Hi, all.
I've got star network topology. Our IT team told me to minimize count of unique connections between far assets and qradar itself in the central DC.
To do so I decided to add additional 2 non qradar syslog-ng servers with high compression ratio that will proxifying my syslog connections from far assets to central infrastructure. So, everything works as expected, but heartbeat from managed Wincollect 7 is sending by wincollect to qradar console directly. Qradar main console has role of status server for managed wincollects at the moment.
So the question is can I proxyfying the connections with heartbeats and how it will impact the Wincollect? Can it still be manageable?
------------------------------
Bohdan
------------------------------