Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Register Agent to a clúster

    Posted 07-14-2022 12:00
    Hello Community,

    I will deploy a Cluster DAM, on diferent subnets as imperva define Dual Separate agent networks

    Cluster 192.168.87.x eth0
    Agent listener 192.168.80.x eth1

    When I create cluster, I defined manager 1 and manager 2, my question is which is the IP that I need to register and agent, manager 1 or manager 2 and if have to be on Cluster or agent listner.


    I will be happy if you could help me with this question.

    Regards
    #ImpervaAgent

    ------------------------------
    Felipe Castillo
    analista de seguridad
    CDMX
    ------------------------------


  • 2.  RE: Register Agent to a clúster

    Posted 07-15-2022 07:56
    Hi Filipe,
    You must have two different VLANs when you deploy on a separate dual network.
    First VLAN is for the MGMT interface and cluster interface (do it on eth0), second interface (eth1) is for the agent listener.
    You register cluster gateway (manager1, manager2) on ETH0.
    You can register the DB agent on any agent listener interface. The agent will be switching between gateways. Do not forget about the agent-related routes (on impcfg).
    Before the cluster configuration, you must remember that gateway has to be in sniffing mode and turn off all sniffing interfaces. It would be best if you didn't create a listener interface on the same sniffing interface.

    ------------------------------
    Karol Gruszczyński
    IT Security Expert
    Trafford IT
    Warsaw
    ------------------------------