Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Overview

Show HA setup and their Synchronization.

2 CCE (192.168.2.x) servers to be configured at DC in active-passive mode.

In DC, APE-01 (192.168.1.x1) and APE-02 (192.168.1.x2) will be configured in HA mode using an active-passive combination.

A Dedicated 10G Ethernet interface will exist between APE-01 and APE-02.

LTS (LTS-1 – 192.168.3.x) server will be configured in DC.

Devices under test will be sending flows and logs to one of the DC CCE.

Once a day, the DC data will be synchronized with the DR.

Test Procedure

1-   Setup HA APEs and check to make sure both are getting the logs and flows on the dashboard as well as on data ingest i.e., system dashboard.

2-   In the Test Conditions sections above IP addresses are mentioned for all servers.

3-   Please note that the actual IP addresses may be different during test

 

Case I- when cce 1 and 2 are active, ape 1 and 2 are active.  (This is step 1 above)

Cce-1 – main, ape 1 – main , ape-2 backup

Demonstrate – console (ape 1 or 2 ) https:x.y.z.a

Run for 15 min

 

Case II – cce 1 down , repeat the steps above

 

 

Case III- cce 1 up, ape 1 down , above steps

 

Case Iv- cce 1 down , ape 1 down , steps

last 1 hours report / performance dashobaord

Scenario 1 – When CCE-01 goes down at DC

●     Using the state sync between CCEs, CCE-02 will take over the active state automatically.

●     Data sources will continue sending logs to CCE-02.

●     CCE-02 will send parsed data to both APE and raw logs to LTS-1

●     SOC team will continue accessing the APE-01 via FQDN

Scenario 2 – When APE-01 goes down at DC

●     Using the state sync between APEs, APE-02 will take over the active state.

●     Data sources will continue sending logs to CCE-01

●     Active CCE will send parsed data to APE-02 and raw logs to LTS-1

●     APE-02 will start to sync with the APE-03 at DR

●     SOC team will continue accessing the APE-02 via FQDN

●     Lucknow Safe City IT team will investigate and bring back APE-01

APE-01 will become passive APE

Expected Output

  • No labels