VM advantages and disadvantages

From Swivel Knowledgebase
Jump to: navigation, search

Overview

This documents outlines the benefits and downsides of a PINsafe VM installation. For further information on the VM types see Appliance.

For comparison of the Hardware Installation see Hardware advantages and disadvantages

For comparison of the Software Installation see Software Install advantages and disadvantages


Advantages

Supported platform for PINsafe deployment

Simple Command Management Interface (CMI) for all OS functions

Testing and support tools in CMI

Management of regular backups and off server backup storage

Appliance upgrades, patches and bug fixes

MySQL DB on appliance gives resilience and scalability

Proxy port for graphical images from the PINsafe appliance gives an additional layer of security

Management port separated from graphical image port for security

VIP on appliances allow failover on appliances on the same IP broadcast subnet

Session sharing of graphical Single Channel image between a pair of PINsafe servers on the same IP multicast network, configurable through CMI

VM can be stored on a fully redundant file storage system

VM tools such as VMotion can allow PINsafe to be brought back online quickly

VM Snapshots can be taken for testing

Portable VM format for importing into different VM environments

No hardware to maintain

No hardware to ship or return

A/A solution makes everything redundant thus providing a solution to failures in raid arrays (which affect dual hard disk systems), and power board (which affect dual power supply systems)


Disadvantages

VM type type may not be part of organisation standard

Swivel is often deployed in the DMZ and a VM infrsatructure may not be present


Deployment Considerations

High Availability

If a HA solution is required, it is better to deply this the HA solution initially. Moving from a standalone installation to a Active/Active-DR solution requires replacing the standalone solution. It would however be possible to deploy one half of an A/A solution to compete deployment at a later date.


Virtual IP Address

This allows a Virtual IP (VIP) address to move from a failed server to a working server. This requires both PINsafe servers to be on the same subnet.


Single Channel Session Sharing

When a single Channel Image request is made, the RADIUS or Agent-XML authentication needs to be made against the same PINsafe server. To allow authentication on a second PINsafe server then session sharing needs to be enabled. This requires that the PINsafe servers are allowed to communicate using multicast


Next Step

See Getting Started Virtual Appliance

Retrieved from "https://kb.swivelsecure.com/w/index.php?title=VM_advantages_and_disadvantages&oldid=3157"