Security Director Insights High Availability Deployment Architecture
You can deploy Security Director Insights as a single node and as two nodes with high availability (HA).
Security Director Insights requires the following system and network configurations for the HA deployment:
Two Security Director Insights systems for two nodes HA.
Each system must have two network interfaces: one for management and another for HA monitoring.
The IP addresses of the management interface of the two systems must be in the same subnet.
The IP addresses of the HA monitoring interface of the two systems must be in the same subnet.
The management and HA monitoring interfaces must be in different subnets.
Virtual IP addresses for each subnet.
The following example shows the network configuration for the HA deployment:
System 1:
Management IP: 10.1.1.2/24
HA monitoring IP: 20.1.1.2/24
System 2:
Management IP: 10.1.1.3/24
HA monitoring IP: 20.1.1.3/24
Virtual IP address for data traffic: 10.1.1.4/24
Virtual IP address for HA monitoring: 20.1.1.4/24
The virtual IP addresses are used when you configure HA in the Security Director Insights GUI. The virtual IP addresses are automatically assigned to one of the systems, which becomes the active node. When failover occurs, the virtual IP addresses are automatically assigned to the other system, which is the standby node.
You can configure the HA monitoring IP address using a CLI command, as shown in Figure 1.