Guidelines for deploying Secure SD-WAN in the Engine/VPN role
There are some general deployment guidelines for Engines, Master Engines, and the SMC.
Component | General Guidelines |
---|---|
Management Server | Position on a central site where it is physically accessible to the administrators responsible for maintaining its operation. |
Log Servers | Place the Log Servers centrally and locally on sites as needed based on log data volume and administrative responsibilities. |
Management Clients | Management Clients can be used from any location that has network access to the Management Server and the Log Servers. |
Management Server | Position on a central site where it is physically accessible to the administrators responsible for maintaining its operation. |
Engines | Position Engines at each location so that all networks are covered. Engines can be clustered. Functionally, the Engine Cluster is equal to a single high-performance Engine. Cluster deployment sets up a heartbeat link between the Engines. The heartbeat link allows the devices to:
|
Master Engines | Position Master Engines where Virtual Engines are needed. For example, at a hosting location for MSSP services or between networks that require strict isolation. Master Engines
can be clustered. A clustered Master Engine provides scalability and high availability. In a Master Engine
Cluster, the Virtual Resource is active in one Master Engine at a time. Cluster deployment sets up a heartbeat
link between the Engines. The heartbeat link allows the devices to:
|