This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Rabin
Explorer
yesterday

Issue with Traffic Distribution

Hi Maestro Experts,

Greetings !

We have one Security Group acting as a perimeter firewall where NAT and Internet traffic is handled. Now, when we make another security Group for core Security Group with same magg0 bond and different SMO where there is no NAT and its mainly internal traffic from database to application or lets say internal resouces. Now, we migrated our network to Core Security Group all traffic went smooth untill peak hour where some of the mobile banking users were having issue.

To note we had same traffic distribution mode in perimtere and core security group which was auto topology. Does this setting could have affect our traffic in core network architecture or is it something that our single SMO could not handle the large session count at peak hour.

Kindly share your thoughts and experience if you had same issue or have experience in this field.

Thank You.

Regards,

Rabindra Khadka

0 Kudos
5 Replies
Nir_Shamir
Employee Employee
Employee
yesterday

Distribution mode is decided on the GW configuration.

If you have a GW with NAT / VPN - use auto-topology.

if you have a GW without (usually a DC / Core / internal FW - use manual-general.

usually this affects the distribution between SGM's so check if during your peak hours one SGM utilized more traffic / connections then the rest that might have caused what you described.

otherwise look for a different cause.

0 Kudos
Rabin
Explorer
yesterday
In response to Nir_Shamir

Hi @Nir_Shamir 

Thank yo so much for your insight. We had TAC engineer invovlved and during troubleshooting phase, it was observerd in logs that - "First Packet" not syncing with "ACK," "FIN+ACK," and "Reset+ACK." And TAC gave us reommendation to go to latest hotfixe but i dont think this might caused the issue as he had bypassed this through global setting and we didnt see similar logs but were having same issue. Please share your thoughs on this.

 

Regards, 

Rabindra Khadka

0 Kudos
Nir_Shamir
Employee Employee
Employee
yesterday
In response to Rabin

It can be many things.

Please follow TAC recommendations first and continue to work with them if the issue persists.

0 Kudos
Rabin
Explorer
yesterday
In response to Nir_Shamir

@Nir_Shamir  Thank You for the recommendtaion. One last thing just wanted to know from your side, does having same magg0 bond can cause issue with the traffic in maestro architecture ?

 

 

 

0 Kudos
Nir_Shamir
Employee Employee
Employee
yesterday
In response to Rabin

No, that's the default configuration for almost all of our customers.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
 
Upcoming Maestro Events

    CheckMates Events