McAfee ENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE, Manual

Page: 8 / 26

8
Server Redundancy
It is risky to have a single physical server for your enterprise, even if you take regular backups. We recommend
you to take steps to expedite recovery from an outage in accordance with an established Business Continuity
and Disaster Recovery (BCDR) plan.
Hot Backup Databases
Increase the redundancy of the system by replicating the Endpoint Encryption Object Directory to a second
physical server. A dedicated replication tool “Object Directory Backup” which is optimized to follow the
change log of an Endpoint Encryption v5 Object Directory is supplied with the product suite.
In this case set up a resilient system using two physical boxes, both hosting Endpoint Encryption Servers – one
hosting the master ODB and the other having a hot backup. In case the master server fails, the Endpoint
Encryption Server on the second backup box can be restarted in “master” mode. Then rebuild or replace the
affected machine and create a new master.
The ODB Backup utility can also be used to make regular backups of the ODB, giving further recovery options
in case of a disaster. This method however, requires manual interaction to start the failover.
A HotBackup document discussing this scenario is available.
Clustering
Fully automated failovers for applications usually employ a cluster server environment. Although the McAfee
Endpoint Encryption Object Directory and Manager can run on a cluster, we recommend against using ‘shared’
resources where possible. As per McAfee KB53698, Windows Cluster environment has not been fully tested at
this time in engineering.
Load Balancing
Given the best configuration is usually a single high performance server with DAS then the least optimal way to
perform clustering is to put the Object Directory on a network share (NAS) and then install the Management
Center on two servers which access the share simultaneously.
NOTE : The latter will function, but it will be significantly detrimental to server performance.
You should note that if you use special load balancing switches to split network load, you should set them to
allow each client active connection to occur with the same switch throughout the sync event (and not
split/distribute each packet during a single sync).
Making remote connections to the database is slower than local connections, so this design is often too slow
to work effectively.
If DAS is not used and there are issues such as performance, object corruption (especially as object numbers in
the McAfee Endpoint Encryption Object Directory increase) McAfee support will recommend moving to DAS
and high performance dedicated server.
If a SAN is the only option available, please note SAN arrays can prioritize the connections to the physical box
in what is known as Tier levels. Tier 1 is the highest priority, Tier 3 is the lowest. McAfee Endpoint Encryption
needs optimal disk access so would need Tier 1 priority with dedicated LUNS to provide the highest speed
connection. This is necessary for full and prompt service synchronization requests and administration. This
avoids corrupted databases, objects, clients and slow administration performance. Running on SAN is not
recommended, but if it must be done, then the connection must be Tier 1.