Can reporting databases be hosted in a SQL Server cluster?
SQL Server clustering may be used with all supported standard and enterprise versions of Microsoft SQL Server for failover or high availability (Forcepoint Email Security and Forcepoint Web Security only).
If your organization uses a SQL Server cluster to provide failover for your database servers, the Forcepoint reporting databases can be hosted by the cluster if:
- A virtual IP address is assigned to the cluster.
- The data managed by SQL Server is housed on a reliable shared disk array.
When you install reporting components in a network that uses a SQL Server cluster, it is imperative that the cluster’s virtual IP address is used to configure the reporting database connection. When this is done, reporting data is sent to SQL Server via the virtual IP address.
If you configure reporting components (like Web and Email Log Server) to use the IP address of an individual node in the cluster, they cannot take advantage of the failover protection of the cluster.
- If the configured node becomes unavailable, reporting components cannot process data into the reporting database.
- For web and email security solutions, log cache files continue to be saved on the Log Server machine. These files can build up quickly and fill the disk, causing additional problems.
When failover occurs, reporting components must wait briefly while the secondary SQL Server is made primary. When SQL Server begins accepting data over the virtual IP address again, reporting data is once again sent successfully.
This pause in recording data occurs both when failover occurs in a SQL Server cluster and when a standalone SQL Server installation fails and is later brought back online. Any records that were actively being processed into the reporting database when the primary SQL Server fails are lost.
- For Web and Email solutions, if you are using BCP log insertion, the loss is generally a full batch (log cache file) of filtering records.
- With ODBC log insertion, fewer records may be lost.