Database Activity Monitoring: Configuring a Cluster in Four Easy Steps

Imperva SecureSphere Database Activity Monitoring (DAM) offers multiple deployment modes, including managing your gateways in a cluster. There are four steps to configuring a gateway cluster and we’ll be discussing them in this post.

But first, let’s review the advantages of using a cluster:

  • High Availability: When a gateway goes down, its agents are assigned to another gateway without losing traffic.
  • Automatic Load Balancing: The cluster automatically assigns agents to gateways to ensure proper load balancing between them.
  • Large Server Support: If an agent produces more traffic than a single gateway can handle, you can manage it in a Large Server Cluster using as many gateways as the agent needs.
  • Ease of Use: You can register an agent to any gateway IP in the cluster and it will be assigned based on the load balancing algorithm.

So, how do you go about configuring a cluster in SecureSphere DAM?

Step 1: Deploy the Cluster Gateways

The first step is to deploy all the gateways intended for the cluster with SecureSphere. What is the recommended network configuration? (Figure 1)

The cluster’s gateways have two network interfaces in the following subnets:

  1. Cluster/Management subnet: Dedicated to communication between the gateways in the cluster and with the SecureSphere Management Console (MX)
  2. Agent subnet: Dedicated to traffic from the agents

Figure 1: Recommended cluster network configuration

Initial Configuration of the Cluster Gateways

After deploying SecureSphere, the first time you log into a gateway you’ll see the first-time login menu (FTL).

Set up the usual configurations—for example, set the management interface as eth0, set the MX IP, etc.

When asked if you want to set a cluster configuration, select ‘yes’. (Figure 2)

Note that the cluster port should be the same for all gateways in the cluster.

Figure 2: Setting a cluster configuration in the gateway

You will then be asked whether you want to configure an Agent Listener – select ‘yes’. (Figure 3)

The listener port, like the cluster port, should be the same for all gateways in the cluster.

Figure 3: Configuring an Agent Listener in the gateway

At the end, all the gateways of the cluster are registered to the MX. Each gateway will appear in a separate gateway group carrying the gateway’s host name.

You are now ready to move to the MX UI.

Note: Only the first step is done using command line interface (CLI). All other steps are done through the MX UI.

Step 2: Create the Cluster in the MX

Navigate to the cluster management screen in the Setup menu. Select “Create Cluster” and complete the fields as shown in Figure 4.

Figure 4: Create cluster dialog box

Step 3: Activate the Cluster

The cluster has two gateways which act as manager and backup manager. If the manager becomes unavailable, the backup manager takes over. Otherwise the backup manager acts as a “regular” gateway.

Add these two gateways to the cluster. Using the Cluster Management screen, move two of the gateways you deployed in Step 1 to the cluster. (Figure 5)

Figure 5: Move gateway dialog box

The cluster is now inactive and has two gateways. Next, make the final configurations to your cluster and activate it.

Using the Cluster Management screen, choose “Configure Cluster” and complete fields as shown in Figure 6. Don’t forget to change the subnet fields to match your actual subnets.

Click “Save and Activate,” then wait until the cluster’s status changes to OK.

Figure 6: Configure cluster dialog box

Step 4: Move the Gateways

Move the rest of the gateways to the active cluster. After you’re done, the gateways will look something like this: (Figure 7)

Figure 7: All gateways moved to the cluster

And the cluster will look like this: (Figure 8)

Figure 8: Active cluster with all gateways

The gateway groups that were created when the gateways were registered to the MX are no longer needed so you can delete them.


Complete these four easy steps in SecureSphere DAM to enjoy the benefits of a gateway cluster:

  1. Deploy the cluster gateways
  2. Create the cluster in the MX
  3. Activate the cluster
  4. Move the gateways

Your cluster is now ready to receive agents.

For more information refer to the SecureSphere user guide.

*** This is a Security Bloggers Network syndicated blog from Blog | Imperva authored by Yoni Nave. Read the original post at: