Table of Contents
Advertisement
•
A Primary SMS and up to three Secondary SMSs (Multi-Site configuration)
•
A Primary SMS and up to three Secondary SMSs, each with up to five Compute
Servers (Compute Server configuration)
Multi-Site SMS configuration
A multi-site SMS configuration consists of a Primary SMS and up to three Secondary
SMSs. The Primary SMS and Secondary SMS (s) share the same database, which is
updated periodically across the network. The Primary SMS and Secondary SMS(s) are
simultaneously active, synchronizing status and configuration at the same time.
Compute servers
To maximize scalability of the SMS/Brick security solution, the SMS provides the option
of adding a separate set of servers called Compute Servers (CSs), which are associated with
a Primary or Secondary SMS and act as collection points for Brick log traffic. Using a CS
to collect Brick log data frees up computing resources on the SMS itself and extends the
number of Brick devices and total log traffic that can be handled. Each Brick device
managed by the SMS can be homed to one of the associated CSs or the managing SMS for
logging purposes.
Up to five CSs can be configured for a Primary or Secondary SMS.
Implementing Primary SMS/Secondary SMS configurations
During the installation of the Secondary SMS, there is a point at which the Secondary SMS
attempts to contact the Primary SMS to replicate the Primary SMS database on the
Secondary SMS. If the Secondary SMS cannot contact the Primary SMS, correct the
problem and retry the operation on the Secondary SMS.
For reasons of security, we strongly recommend that you deploy a Brick device "in front"
of the Primary and Secondary SMS(s) to protect all servers.
To ensure that the Primary SMS and Secondary SMS(s) can contact each other through
both Brick devices, follow the course of action outlined below when you order the
installation:
1. Install the Primary SMS first. The two installation procedures in this chapter provide
step-by-step instructions for a new installation and an upgrade installation.
2. Once the Primary SMS is operational, use it to configure two Bricks and assign the
pre-configured ruleset administrativezone to the ports that will be connected to the
SMS. Refer to the Configuring Alcatel-Lucent VPN Firewall Brick™ Security
Appliance Ports section in the SMS Administration Guide for instructions on how to do
this.
3. Connect the Primary SMS to the port on one Brick, and the host that will be the
Secondary SMS to the port on the other. Then, deploy the two Bricks: the primary
SMS and the host that will be the Secondary SMS in the network.
...................................................................
Introduction
27
Advertisement
Table of Contents
