Table of contents Choose the Network Topology Layout for Aternity on-premise Part of planning the strategy for an Aternity on-premise deployment is deciding where to place the various Aternity servers in your network topology, and whether to place firewalls between any of the components. Choosing how to place the Aternity servers depends on several factors: The Management Server, Data Warehouse Server, and Dashboard Server must connect to each other over a very fast network connection (at least 10Gbps). If your monitored devices report performance data from anywhere, including outside the enterprise network, place the Aggregation Servers in your DMZ, and secure communications between the devices and the servers. Some Aternity components can share the same computer, depending on the size of your deployment. To determine the number of computers, check the correct sizing for your deployment. Tip If a firewall sits between two Aternity servers, remember to open the required ports on the firewall to allow the servers to communicate fully with each other. Aternity supports three types of topologies: Centralized Topology of Aternity on-premise Distributed Topology of Aternity on-premise Local Topology of Aternity on-premise Important If you deploy more than one dedicated Aternity Aggregation Server, you must deploy a third party load balancer (LB). Then configure the Aternity Agent of all devices to point to the LB's virtual IP address. Configure the LB with persistent (sticky) sessions to ensure the Agent maintains its connection with the same server. Centralized Topology of Aternity on-premise The centralized topology of Aternity on-premise places all the Aternity servers inside the network, except for the Aggregation Servers, which you place in the DMZ, to allow monitored devices to report their performance from anywhere on the internet or inside the network. We strongly recommend to secure the connection between monitored devices and the Aggregation Servers with HTTPS. Learn more on configuring HTTPS for monitored devices. In this deployment, the Management Server, Data Warehouse Server, and Dashboard Server must connect to each other over a very fast network connection (at least 10Gbps). If a firewall sits between two Aternity servers, remember to open the required ports on the firewall to allow the servers to communicate fully with each other. Centralized deployment of Aternity on-premise Distributed Topology of Aternity on-premise Deploy Aternity with a distributed topology if you want to add extra security to the Aternity Database Server, or locate it at a different site from the rest of the Aternity servers. The Database Server contains the historical data of your devices' performance, as well as all Aternity's system settings and its user details. We strongly recommend to secure the connection between monitored devices and the Aggregation Servers with HTTPS. Learn more on configuring HTTPS for monitored devices. As with other topologies, the Management Server, Data Warehouse Server, and Dashboard Server must connect to each other over a very fast network connection (at least 10Gbps). If a firewall sits between two Aternity servers, remember to open the required ports on the firewall to allow the servers to communicate fully with each other. Distributed Topology of Aternity on-premise Local Topology of Aternity on-premise The local topology for Aternity is the simplest and most secure, placing all the servers inside the same secured zone on the network. Local deployment of Aternity on-premise However, it requires that monitored devices can only report their performance when they are inside the enterprise network (on-site or via VPN). If you want devices to report their performance when they are not connected to the enterprise network, you must place your Aggregation Servers in the DMZ (using either the centralized or distributed topology). Open Ports Between Aternity on-premise ComponentsParent topic Plan your Deployment Strategy for Aternity on-premiseRelated tasksSecure your Aternity on-premise DeploymentRestore Aternity Database from a Backup / Disaster Recovery (DR)Related referenceChoose the Sizing and Hardware Requirements of your Aternity on-premise DeploymentChoose your Backup Strategy for Aternity on-premiseImplement Redundancy, High Availability (HA), and Failover for Aternity on-premise SavePDF Selected topic Selected topic and subtopics All content Related Links
Choose the Network Topology Layout for Aternity on-premise Part of planning the strategy for an Aternity on-premise deployment is deciding where to place the various Aternity servers in your network topology, and whether to place firewalls between any of the components. Choosing how to place the Aternity servers depends on several factors: The Management Server, Data Warehouse Server, and Dashboard Server must connect to each other over a very fast network connection (at least 10Gbps). If your monitored devices report performance data from anywhere, including outside the enterprise network, place the Aggregation Servers in your DMZ, and secure communications between the devices and the servers. Some Aternity components can share the same computer, depending on the size of your deployment. To determine the number of computers, check the correct sizing for your deployment. Tip If a firewall sits between two Aternity servers, remember to open the required ports on the firewall to allow the servers to communicate fully with each other. Aternity supports three types of topologies: Centralized Topology of Aternity on-premise Distributed Topology of Aternity on-premise Local Topology of Aternity on-premise Important If you deploy more than one dedicated Aternity Aggregation Server, you must deploy a third party load balancer (LB). Then configure the Aternity Agent of all devices to point to the LB's virtual IP address. Configure the LB with persistent (sticky) sessions to ensure the Agent maintains its connection with the same server. Centralized Topology of Aternity on-premise The centralized topology of Aternity on-premise places all the Aternity servers inside the network, except for the Aggregation Servers, which you place in the DMZ, to allow monitored devices to report their performance from anywhere on the internet or inside the network. We strongly recommend to secure the connection between monitored devices and the Aggregation Servers with HTTPS. Learn more on configuring HTTPS for monitored devices. In this deployment, the Management Server, Data Warehouse Server, and Dashboard Server must connect to each other over a very fast network connection (at least 10Gbps). If a firewall sits between two Aternity servers, remember to open the required ports on the firewall to allow the servers to communicate fully with each other. Centralized deployment of Aternity on-premise Distributed Topology of Aternity on-premise Deploy Aternity with a distributed topology if you want to add extra security to the Aternity Database Server, or locate it at a different site from the rest of the Aternity servers. The Database Server contains the historical data of your devices' performance, as well as all Aternity's system settings and its user details. We strongly recommend to secure the connection between monitored devices and the Aggregation Servers with HTTPS. Learn more on configuring HTTPS for monitored devices. As with other topologies, the Management Server, Data Warehouse Server, and Dashboard Server must connect to each other over a very fast network connection (at least 10Gbps). If a firewall sits between two Aternity servers, remember to open the required ports on the firewall to allow the servers to communicate fully with each other. Distributed Topology of Aternity on-premise Local Topology of Aternity on-premise The local topology for Aternity is the simplest and most secure, placing all the servers inside the same secured zone on the network. Local deployment of Aternity on-premise However, it requires that monitored devices can only report their performance when they are inside the enterprise network (on-site or via VPN). If you want devices to report their performance when they are not connected to the enterprise network, you must place your Aggregation Servers in the DMZ (using either the centralized or distributed topology). Open Ports Between Aternity on-premise ComponentsParent topic Plan your Deployment Strategy for Aternity on-premiseRelated tasksSecure your Aternity on-premise DeploymentRestore Aternity Database from a Backup / Disaster Recovery (DR)Related referenceChoose the Sizing and Hardware Requirements of your Aternity on-premise DeploymentChoose your Backup Strategy for Aternity on-premiseImplement Redundancy, High Availability (HA), and Failover for Aternity on-premise
Choose the Network Topology Layout for Aternity on-premise Part of planning the strategy for an Aternity on-premise deployment is deciding where to place the various Aternity servers in your network topology, and whether to place firewalls between any of the components. Choosing how to place the Aternity servers depends on several factors: The Management Server, Data Warehouse Server, and Dashboard Server must connect to each other over a very fast network connection (at least 10Gbps). If your monitored devices report performance data from anywhere, including outside the enterprise network, place the Aggregation Servers in your DMZ, and secure communications between the devices and the servers. Some Aternity components can share the same computer, depending on the size of your deployment. To determine the number of computers, check the correct sizing for your deployment. Tip If a firewall sits between two Aternity servers, remember to open the required ports on the firewall to allow the servers to communicate fully with each other. Aternity supports three types of topologies: Centralized Topology of Aternity on-premise Distributed Topology of Aternity on-premise Local Topology of Aternity on-premise Important If you deploy more than one dedicated Aternity Aggregation Server, you must deploy a third party load balancer (LB). Then configure the Aternity Agent of all devices to point to the LB's virtual IP address. Configure the LB with persistent (sticky) sessions to ensure the Agent maintains its connection with the same server. Centralized Topology of Aternity on-premise The centralized topology of Aternity on-premise places all the Aternity servers inside the network, except for the Aggregation Servers, which you place in the DMZ, to allow monitored devices to report their performance from anywhere on the internet or inside the network. We strongly recommend to secure the connection between monitored devices and the Aggregation Servers with HTTPS. Learn more on configuring HTTPS for monitored devices. In this deployment, the Management Server, Data Warehouse Server, and Dashboard Server must connect to each other over a very fast network connection (at least 10Gbps). If a firewall sits between two Aternity servers, remember to open the required ports on the firewall to allow the servers to communicate fully with each other. Centralized deployment of Aternity on-premise Distributed Topology of Aternity on-premise Deploy Aternity with a distributed topology if you want to add extra security to the Aternity Database Server, or locate it at a different site from the rest of the Aternity servers. The Database Server contains the historical data of your devices' performance, as well as all Aternity's system settings and its user details. We strongly recommend to secure the connection between monitored devices and the Aggregation Servers with HTTPS. Learn more on configuring HTTPS for monitored devices. As with other topologies, the Management Server, Data Warehouse Server, and Dashboard Server must connect to each other over a very fast network connection (at least 10Gbps). If a firewall sits between two Aternity servers, remember to open the required ports on the firewall to allow the servers to communicate fully with each other. Distributed Topology of Aternity on-premise Local Topology of Aternity on-premise The local topology for Aternity is the simplest and most secure, placing all the servers inside the same secured zone on the network. Local deployment of Aternity on-premise However, it requires that monitored devices can only report their performance when they are inside the enterprise network (on-site or via VPN). If you want devices to report their performance when they are not connected to the enterprise network, you must place your Aggregation Servers in the DMZ (using either the centralized or distributed topology). Open Ports Between Aternity on-premise ComponentsParent topic Plan your Deployment Strategy for Aternity on-premiseRelated tasksSecure your Aternity on-premise DeploymentRestore Aternity Database from a Backup / Disaster Recovery (DR)Related referenceChoose the Sizing and Hardware Requirements of your Aternity on-premise DeploymentChoose your Backup Strategy for Aternity on-premiseImplement Redundancy, High Availability (HA), and Failover for Aternity on-premise