diff --git a/api/src/com/cloud/agent/api/CleanupNetworkRulesCmd.java b/api/src/com/cloud/agent/api/CleanupNetworkRulesCmd.java
index 1e74688ab09..9330058a16e 100644
--- a/api/src/com/cloud/agent/api/CleanupNetworkRulesCmd.java
+++ b/api/src/com/cloud/agent/api/CleanupNetworkRulesCmd.java
@@ -17,12 +17,9 @@
  */
 package com.cloud.agent.api;
 
-import java.util.Random;
-
 
 public class CleanupNetworkRulesCmd extends Command implements CronCommand {
 
-    static private Random random = new Random();
     private int interval = 10*60;
     
     @Override
@@ -31,9 +28,9 @@ public class CleanupNetworkRulesCmd extends Command implements CronCommand {
     }
 
 
-    public CleanupNetworkRulesCmd() {
+    public CleanupNetworkRulesCmd(int intervalSecs) {
         super();
-        interval = 8*60 +  random.nextInt(120);
+        interval = intervalSecs;
     }
 
 
diff --git a/server/src/com/cloud/network/security/SecurityGroupListener.java b/server/src/com/cloud/network/security/SecurityGroupListener.java
index c15e0dcb89e..4611ac01679 100755
--- a/server/src/com/cloud/network/security/SecurityGroupListener.java
+++ b/server/src/com/cloud/network/security/SecurityGroupListener.java
@@ -20,6 +20,7 @@ package com.cloud.network.security;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.Random;
 import java.util.concurrent.ConcurrentHashMap;
 
 import org.apache.log4j.Logger;
@@ -51,6 +52,8 @@ public class SecurityGroupListener implements Listener {
     public static final Logger s_logger = Logger.getLogger(SecurityGroupListener.class.getName());
 
     private static final int MAX_RETRIES_ON_FAILURE = 3;
+    private static final int MIN_TIME_BETWEEN_CLEANUPS = 30*60;//30 minutes
+    private final Random _cleanupRandom = new Random();
 
     SecurityGroupManagerImpl _securityGroupManager;
     AgentManager _agentMgr;
@@ -158,14 +161,15 @@ public class SecurityGroupListener implements Listener {
         if (cmd instanceof StartupRoutingCommand) {
             //if (Boolean.toString(true).equals(host.getDetail("can_bridge_firewall"))) {
             try {
-                CleanupNetworkRulesCmd cleanupCmd = new CleanupNetworkRulesCmd();
+                int interval = MIN_TIME_BETWEEN_CLEANUPS + _cleanupRandom.nextInt(MIN_TIME_BETWEEN_CLEANUPS/2);
+                CleanupNetworkRulesCmd cleanupCmd = new CleanupNetworkRulesCmd(interval);
                 Commands c = new Commands(cleanupCmd);
                 _agentMgr.send(host.getId(), c,  this);
                 if(s_logger.isInfoEnabled())
                     s_logger.info("Scheduled network rules cleanup, interval=" + cleanupCmd.getInterval());
             } catch (AgentUnavailableException e) {
                 //usually hypervisors that do not understand sec group rules.
-                s_logger.info("Unable to schedule network rules cleanup for host " + host.getId(), e);
+                s_logger.debug("Unable to schedule network rules cleanup for host " + host.getId(), e);
             }
         }
     }