Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Gateway Clustering

    Posted 01-07-2024 14:52

    Dears,

    We will establish GW cluster for new project in Imperva DAM. Any advice or recommendations regarding the implementation? The cluster will be 3 GWs


    #DatabaseActivityMonitoring

    ------------------------------
    Omar Ahmed Semeet
    Information Security Engineer
    Nile.com, Inc.
    Al-Maadi
    ------------------------------


  • 2.  RE: Gateway Clustering

    Posted 01-08-2024 00:12

    This has always been an architecture discussion that our consulting team reviews with our customers, but you can review cluster information here:

    https://docs.imperva.com/bundle/v14.14-database-activity-monitoring-user-guide/page/Gateway_Cluster.htm

    Regarding topology's, there is a simplicity to network topology, but I've always preferred the dual network topology when it was available to do so.  Each environment has different requirements and constraints, so you have to should keep that in mind as well.

    I will say this though, I highly recommend that you deploy a Gateway cluster rather than an HA Gateway Pair, or other failover solution.  the GW cluster is far superior.

    Not to side-track, but something that was a struggle for IT and security teams years ago was being able to have labs for testing and QA.  Well, with the current Imperva licensing standards with Data360 (per database server licensing), you no longer have those same cost constraints.  You can deploy and run as many appliances as you want or need to monitor the number of database servers you have licensed.

    And whenever I hear any customer talking about clustering, load-balancing, or high-availability, I know that there will also be the need for failover and upgrade testing, etc. on some regular cadence.  And I just mention it because, my recommendation is to make sure that you have a test or QA lab also stood up when you're operationalizing, so that you may easily replicate the exact same procedure in your lab, before you do it in production later.

    That's my advice, since our licensing allows you to easily do so while incurring minimal or even no cost, absolutely include a lab environment as part of your production roll-out, since we know that you'll be required to perform some sort of failover and/or upgrade testing, etc.

    I hope that's helpful.



    ------------------------------
    John Thompson
    Director, Channel Presales
    Imperva
    San Diego CA
    ------------------------------