locked
Scaling DA/UAG up to 100 users RRS feed

  • Question

  • All,

    I've implemented a pilot of DA with UAG, putting it on a Dell PE 1950 with 16gb of RAM. At any given time during the day I'm seeing 2-4 users concurrently (including myself, just to add to the load, mostly) and we have not implemented NAP, nor are we publishing any apps, etc. - it's a pure DA environment.

    It's working just fine, but now I need to get it ready to scale to as many as 100 users, though it will still remain pretty much a pure DA/UAG environment - the SSL VPN unit we have set up for alternate access will likely handle things like publishing apps and allowing iOS/Android access, but I might be putting up some NAP configuration at some point.

    I've got perfmon running on a workstation for now to keep track of things like TCP/UDP, Teredo and ISATAP stats, DNS queries, processor DPC queue depth, memory usage, etc, and so far it looks good, but it's a fairly low number of users.

    I know that MSFT recommends an array, and I like that idea, but I doubt the budget is there for it, unless they were pretty tiny machines, plus I've never put up a Windows array before.

    So, two questions:

    o- How are you monitoring performance for your UAG server?

    o- Do you have recommendations for scaling to the number of users I'm going to be seeing?

    Thanks,

    Kurt

    Monday, July 30, 2012 11:36 PM

Answers

  • Hi,

    Microsoft provides the following relevant figures about DirectAccess performance : http://technet.microsoft.com/en-us/library/hh183981

    From my own experience, it depend on how your users use DirectAccess. You should be fine for CPU and Memory even if you enable Network Access Protection and even smartcard. The real problem is network bandwidth and how your users use it.

    Have a nice day.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Marked as answer by Kurt Buff Tuesday, July 31, 2012 4:30 PM
    Tuesday, July 31, 2012 9:25 AM

All replies

  • Hi,

    Microsoft provides the following relevant figures about DirectAccess performance : http://technet.microsoft.com/en-us/library/hh183981

    From my own experience, it depend on how your users use DirectAccess. You should be fine for CPU and Memory even if you enable Network Access Protection and even smartcard. The real problem is network bandwidth and how your users use it.

    Have a nice day.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Marked as answer by Kurt Buff Tuesday, July 31, 2012 4:30 PM
    Tuesday, July 31, 2012 9:25 AM
  • Benoit,

    Don't know how I missed that document. Thanks for pointing it out to me.

    Looks like almost anything I replace it with will suffice.

    Kurt

    Tuesday, July 31, 2012 4:30 PM
  • last thing. You should enable TMG reporting feature to produce reports. You will have detail on your real bandwidth consuption for each internal destiation and their source. The Top users sections will provides you dandwidth consumption per user in your environment. With thses figures you will be able to extrapolate your bandwidth consumption for one hundred users.

    Have a nice day.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Tuesday, July 31, 2012 4:37 PM
  • Benoit,

    Excellent advice - thank you.

    Kurt

    Tuesday, July 31, 2012 5:07 PM