Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass Upgrade - Endpoint DB Impact

This thread has been viewed 9 times

  • 1.  ClearPass Upgrade - Endpoint DB Impact

    Posted Jun 02, 2023 01:10 PM

    Hello All, 

    About to upgrade CPPM from 6.8 to 6.10 and have a large endpoints DB with over 830k devices... We don't want to enable the cluster wide cleanup because some of the "unknown" devices were added manually and don't want to remove them. 

    The question I have is, what is the impact of such a large endpoints database to the overall upgrade process? Will it cause issue or greatly increase the upgrade timeline?

    Thanks



  • 2.  RE: ClearPass Upgrade - Endpoint DB Impact

    Posted Jun 02, 2023 03:25 PM

    Hi

    According to my experiance the number of endpoints in the Endpoints repository doesn't add up so much in the database size.

    The larger databases are usually the Session database and depending on the configuration of data retention and created reports, the Insight db.

    A customer had about 100k endpoints in the Endpoints repository and the backup file for the configuration was still in tens of megabytes. But the same server had an Insight database with uncompressed size of over 120 Gb. Update fråm 6.8 to 6.9 a few years ago took quite some time during the database conversion also on a physical C3000 server, the older version built on Dell hardware.

    It's a bit tricky to get the database size, but you can do the following:

    Navigate to Administration \ Server Manager \ Server Configuration

    Select your server if you have a cluster or just click Collect logs. Save all logs to a file and download the file.

    Exand the compressed file and open PolicyManagerLogs\postgres-info.txt

    Close to the end of the file you will find the database sizes in the file in this format:

    Size of all databases:
       datname   |  size   
    -------------+---------
     postgres    | 7367 kB
     AppPlatform | 8287 kB
     template1   | 7367 kB
     template0   | 7367 kB
     insightdb   | 8205 MB
     tipsdb      | 67 MB
     tipsLogDb   | 45 GB
    (7 rows)

    I do not think your endoint database will cause problems during the upgrade.



    ------------------------------
    Best Regards
    Jonas Hammarbäck
    MVP 2023, ACCX #1335, ACX-Network Security, Aruba SME, ACMP, ACDP , ACEP, ACSA
    Aranya AB
    If you find my answer useful, consider giving kudos and/or mark as solution
    ------------------------------

    Original Message