NCM slow capture for devices with extremely large configurations
search cancel

NCM slow capture for devices with extremely large configurations


Article ID: 229894


Updated On:


CA Spectrum


We have noticed, on our firewall devices that have over 300,000 lines of config that it can take up to 20 minutes for Spectrum to capture the configuration.

Likewise, we have noticed that if we use the same PERL script from a command line outside of Spectrum, that the capture itself only takes about 2 minutes.

Why is there such a delay in Spectrum for the capture and what can we do to fix this


Release : 10.4.x 

Component : Spectrum Applications


Prior to Spectrum 10.4.2, SRAdmin is the bottleneck between NCMService and OneClick.

The delay was caused by SRAdmin slowing down the information transfer between NCMService and OneClick.


As the device has SSH and SCP capability we used NCM Self Certification to capture the config and we noticed that the entire process took 6 minutes instead of 20 minutes.

The extra time is because OneClick must do a diff between the information collected during the capture and the previous stored config against its diff mask.

We also had to increase the JSCH multiplier to 70 (due to the large, 300,000 lines config) which will not cause any ill side effects.

Additional Information

Further information on NCM Self Certification


NCM Self Certification Docs