Imperva SecureSphere Database Activity Monitoring (DAM) offers multiple deployment modes, including managing your gateways in a cluster. There are four steps to configuring a gateway cluster and we’ll be discussing them in this post.
But first, let’s review the advantages of using a cluster:
The first step is to deploy all the gateways intended for the cluster with SecureSphere. What is the recommended network configuration? (Figure 1)
The cluster’s gateways have two network interfaces in the following subnets:
After deploying SecureSphere, the first time you log into a gateway you’ll see the first-time login menu (FTL).
Set up the usual configurations—for example, set the management interface as eth0, set the MX IP, etc.
When asked if you want to set a cluster configuration, select ‘yes’. (Figure 2)
Note that the cluster port should be the same for all gateways in the cluster.
You will then be asked whether you want to configure an Agent Listener – select ‘yes’. (Figure 3)
The listener port, like the cluster port, should be the same for all gateways in the cluster.
At the end, all the gateways of the cluster are registered to the MX. Each gateway will appear in a separate gateway group carrying the gateway’s host name.
You are now ready to move to the MX UI.
Note: Only the first step is done using command line interface (CLI). All other steps are done through the MX UI.
Navigate to the cluster management screen in the Setup menu. Select “Create Cluster” and complete the fields as shown in Figure 4.
The cluster has two gateways which act as manager and backup manager. If the manager becomes unavailable, the backup manager takes over. Otherwise the backup manager acts as a “regular” gateway.
Add these two gateways to the cluster. Using the Cluster Management screen, move two of the gateways you deployed in Step 1 to the cluster. (Figure 5)
The cluster is now inactive and has two gateways. Next, make the final configurations to your cluster and activate it.
Using the Cluster Management screen, choose “Configure Cluster” and complete fields as shown in Figure 6. Don’t forget to change the subnet fields to match your actual subnets.
Click “Save and Activate,” then wait until the cluster’s status changes to OK.
Move the rest of the gateways to the active cluster. After you’re done, the gateways will look something like this: (Figure 7)
And the cluster will look like this: (Figure 8)
The gateway groups that were created when the gateways were registered to the MX are no longer needed so you can delete them.
Complete these four easy steps in SecureSphere DAM to enjoy the benefits of a gateway cluster:
Your cluster is now ready to receive agents.
For more information refer to the SecureSphere user guide.
*** This is a Security Bloggers Network syndicated blog from Blog | Imperva authored by Yoni Nave. Read the original post at: https://www.imperva.com/blog/2018/05/4804/
Digital+ Partners Leads Continuation Funding Round in Growing Automated Threat Analysis & Detection Provider, Closing its Series B Round at…
For three years OpenWRT had a severe validation problem with its download package manager, until a fuzz tester found and…
It’s time to say a final “Goodbye” to Flash. (Or should that be “Good riddance”?) With earlier this week seeing…
This is the second in a series of blog posts that discuss how smart DNS resolvers can enhance ongoing network…
Security researchers detected a new spear-phishing attack that’s using an exact domain spoofing tactic in order to impersonate Microsoft. On…
Welcome back to the last part of our three-part blog series on how to leverage analytics to deliver an exceptional…
