Clustering Overview

The following figure shows two PSA series devices deployed as a cluster pair.

Deployments

Ivanti access management framework supports following types of clusters:

Load balancing clusters or active/active clusters

Failover clusters or active/passive clusters

Configuration-only clusters

Load balancing clusters or active/active clusters - Load balancing clusters provide scalability and increase availability of Web-based services. The following figure shows an example of an active/active deployment. A user can deploy 4 node cluster on PSA-7000. All other platform models support 2 node clusters only.

Ivanti supports two-node on ICS active-active cluster and standalone nodes with load balancer. Although four-node active-active cluster is typically known to work in some environments, using more nodes in the cluster results in the overhead of the cluster operations like session sync and lesser throughput. To get the optimal performance from the gateways, Ivanti recommends using two-node clusters or standalone nodes behind a load balancer.

The system (UI) allows adding up to 8 nodes. However, only up to 2 nodes in a cluster have been officially qualified.

Failover clusters or active/passive clusters - Failover clusters provide high availability (HA). The primary purpose of HA clusters is to provide uninterrupted access to data, even if a server loses network or storage connectivity, or fails completely, or if the application running on the server fails. The following figure shows an example of an active/passive deployment. The active/passive cluster supports only 2 node clusters in all types of platforms except VA.

Configuration-only clusters - This option allows only the configuration elements to be synchronized. This does not allow session or user data synchronization.

  • For further information on clustering and scalability, please contact Ivanti technical help.
  • Ivanti access management framework also supports an IPv6 configuration for active/active and active/passive clusters.

 

 

 

Requirements and Limitations

You must follow these considerations when deploying a cluster:

Cluster members must run the same software version.

Cluster members must use the same hardware platform.

State synchronization must occur only through the internal Network Interface Card (NIC).

Ensure the cluster communication and resource access must take place over an internal network.

You can deploy an active/passive clustering only within the same IP subnet.