• State Not Answered
  • Replies 3 replies
  • Subscribers 30 subscribers
  • Views 2857 views
  • Users 0 members are here
Options
Related

Safeguard for Privileged Sessions (SPS) in multi-data centre cluster (geo-cluster) configuration seems unstable

gilesm
over 4 years ago

Hi,

Has anyone successfully used SPS servers (what were the Balabit Session Control Boxes) configured in a cluster between different data centres?

We are having issues with the stability of the cluster connections (which use IPsec tunnels) using SPS v6.0 as they seem to lose connection to the Central Management Node and then randomly reconnect.

The cluster connections within the DCs seem to be OK.

Just wondering if anyone else has used this configuration or does everyone keep the clusters within the Data Centre?

Thanks

Giles

Parents
  • 0 over 4 years ago

    Hi Giles,

    we deployed a three nodes cluster (not HA) between 3 datacenters. Two of them in Rome in campus distance (hundreds of meters) and lot of bandwidth via fiber, the third in Milan (hundrends of kilometers) and with only 100Mb bandwidth.

    Everything is working fine. It is also joined with a SPP 3 nodes cluster with same locations

    Stefano

Reply
  • 0 over 4 years ago

    Hi Giles,

    we deployed a three nodes cluster (not HA) between 3 datacenters. Two of them in Rome in campus distance (hundreds of meters) and lot of bandwidth via fiber, the third in Milan (hundrends of kilometers) and with only 100Mb bandwidth.

    Everything is working fine. It is also joined with a SPP 3 nodes cluster with same locations

    Stefano

Children
  • 0 over 3 years ago in reply to stufoni

    Hi Stufoni,

    Good day! So from your response, could you share a little on how affinity is being configured? Example, lets say if there are admins in Milan trying to connect to servers in Milan, how do we get their connection proxied thru the SPS in Milan instead of being routed by any of the 2 SPS in your Rome campus? Thanks! 

    Also, are the below assumption correct based on your deployment?

    - All 3 SPS nodes configured as a SPS cluster

    - 1 SPS cluster central management role joined to SPP while others configured as search minion