Redundancy

 

Redundancy provides the FPSMC with fault tolerance. You can install a single backup FPSMC server that will automatically replicate data from the primary server and perform signature updating if the primary server is unavailable. A backup server can perform the functionality of the primary server without excessive configuration.

A backup server performs a subset of FPSMC functionality and only displays options available to a backup server in the console. For more information about the console, see Administrator Console Overview.

The backup server runs signature redistribution jobs independently of the primary server, based on the SQL Server database replicated from the primary server. Thus, when the primary server is functioning, both the primary and backup servers are checking for updates and potentially sending down updates to the managed servers. When a primary server goes offline for any reason, the backup server continues to run the signature redistribution jobs without interruption. The failover is transparent to the managed servers.

Should the primary server need to be reinstalled, the backup server must also be reinstalled. When you reinstall a primary server, a new certificate for FPSMC is generated, and this new certificate will not match the certificate you imported when installing the backup server. This mismatch will prevent replication between the primary and backup servers. For more information about restoring FPSMC, see Restoring FPSMC.

Replication Configuration

Once you have created one or more Signature Redistribution jobs on the primary server, log on to your backup server and configure it to replicate from the primary server at a specific interval.

The replication frequency setting can have important implications for overall FPSMC service performance. You must make a decision, based on the trade-offs in system performance. The shorter the replication frequency, the more assured you are that the data from the primary server is replicated to the backup server. However, the greater the replication frequency, the higher the load exerted on other aspects of the overall FPSMC system and the network environment. This process consumes system resources, and the more often the process is repeated, the greater the impact on the FPSMC server's performance. The network load/traffic will be much higher, because the data is being transferred more often. Also, the processing load on the synchronizing systems is increased as the process occurs more often.

To set up replication configuration

  1. On the backup server, click Global Configuration, located in the Administration section of the Navigation Area, to open the Global Configuration work pane.

  2. Enter the start time for the replication job to begin. The default is 12:00 AM (midnight).

  3. Select the replication frequency. This setting can either be a number of days, or every 1, 2, 3, 4, 6, 8, or 12 hours in a single day.

  4. Click Save.

Signature Update Redundancy

The primary function of a backup server is to ensure uninterrupted signature updates. The scheduled signature update jobs are replicated to the backup server. The backup server will download the signature updates from the Internet at the scheduled time and try to redistribute them to all of the managed servers. The behavior of the backup server is exactly the same as that of the primary (that is, it will only download a signature update if it is more recent than the current version).

Once you have set up the replication configuration, the signature redistribution jobs created on the primary server are automatically copied to the backup server. These jobs cannot be edited on the backup console. Jobs created on the backup server are marked with an asterisk (*), to differentiate them. Edits made to these jobs on the primary server will be replicated to the backup server. Additionally, you can create new signature redistribution jobs on the backup server; however, these jobs will not be replicated to the primary server.

It is recommended that you verify signature updates will occur properly on the backup server.

To verify signature updates

  1. First make sure that replication is properly configured. You can verify that replication is working by confirming that the backup server has replicated all of the jobs from the primary server.

  2. Take the primary server off the network.

  3. At the scheduled update time, check the managed servers to see whether their engine files are being updated.

What You Can and Cannot Do on a Backup Server

A backup server has a limited subset of functionality compared to a primary server. You can perform the following tasks on a backup server:

  • Run Signature Redistribution jobs that were previously created on the primary server.

  • Create new Signature Redistribution jobs. These jobs will not be replicated to the primary server.

  • Edit, copy, and delete Signature Redistribution jobs created on the backup server.

  • Configure replication settings.

  • View notifications for the Signature Redistribution and Data Replication jobs.

You cannot perform the following tasks on the backup server:

  • Modify or add servers or server groups.

  • Modify or add users to the FPSMC.

  • Add, modify, or run Deployment, Schedule Reports, or Product Activation jobs.

  • Modify Signature Redistribution jobs that were previously created on the primary server.

  • Access the quarantine.

  • Add or modify packages.

  • View reports.

  • View notifications for Deployment, New Server Discovery, Product Activation, or Agent Deployment jobs.