Thanks everyone for your advice. "Paterson, Don" <[EMAIL PROTECTED]> wrote: One MLM license covers 250 CLM (log modules), so it is not like you need to pay on a per CLM (one per CMA (potentially)) basis as you do with the CMA licenses. It's fairly cost effective.
-------------------------------------------------------- Don Paterson Consultant Training Services Main: +44 20 7786 3400 Direct: +44 20 7786 3400 Fax: DNS Arrow 1 Threadneedle Street London EC2R 8AW www.DNSarrow.co.uk Email Confidentiality Notice: This message is private and confidential. If you have received this message in error, please notify us and remove it from your system. "DNS Arrow" means Digital Network Services (UK) Limited, a company registered in England. Company Registration Number 3952678. Registered Office: Nidderdale House, Otley Road, Beckwith Knowle, Harrogate HG3 1SA, UK. ________________________________ From: Mailing list for discussion of Firewall-1 on behalf of Rajeev Gupta Sent: Fri 6/1/2007 12:16 To: [email protected] Subject: Re: [FW-1] Need advice on Provider-1 I would personally think logging to CMA is not a good practice in P-1 environment w/ such a large implementation. It would lead to situations which you have rightly pointed out are causing you issues and would require unnecessary day to day maintenance to offload logs completely off the $FWDIR/log of the CMA's. MLM is a good solution but there are other solutions as well depending upon your requirements but on your question of 'when is it the case to offload logs to some dedicated log server is in fact 'right now' in your case. You have kinda illustrated the problem and I would feel you have strong business case already.... Rajeev On 5/24/07, cisco4ng wrote: > > I need advice on Provider-1 > > we currently have P-1 NG FP3 running on Solaris > with about 500+ CMAs spanning across 5 different > containers. In our environment, we have two MDS > managers and five MDS containers. We do not have > any MLM in our NG FP3 deployment. > > The log on the firewalls is being sent to the CMA. > Some of the customers that we have a LOT of logs. > Some of the CMAs average about 5Gig of logs a day. > we rotate the log every 4 hours. We also have > script to zip up the log for these customers and > move them of the log directory. They only have > 5 days worth of log in the CMA $FWDIR/log directory. > However, that still translates into 25GB of logs. > > Problem is that everynow and then, the CMA for one > of these customers just stops working beyond repair > and the only way to fix it is to restore from > backup. > > We're going to move these customers to P-1 NGx > R61 soon and in our NGx R61 environment, we do not > have MLM in our design and it worries me that > we are going to repeat the same problem. > > My question is this: when is it a good idea to get > a separate MLM to to store log for these customers? > What is the threshold that will justify in purchasing > separate MLM Servers? You're talking hardware cost > in addition to Checkpoint license. > > thank you. > > --------------------------------- > Park yourself in front of a world of choices in alternative vehicles. > Visit the Yahoo! Auto Green Center. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= --------------------------------- Be a better Heartthrob. Get better relationship answers from someone who knows. Yahoo! Answers - Check it out. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
