In this Section we are going to talk about Clustering the Clearpass to get the Failover and High-availability. Also we will talk about design the Clearpass
In ClearPass Cluster there is one Publisher and unlimited Subscribers you can keep in your environment. Publisher doing the main role of the Clearpass. Managing Configuration Database is Publisher role. Publisher have Read and Write access to Configuration DB. Subscribers have only Read-only access to Configuration DB. Each ClearPass has full Read and write access to own log database . Insight DB is only active on ClearPass server where its enable.
To setup Cluster you need one CPPM as a Publisher and one or more CPPMs as Subscriber
Note:- After Clearpass 6.8 built in HTTPS self sign certificate must be Replace with trusted certificate
Clearpass can deployed for 2 Ways. Centralized and Distributed, In Centralized method you can increase the capacity of total CPPM servers. In distributed method you have publisher and subscriber can act as a standby publisher in DC.
Multi-Master Cache allow CPPM to quickly flush real time data. This Cache contain lot of temporary information that does not need to write in permanently. This will Concerns may arise of Inter-cluster traffic. To prevent that we can use Policy manager Zones.
Provide High Availability in ClearPass we can use Virtual IP configuration and standby publisher methods.
Thanks!!!!!
Leave a Reply