This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

Secondary SA Server 10.6

MarcinGryga
Beginner
Beginner

‎2016-05-18 06:01 AM

Hi,

 

I have to deploy 2nd SA Server for my customer, we have 10.6.0.1 SA version. Is there any exact guide how to deploy this server ? I.e. how to create accounts, best practices etc.

Official documentation ( Multiple Security Analytics Server Deployment - RSA Security Analytics Documentation  ) doesn't contain needed information.

 

Regards

Marcin

0 Likes
16 REPLIES 16

MihaMesojedec
Employee
Employee

‎2016-05-20 02:45 PM

Hi David,

 

Using Professional Service is not always solution in some regions in Europe, where RSA services are too expensive, so partner needs to do all implementation.

 

If we are selling enterprise solution then we should create high availability capability for all our components without any limitation on secondary devices.

 

Thanks,

Miha

MarcinGryga
Beginner
Beginner

‎2016-05-23 03:35 AM

Hi David,

 

I'm thinking more about HA than only 2nd SA Server. It's not possible to implement HA solution with physical devices currently ( as I know, maybe I'm wrong ), with VM environment it's easier because we can use VMware HA  if physical server goes down.

In my opinion RSA should create redundancy for SA product on services level ( service clustering ? ). I know it's not easy task, but enterprise class products should have this feature, also no build-in option for system backup is a problem for some customers ( they ask this every time when I meet a new potential customer !  ), I know we can backup environment settings using scripts, but it's not enough for many customers.

 

Regarding our case now, my customer will work as a MSSP , so with RSA help ( Miha, Helmut ) we managed to show them how it can be done, but it's not easy architecture ( i.e. Active/passive solution can't be done with primary and online secondary site without doubling licenses ! ).

2nd SA Server wil be used mainly for customer investigations, and for this task this type of service is enough.

 

Thanks

Marcin

0 Likes

Anonymous
Not applicable
In response to DavidPoirier

‎2016-05-23 04:21 AM

For what we spend on our support contract, if an upgrade removes functionality (the secondary server worked fine in 10.3) then telling us we need a PS engagement to restore that functionality is not going to be well received.

DavidWaugh1
Employee
Employee

‎2016-06-30 06:26 AM

I have opened up the following RFE (Request For Enhancement for this)

 

SATCE-1788 Full Fault Tolerance and High Availability of Security Analytics Deployment

 

If this is a theme that is important please "like"  this comment.

MarcinGryga
Beginner
Beginner

‎2016-07-20 04:03 PM

Hi David,

 

I'm refreshing this post, is FT and HA added to Security Analytics roadmap ?

0 Likes

DavidWaugh1
Employee
Employee
In response to MarcinGryga

‎2016-07-22 04:20 AM

Hi Marcin, what I'm going to do at one customer is put the SA Server component on a virtual machine and then use the HA features of vmware to give high availability. I think the other components can be designed to be redundant.

 

Hopefully product management will post here with an update.

0 Likes

JayWatson
Beginner
Beginner
In response to DavidWaugh1

‎2017-09-21 12:02 PM

Hi There -

 

As this RFE was submitted over a year ago, would it be possible to get a update on where this is at? 

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.