Install additional Management Servers for high availability

You can optionally install one or more additional Management Servers for high availability.

1. Log on to the operating system with administrator rights in Windows or as the root user in Linux.
2. Start the Installation Wizard from a .zip file or the Installation DVD.
   Decompress the .zip file.

   • On Windows, the executable is \Forcepoint_SMC_Installer\Windows-x64\setup.exe
   • On Linux, the executable is /Forcepoint_SMC_Installer/Linux-x64/setup.sh

   If the DVD is not automatically mounted in Linux, use the following command:

   mount /dev/cdrom /mnt/cdrom

3. Select the language for the installation, then click OK.
   The language that you select is also set as the default language of the Management Client.
4. Read the information on the Introduction page, then click Next.
   Tip: Click Previous to go back to the previous page, or click Cancel to close the wizard.
5. Select I accept the terms of the License Agreement, then click Next.
6. (Optional) Select where to install the SMC, then click Next.
   The default installation directory in Windows is C:\Program Files\Forcepoint\SMC. Click Choose to browse to a different installation folder.

   Note: If you install the SMC in C:\Program Files\Forcepoint\SMC, the installation creates an extra C:\ProgramData\Forcepoint\SMC folder, which duplicates some of the folders in the installation directory and also contains some of the program data.
7. Select where to create shortcuts, then click Next.
   These shortcuts can be used to manually start components and to run some maintenance tasks.
8. Select Custom as the installation type, then click Next.
9. Select Management Server, then click Next.
10. Configure the settings, then click Next.

    Option	Description
    Select Management Server IP Address	Select the server’s IP address from the drop-down list. If you use IP address binding, the server’s license must be generated with this IP address as the binding.
    Log Server IP Address	Enter the IP address of the Log Server to which this server sends its log data.
    Advanced Management Server Options	Do not select this option. The options are inherited from the active Management Server.
    Install as an Additional Management Server for High Availability	You must select this option.
    Enable FIPS Configuration Restrictions	When selected, restrictions for a FIPS-compatible environment are enabled. Note: This option only is for environments that are required to follow FIPS standards. Do not enable this option unless you have a specific reason to do so.
    Use External Certificate Authority	When selected, the SMC uses certificates issued by an external CA instead of certificates generated by the internal CA on the Management Server for internal TLS communication between system components. Note: In SMC 6.10, this feature is only available when you use the SMC Appliance. Note: Using this option requires additional configuration after installation. For more information, see Installing the SMC with external certificate management .
    Install the Management Server as a Service	When selected, the server starts automatically.

11. Check that the information in the Pre-Installation Summary is correct, then click Install.
12. When prompted during the installation, log on using an unrestricted administrator account.
    The Management Server Selection dialog opens.
13. When the Management Server Selection dialog opens, select the correct Management Server from the list, then click OK.
    You can also select Create a new Management Server, then enter a name for the Management Server.
    The databases are synchronized.

    Note: If the synchronization fails, run the sgOnlineReplication script on the additional Management Server when connectivity is restored.