the case.
Can you let me know the settings you have for Configuration -> Maintenance -> Address Space Defragmentation?
Thank you very much.
We got a problem in the current MWG build where "Sunday" as a setting for Address Space Defragmentation does not work.
You said that the Overload issue only occurs after MWG was running fine for a while, correct?
I am pretty sure that the not-working Address Space Defragmentation does cause the Memory to be fragmented and/or not released correctly, which causes MWG to use more than 2.5 GB of memory which leads to the Overload situation.
I would like to suggest to set the Defragmentation to Saturday or Daily, and see if the issue goes away. I am pretty confident that this will help.
Are you willing to give that a try?
Thanks for you advice Andre. I have just done it. I changed the "Check for Address Space Fragmentation every" from "sunday" to "day".
Do you think I have to mark the checkbox "Enforce Address Space Defragmentation during configured period" or it is not necessary?
If you turn on "Enforce" the Address Space Defragmentation will be performed without additional checks. If it is disabled MWG will first check if the Defragmentation is required and only perform it when necessary. I prefer leaving it unchecked.
Besides that, are you able to start the wwLogInfo script? To do so you need to get access via SSH and then run
nohup ./wwLogInfo.sh &
That will create a log file of the memory usage and will allow us to better understand what is happening. We should leave it running with the new settings and see what is happening.
If the issue should still occur I would recommend filing a ticket with support. Then we have more time and better tools to troubleshoot the issue, if you agree.