What is the recommended best practice for a Secure ID DR architecture for a total site failure? We currently have our primary and replication server in the same physical location. We are looking to re-architecture for a total site failure. What is the recommended design for this use case?
There are a number of options depending on your budget.
Clearly creating an Replica server at another physical location would be beneficial. Many customers also do this to make sure there are servers locally available to agents that can process authentications. This is a simple, low-cost solution. The drawback is that there is some administrative down-time while the server in the remote location is "promoted".
Another option could be to use a virtualization infrastructure such as VMware. Authentication Manager is qualified with VMware's "vMotion" functionality allowing the primary server to transparently moved/re-created on hardware within a VMware cluster. This is clearly a more high-end solution and "virtually eliminates" (pun intended) any administrative down-time.
Look for some future announcements that may provide additional options in this area.