We have had a few problems with the connector health probes causing applications and servers to crash or perform very slowly.
We have all our connectors in a “Global” server group. We also have some site based and regional based groups as well. We have some of our very large wildcard domain application segments use this Global group. We want our user to connect to the fastest connector so we don’t want to force them via a specific regional connector group. This causes every single one of the connectors to perform a health check against the application every time it’s accessed.
This understandable can overload the application or server if like us you have lots of connectors.
We have started to force some applications via specific connector groups where we know the application and where it’ hosted. We also started to turn off the health check as well when we are confident that the connector group can access the application and so no health check is really needed.
This has resolved most of our issues.
We are still having to use the Global connector group for some of our wildcard domains until we can confirm where all our apps are and what connectors can access them.
ZPA has discovered over 165k applications !!