25Planning the installation
About simple failover
By default, the enable intrusion prevention option is selected during Symantec
Critical System Protection agent installation.
Symantec Critical System Protection supports intrusion prevention on
computers that run Windows, Solaris, and Linux operating systems.
About simple failover
Symantec Critical System Protection includes simple failover. Should the
primary management server fail, simple failover lets agents automatically
switch to the next management server in an ordered list of alternate servers.
Simple failover enables you to deploy a set of front-end Tomcat servers without
reconfiguring your IT infrastructure. The ordered list of management server
host names or IP addresses is maintained by the Symantec Critical System
Protection agent configuration.
Another use for simple failover is static load balancing. With static load
balancing, you manually assign a set of agents to each Tomcat server. Each
agent can fail to a different Tomcat server if its primary server becomes
inaccessible.
How simple failover works
Simple failover works as follows:
■ When the IPS Service starts up, it uses the first server in the ordered list of
management servers. The first server in the ordered list is considered the
primary management server; the remaining servers are alternate servers.
The IPS Service uses server #1 as long as communication with the server is
successful.
■ At startup, the IPS Service always uses the first server in the ordered list of
management servers, regardless of which server was in use when the IPS
Service was shut down.
■ When the ordered list of management servers changes, the IPS Service
immediately attempts to connect to the first server in the new list.
■ When communication with a server fails, the IPS Service uses the next
server in the ordered list of management servers. When communication
with the last server fails, the IPS Service uses the first server in the list. The
IPS Service loops through the ordered list of management servers
indefinitely.
■ When the IPS Service switches to a new management server, it logs the
action.