To improve the availability of your Intrusion Manager role, you can add a secondary server on
standby. If the primary server hosting the role becomes unavailable, the secondary server is
automatically used.
Before you begin
- Ensure that you have an expansion server available as a secondary server for
your Intrusion Manager role. If you do not have an
expansion server available, add an expansion server to
your system.
- If your Intrusion Manager role is hosted on the
main server, you must first move it to an expansion
server.
NOTE: If you must host the
Intrusion Manager role on the main server, configuring the
Intrusion Manager role failover is not enough: you must also
configure the Directory failover. Role failover is managed by the Directory
role, and Directory failover is managed by the Directory Manager role.
For more information, see Directory failover and load balancing.
- Ensure that the Intrusion Manager role and the Intrusion Manager role database are not hosted on the same server. All
servers hosting the Intrusion Manager role must have write access
to the remote database server. For more information, see Connecting roles to remote database servers.
What you should know
Failover is a backup operational mode in which a role (system
function) is automatically transferred from its primary server to a secondary server
that is on standby. This transfer between servers occurs only if the primary server
becomes unavailable, either through failure or through scheduled downtime.
For more information, see Role failover.IMPORTANT: Security Center does not handle the failover of role
databases. For roles that connect to a database, the database server must be hosted on a
third computer, separate from the servers hosting the role. All role servers must have
read and write access to the database server. To protect your data, perform regular
backups of the role database.
Procedure
-
From the Config
Tool home page,
open the Intrusion detection task.
-
Select your Intrusion Manager role from the entity tree and click
Resources.
-
Under the Servers list, click Add an item
().
A dialog box opens, listing all remaining servers on your system that are not
yet assigned to this role.
-
Select the server that you want to add as a secondary server and click
Add.
The secondary server is added below the primary server. The green LED indicates
which server is hosting the role.
NOTE: The servers are listed in the order that they are
picked if a failover occurs. When the primary server fails, the role automatically
switches to the next server on the list.
-
To change the priority of a server, select it from the list, and click the or buttons to move it up
or down the list.
-
If you want the primary server to retake control after it is restored from a failover,
select the Force execution on highest priority server option.
To minimize system disruption, the role
remains on the secondary server after a failover occurs, by default.
-
Ensure that the role is not connected to a database on the local machine.
You can determine that the database server is local to your machine if the
name of the Database server starts with "(local)". If it
does, rename the database server to match the remote server you prepared in
advance for your Intrusion Manager role.
-
Back up your Intrusion Manager role database and restore it on a server that is
not hosting your Intrusion Manager role.
-
Enable remote access to the Intrusion Manager role
database you restored.
-
Change the Database server to the server hosting
your Intrusion Manager role database.
For example, REMOTESERVER\SQLEXPRESS.
-
Click Apply.