Configuration has yet to be fully verified, Kemp Support will gladly assist if your BeyondInsight Server traffic is not flowing as expected.
BeyondInsight gives you control over internal and external risks. It’s a unique, unified platform combining privilege and vulnerability management solutions, enabling IT professionals and security experts to work together with greater control and enhanced efficiency.
BeyondInsight / PowerBroker Password Safe supports a number of configuration methodologies for high availability, redundancy, and scalability. The solution may be installed as software, or delivered as a ready to run security appliance, called a UVM; the latter being the
more common deployment method. Most configurations require the use of an external application delivery controller as a load balancer to help end-users and software endpoints continue to connect to the BeyondInsight system when a primary IP address goes offline in a
1.2 Document Purpose
This section details a configuration for a specific application that has been provided by a customer but has yet to be fully tested.
The purpose of this document is to give readers an overview on the recommended best practice settings when configuring the BeyondInsight Server components for load balancing.
Configuration has yet to be fully verified, but Kemp Support will gladly assist if BeyondInisght Server is not flowing as expected.
2 Configuration Required
Three Virtual Services
1. PowerBroker Password Safe
2. SSH 4422
3. RDP 4489
2.1 Global Configuration
>No Changes Required
2.2 Virtual Service Configuration
PowerBroker Password Safe
> New Virtual Service
> Enter IP Address
> Port = 443
> Name = PowerBroker Password Safe
> Add New Virtual Service
2.3 Standard Options
Modify VS > Standard Options
2.4 Real Servers
LoadMaster will Send GET request to URL "/UVMInterface/api/HighAvailability" and will search for string "Active" in the response. Standby Server will show as "Down" as this response will contain string "Passive"
2.5 Configuring SSH and RDP Services
1. Duplicate VS
Modify VS > Duplicate > Change Port from 443 to 4489
for RDP and 4422 for SSH.
2. Update Real Servers Destination Port
Real Servers > Modify Real Server > Port
Change Port from 443 to 4489 for RDP and 4422 for SSH.
If you have successfully Load Balanced your BeyondInsight Password Safe Servers environment by implementing this specific configuration, please give a thumbs up or please leave a comment on a possible alteration that was required to make it function. Thank you
Internal load balancers, which load balance traffic within a virtual network. External load balancers, which load balance external traffic to an internet connected endpoint.