Dedicated Management Network

When you configure a Traffic Manager, you can choose to nominate a single management IP address. The Traffic Manager then only accepts management traffic on that address. See the Pulse Secure Virtual Traffic Manager: Installation and Getting Started Guide applicable to your product variant for the configuration procedure required to set a dedicated management IP address.

For Traffic Manager documentation, see the Ivanti Web site at: www.ivanti.com

Management traffic includes all access to the Web-based Traffic Manager Admin UI, the Control API, the REST API, and any configuration or state sharing within a Traffic Manager cluster.

Use can use the management IP address to provide a dedicated, trusted management network. Typically, each host running a Traffic Manager has a dedicated network card that is connected to the management network.

For more information on the security aspects of network setup, see System Security. Ivanti recommends you read this chapter carefully before setting up live services.

To modify the management IP address on a fully configured Traffic Manager, login to the Traffic Manager Admin UI and click System > Security > Management IP Address and Admin Server Port. Set "bindip" to the required management IP address, then click Update to save your changes. For software variants, you can also rerun the "configure" script. Note that a software restart is required for this procedure.

Each management IP address is a single point of failure in a Traffic Manager cluster. If the management network fails, all inter-machine communication is lost and remote configuration using the Admin UI, Control API or REST API is impossible.

For resilience, the fault-tolerance messages that each Traffic Manager sends are broadcast over all network cards. You can restrict this traffic to the management network in the Admin UI.