1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. NETWORK AND SECURITY MANAGER 2010.4 - REV1
  6. Installation manual

Inter-Server Communications; Ha Server; Database Synchronization And Remote Replication - Juniper NETWORK AND SECURITY MANAGER 2010.4 - INSTALLATION GUIDE REV1 Installation Manual

Hide thumbs
Table of Contents

Advertisement

Copyright © 2010, Juniper Networks, Inc.
Database Synchronization and Remote Replication on page 73
HA Failover on page 74
Restoring Connections on page 75
Using a Shared Disk on page 76
Creating a Trust Relationship Between Servers on page 76
Server Authentication on page 76

Inter-server Communications

Communications from your managed devices to the Device Server, from the Device Server
to the GUI Server, and from the GUI Server to NSM UI clients are all TCP-based and make
use of Juniper Networks' proprietary SSP (Secure Server Protocol). This ensures that
both AES encryption and certificate-based authentication are used throughout. There
are some exceptions:
Certificate loading onto security devices running ScreenOS 5.0
Initial setup of all managed devices to configure parameters on NSM using either Telnet
or SSH
Managed ScreenOS devices always initiate the TCP session to the running Device Server
on port 7800. The Device Server always initiates the TCP connection to the GUI Server
on port 7801. Device families that use the DMI interface use port 7804 to initiate
communication. The UI client works slightly differently. It attempts connection to the
primary GUI Sever using TCP port 7801. Upon failure, the UI automatically attempts to
connect to the secondary GUI Server. This process is transparent to the Admin user. Note,
however, that the IP address of the secondary GUI Server now appears in the bottom
left of the main UI window, and in the Server Monitor.

HA Server

Each physical server on which NSM runs contains a service called the HA Server (HaSvr).
The HA Server:
Controls and detects failures in both the GUI Server and Device Server services, as well
as the inter-server database synchronization and remote replication processes
Starts and stops services
If you have installed the Device Server and GUI Server on a single server, one HA Server
controls all services.

Database Synchronization and Remote Replication

During normal HA operations, data is synchronized between the primary server and
secondary server. The HA Server controls this synchronization process. The HA Server
makes use of rsync, a utility supplied by the operating system, to transfer non-database
files in each server's data directory (
as remote replication.
The data in the configuration database is synchronized by using the high availability
feature of DBXML. This process is known as database synchronization.
Chapter 5: Installing NSM with High Availability
/var/netscreen
by default). This process is known
73

Advertisement

Table of Contents
loading

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.4 - INSTALLATION GUIDE REV1

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.4 - INSTALLATION GUIDE REV1

This manual is also suitable for:

Network and security manager 2010.4

Table of Contents