Up
Previous Next

Sheriff CSMâ„¢

High Availability Configuration

High availability (HA) replicates data to avoid any potential loss of events, assets, or configurations should one or more components cease operation for any reason.

Sheriff strongly recommends that you configure Sheriff CSM Appliance for high availability, particularly, for compliance requirements, so that no data are lost.

Note: Sheriff CSM supports HA only in its Sheriff CSM Standard and Sheriff CSM Enterprise products.

How Does the High Availability Solution Work?

The Sheriff CSM high availability solution consists of a set of redundant Sheriff CSM Appliance nodes that mirror each other.

This HA system remains operational, with the primary (master) instance being active and the secondary (slave) instance, passive. If the primary instance fails, the secondary instance becomes active automatically, replacing the failed node.

Cold or standby backup for High Availabililty.

Active (left) and passive (right) nodes for a Sheriff CSM Appliance system component

When you are ready to bring the failed node back on line, it again becomes the active node and the node that took its place reverts to being the passive node. Users must make the switch manually.

Each node has a unique IP address, but shares the same virtual IP address with its clone.

The HA deployment always starts with the Sheriff CSM Appliance Server and the Sheriff CSM Sensor. If the Sheriff CSM Appliance Logger is part of your Sheriff CSM Appliance deployment, you should configure it last.

Typical HA topology for USM Appliance, including loggers.
Typical HA topology, including loggers
Topic revision: r12 - 29 Aug 2021, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.