For most customers where remote control access is mission critical, Netop recommends that multiple, redundant Security Servers are implemented. Two or more Security Servers will be able to provide fail over for the authentication services they provide.
The address or DNS name of each Security Server must be included in the Netop Host's TCP/IP communication profile broadcast list. The first Netop Security Server that responds to the Host's request for authentication services will be the server that handles the authentication process. If one server is off-line, any additional server can handle authentication the request.
Setting up redundant Security Servers reduces the likelihood of a single point of failure. Multiple Security Servers must be configured to log into the same database. Netop recommends that the database be hosted in an SQL clustered or mirrored environment. (Attempting to use separate databases for two or more Security Servers using the same public key will cause likely erratic behavior.)
Additional recommendation for redundancy in the Netop activity logging to the server:
If both your Host and Guest modules are configured to log Netop activity to the Security Server database, Netop recommends that your Hosts all be configured to log to one Security Server and that your Guests all be configured to log to a second Security Server. In this way you will also have fail over in the log data for Netop connection events since the Host will be logging the connection event to one server and the Guest will be logging the same connection event to a second server.
Comments
0 comments
Please sign in to leave a comment.