MOVEit DMZ Resiliency is a software package that provides sites with the ability to create a "web farm" of two or more MOVEit DMZ servers. These servers collectively appear as a single unified server to users, and provide these advantages in a typical "active-active" configuration:
MOVEit DMZ Resiliency requires:
The first two MOVEit DMZ nodes are called the Primary and Secondary nodes. All database replication and failover occurs between these two nodes. Additional MOVEit DMZ nodes are simply called "application nodes" and are labeled by numbers starting with 3. (Nodes 1 and 2 are the Primary and Secondary nodes.)
Several things can cause MOVEit DMZ to "fail over" in different ways. MOVEit DMZ will try to use email notifications to alert interested administrators if any of these situations occur.
If access to certain services or nodes is lost, connections to the afflicted node may be lost but other services, including connections established to other nodes, should proceed as if nothing happened.
MOVEit DMZ will be able to recover from the following situations after taking between 30 seconds to 2 minutes to automatically decide what to do. (The length of time MOVEit DMZ waits is configurable in the "Configuration Utility: Resiliency Tab" tab.) Recovery in this situation will involve a "fail over" that involves promoting the surviving Secondary node to Primary status.
MOVEit DMZ will not be able to offer any services if any of the following events occur.
Each MOVEit DMZ license permits the software to be installed and run on a single production server and also on a single non-production server. The latter is typically used for testing or standby backup.
Implementing Resiliency requires a minimum of 2 MOVEit DMZ licenses, each of which must be identical in terms of organizations, Ad Hoc Transfer and other options. Implementing MOVEit DMZ Resiliency also requires entering a new MOVEit DMZ license code that specifies the number of resilient nodes that can run simultaneously.
Specific licensing and pricing inquiries should be directed to your Ipswitch sales contact.
Note: Resiliency requires a license key and will not work with a license file.
Besides a comfortable measure of resiliency, an LB should have the ability to make sure all connections from a particular remote IP address go to a single MOVEit DMZ node. (Often, this feature is called "sticky".) This feature is essential when FTP/SSL is used because incoming data port connections must be paired up to control connections on the same machine.
Another thing to consider when selecting an LB is how traffic from the MOVEit DMZ nodes will "get out." Specifically, SMTP email notifications, LDAP queries, RADIUS queries, and the packets emitted by any third-party monitoring tools you may have installed on MOVEit DMZ will all need to be able to connect "out" to email servers, LDAP servers, RADIUS servers and/or management servers.
Finally, if you use remote management tools (Windows Terminal Services, etc.), then it will be useful if your LB can expose each MOVEit DMZ node as a separate IP address to your internal network even as it exposes the entire resilient array to the outside world as a single virtual MOVEit DMZ.
If you wish to avoid a separate, hardware-based load balancer, please consider using the (built-in) Windows 2003 Network Load Balancing services, also known as Window Load Balancing Service (WLBS). These services were qualified to work with MOVEit DMZ Resiliency in July 2004. MOVEit DMZ Resiliency is aware of WLBS and automatically controls the availability of the node through Network Load Balancing as the node's MOVEit DMZ becomes healthy or unhealthy.
See the "Resiliency - Architecture" page for recommended Load Balancer configurations.
Almost any file server or Windows share, and many other devices, can act as the NAS. See the "Windows FileSystem" section of "Resiliency - Technical Discussion" for more information.
Three of the four components of a resilient system (Primary/Secondary nodes, other MOVEit DMZ nodes and the NAS) are often built from normal PC server hardware. This section briefly covers what to look for when purchasing hardware for a resilient system, but please consult the MOVEit support site for current/specific recommendations.