Choose the Network Topology Layout for Aternity 10

Part of planning the strategy for an Aternity on-premise deployment is deciding where to place the various Aternity servers in your network topology, and whether to place firewalls between any of the components.

Choosing how to place the Aternity servers depends on several factors:

Tip

If a firewall sits between two Aternity servers, open the required ports on the firewall to allow the servers to communicate fully with each other.

Aternity supports three types of topologies:

Important

If your sizing requires that you deploy more than one dedicated Aternity Aggregation Server, you must deploy a third party load balancer (LB). Then configure the Aternity Agent of all devices to point to the LB's virtual IP address (learn more). Configure the LB with persistent (sticky) sessions to ensure the Agent maintains its connection with the same server. Aternity also supports sticky sessions also when the LB implements stickiness via cookies.

Centralized Topology of Aternity on-premise

The centralized topology of Aternity on-premise places all the Aternity servers inside the network, except for the Aggregation Servers, which you place in the DMZ, to allow monitored devices to report their performance from anywhere on the internet or inside the network.

We strongly recommend to secure the connection between monitored devices and the Aggregation Servers with HTTPS. Learn more on configuring HTTPS for monitored devices.

In this deployment, the Management Server, Data Warehouse Server, and Dashboard Server must connect to each other over a very fast network connection (at least 10Gbps).

If a firewall sits between two Aternity servers, open the required ports on the firewall to allow the servers to communicate fully with each other.

Centralized deployment of Aternity on-premise

Distributed Topology of Aternity on-premise

Deploy Aternity with a distributed topology if you want to add extra security to the Aternity Oracle Database Server and Aternity Vertica Database Server, or locate it at a different site from the rest of the Aternity servers. The Oracle Database Server contains the historical data of your devices' performance, as well as all Aternity's system settings and its user details, while the Vertica Database Server holds the same performance data in a different format for increased performance.

We strongly recommend to secure the connection between monitored devices and the Aggregation Servers with HTTPS. Learn more on configuring HTTPS for monitored devices.

As with other topologies, the Management Server, Data Warehouse Server, and Dashboard Server must connect to each other over a very fast network connection (at least 10Gbps).

If a firewall sits between two Aternity servers, open the required ports on the firewall to allow the servers to communicate fully with each other.

Distributed Topology of Aternity on-premise

Local Topology of Aternity on-premise

The local topology for Aternity is the simplest and most secure, placing all the servers inside the same secured zone on the network.

Local deployment of Aternity on-premise

However, it requires that monitored devices can only report their performance when they are inside the enterprise network (on-site or via VPN).

If you want devices to report their performance when they are not connected to the enterprise network, you must place your Aggregation Servers in the DMZ (using either the centralized or distributed topology).