Directory failover and load balancing - Security Center 5.12

Security Center Administrator Guide 5.12

Product
Security Center
Content type
Guides > Administrator guides
Version
5.12
Language
English
Last updated
2024-09-13

Since the Directory is the main role that manages all entity configuration in your system, you must ensure that the Directory service is always available, and does not become overloaded.

The Directory service is available as long as its two components are available:
Directory role
Manages your system configuration, and handles failover for all other roles.
Directory database
Stores your system configuration.
The Directory Manager role handles Directory failover and load balancing for your system. It manages failover for the Directory role and Directory database independently, allowing you to have separate lists of servers assigned to host the two components. These two lists of servers can overlap or be completely separate.
NOTE: There can only be one Directory Manager role in your system. It is created automatically when your software license supports multiple Directory servers.

Differences between Directory servers and the main server

To configure Directory failover and load balancing, you must know the difference between Directory servers and the main server.
Directory server
Servers assigned to host the Directory role. The Directory role can run on five Directory servers simultaneously for load balancing. They distribute the workload for credential authentication, software license enforcement, Directory database report queries, and so on.

Users can log on to Security Center through any of the Directory servers. By default, the Directory Manager redirects the connection requests across all Directory servers in a round robin fashion, but you can bypass load balancing on specific workstations as needed.

Main server
The primary Directory server in your system (). It has full read/write access to the Directory database. If your system is configured for Directory failover and load balancing, the additional Directory servers () only have read access to the database.

When a Directory server fails, only the client applications connected to Security Center through that server must reconnect. If the main server fails, then all clients on the system must reconnect, and the responsibility of being the main server is passed down to the next Directory server in the failover list.