Symantec Privileged Access Management

Hi community members,

I have a query pertaining to recovery of PAM (v3.2.4) virtual appliance (VM snapshot) in the DR environment.

In the DR environment, when I boot up a VM snapshot of PAM soft appliance (standalone instance, snapshot was taken after cluster was broken in Production environment), the following is observed:-

1. It takes longer time than usual for the appliance to boot up i.e. for the console with PAM menu options to appear.
2. After the appliance has booted up, as per item 1, loading the login or legacy configuration page takes extremely long time i.e. >10 mins. Even after the page loads, I am unable to proceed with recovery i.e. upload the DB backup* to restore the appliance due to slow response from PAM. In a way the system seems to be unresponsive.

Note: The DB backup was taken from one of the PAM cluster node's in the Production environment.  

It is to be noted that, when the same VM image of soft appliance is booted up in the Production environment, there is no slowness in boot up and in loading the PAM web UI. Restoration using DB backup is also successful.

As per tests done by the network team (ping, telnet, traceroute etc.), there is nothing blocking the traffic between the laptop (PAM web UI) and the PAM appliance in DR environment.

It is suspected that the cause of "slowness" could be that the PAM appliance is trying to connect to 3^rd party/ external infrastructure which is configured in PAM e.g. AD, SMTP, 2FA/ SML solution, syslog server, NTP etc. If it cannot find one or more of these during and after boot up, it keeps trying to connect unsuccessfully which causes this unusual slowness. Is this the expected behavior?

Please share if anyone has encountered similar issue and resolution for the same. Thanks

Thanks

Sandeep

Hi community members,

I have a query pertaining to recovery of PAM (v3.2.4) virtual appliance (VM snapshot) in the DR environment.

In the DR environment, when I boot up a VM snapshot of PAM soft appliance (standalone instance, snapshot was taken after cluster was broken in Production environment), the following is observed:-

1. It takes longer time than usual for the appliance to boot up i.e. for the console with PAM menu options to appear.
2. After the appliance has booted up, as per item 1, loading the login or legacy configuration page takes extremely long time i.e. >10 mins. Even after the page loads, I am unable to proceed with recovery i.e. upload the DB backup* to restore the appliance due to slow response from PAM. In a way the system seems to be unresponsive.

Note: The DB backup was taken from one of the PAM cluster node's in the Production environment.  

It is to be noted that, when the same VM image of soft appliance is booted up in the Production environment, there is no slowness in boot up and in loading the PAM web UI. Restoration using DB backup is also successful.

As per tests done by the network team (ping, telnet, traceroute etc.), there is nothing blocking the traffic between the laptop (PAM web UI) and the PAM appliance in DR environment.

It is suspected that the cause of "slowness" could be that the PAM appliance is trying to connect to 3^rd party/ external infrastructure which is configured in PAM e.g. AD, SMTP, 2FA/ SML solution, syslog server, NTP etc. If it cannot find one or more of these during and after boot up, it keeps trying to connect unsuccessfully which causes this unusual slowness. Is this the expected behavior?

Please share if anyone has encountered similar issue and resolution for the same. Thanks

Thanks

Sandeep

Hi community members,

I have a query pertaining to recovery of PAM (v3.2.4) virtual appliance (VM snapshot) in the DR environment.

In the DR environment, when I boot up a VM snapshot of PAM soft appliance (standalone instance, snapshot was taken after cluster was broken in Production environment), the following is observed:-

1. It takes longer time than usual for the appliance to boot up i.e. for the console with PAM menu options to appear.
2. After the appliance has booted up, as per item 1, loading the login or legacy configuration page takes extremely long time i.e. >10 mins. Even after the page loads, I am unable to proceed with recovery i.e. upload the DB backup* to restore the appliance due to slow response from PAM. In a way the system seems to be unresponsive.

Note: The DB backup was taken from one of the PAM cluster node's in the Production environment.  

It is to be noted that, when the same VM image of soft appliance is booted up in the Production environment, there is no slowness in boot up and in loading the PAM web UI. Restoration using DB backup is also successful.

As per tests done by the network team (ping, telnet, traceroute etc.), there is nothing blocking the traffic between the laptop (PAM web UI) and the PAM appliance in DR environment.

It is suspected that the cause of "slowness" could be that the PAM appliance is trying to connect to 3^rd party/ external infrastructure which is configured in PAM e.g. AD, SMTP, 2FA/ SML solution, syslog server, NTP etc. If it cannot find one or more of these during and after boot up, it keeps trying to connect unsuccessfully which causes this unusual slowness. Is this the expected behavior?

Please share if anyone has encountered similar issue and resolution for the same. Thanks

Thanks

Sandeep