1. Can the RSA Identity Lifecycle Appliance be clustered for failover
(a) within a single data centre (b) across two data centres over a WAN?
2. How long does it take for the fail-over to occur - so the other appliance failed-over assumes all the functions that the primary appliance had been providing earlier?
3. If one of the clustered appliances fails, what steps are required to bring it back to full functionality, and how long does it take to get back to the original configuration for both the appliances?
4.Is the RSA Identity & Lifecycle Appliance available as a physical or virtual instance, or both?
Hi Yajnavalkya,
The RSA Identity Governance & Lifecycle Appliance clustering is not available in a Active-Passive setup for failover. Both nodes are available and working simultaneously.
Note that the clustering does not include the database, i.e. all nodes point to one central database. You have one System Operations Node (SON), and one or more General Nodes.
Most stuff can be done from both nodes (Reviews, activities, submitting CRs ... etc) but only the SON can perform stuff like running collectors.
1. It is not recommended to be over different data centers. Cluster nodes communication is not designed to work over long (potentially unstable) WAN connections. It would work but could cause performance issues and require multiple ports to be open between data centers which is not ideal for most.
2. Since both nodes are working, all you need to do is Click one button on the UI to make one of the general Nodes the new SON, then restart this node. So it would take the time you need to restart the application.
3. Depending on why the node failed, but the worst case is that you would just need to reinstall the failed node from scratch and point it to the same database. So it would be the time needed to do a remote Database installation (i.e. an Application installation without installing a new DB).
4. It is available as both and clustering can be done on both as well.