This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
SandipKandelkar
Beginner
Beginner
‎2020-05-07 01:47 PM

Adding the Authentication manager replica cause downtime ?

Jump to solution

Hello

 

we are planning to add first AM replica instance . will it cause any downtime.

Labels (1)
0 Likes
Reply
1 Solution

Accepted Solutions
MohamedSaber
Employee
Employee
‎2020-05-07 01:52 PM

Jump to solution

Hello Sandip Kandelkar

 

The short answer is no. Adding  a replica doesn't cause or need a downtime. For the detailed steps to add a replica, please check the following documents. 

 

Replica Instance

Attach the Replica Instance to the Primary Instance

View solution in original post

Reply
5 Replies
MohamedSaber
Employee
Employee
‎2020-05-07 01:52 PM

Jump to solution

Hello Sandip Kandelkar

 

The short answer is no. Adding  a replica doesn't cause or need a downtime. For the detailed steps to add a replica, please check the following documents. 

 

Replica Instance

Attach the Replica Instance to the Primary Instance

Reply
EdwardDavis
Employee
Employee
In response to MohamedSaber
‎2020-05-07 02:17 PM

Jump to solution

True, I've set up radlogin4 for 1 authentication per second to my primary, and then installed a replica...observed zero lost authentications.

0 Likes
Reply
SandipKandelkar
Beginner
Beginner
In response to MohamedSaber
‎2020-05-07 03:51 PM

Jump to solution

Hello Mohamed,

 

thanks for the confirmation. 

 

I have another question. 

we are using SecureID hardware token. Before adding AM replica instance , do i need to set up Load balancer .

we dont have web Tier.  

0 Likes
Reply
JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor
In response to SandipKandelkar
‎2020-05-07 04:04 PM

Jump to solution

No, load balancer is not required with Authentication Manager, and in some cases might be more than useless.  If you want your users to be able to access either the Self Service Console and/or CTKip URLs for delivery of software tokens and your users are not connected to your internal network (either on your Corp LAN or through VPN) then you could setup a Web Tier or two, and if you wanted to, you could put a load balancer in front of the Web Tier

 

AM_FireWall_Ports.png

0 Likes
Reply
JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor
In response to JayGuillette
‎2020-05-07 04:24 PM

Jump to solution

Another place you might place a load balancer is between ReST based TCP agents and replicas, because ReST based TCP agent are configured to authenticate against a single AM server (primary or replica) with fail-over to a second AM server, and so on.  The legacy UDP based agents e.g. Agent for Windows or Web or PAM ver. 7.x.x or less, do not need a load balancer, as they have a discovery mechanism to test connections to every replica to learn which are online and responding (from UDP port 5500).  So putting a load balancer in between UDP based agents and replicas would not just be a waste of time and money, but might actually confuse the keep-alive process.

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.