Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
2 ISA2006 EE Arrays stretched over 2 datacenters
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
2 ISA2006 EE Arrays stretched over 2 datacenters - 6.Mar.2007 2:33:12 AM
|
|
|
enricoklein
Posts: 49
Joined: 8.Mar.2005
From: netherlands
Status: offline
|
Hi all,
we're going to build a new environment stretched over 2 datacenters. The environment will be used for Application Hosting. ISA 2006 will be the back-end firewall behind a redundant Fortigate firewall.
I am looking for some best practices for this kind of scenarios. We will have 2 ISA 2006 servers in each datacenter and an internet feed and backbone servers and SAN on both datacenters. These ISA servers will only be used as back-end firewalls. We will setup seperate ISA's as proxy servers.
*Should I put the Configuration Storage on a seperate server, or could I put it on one of the ISA Array members?
*Should I leave logging databases on ISA or move them to seperate SQL server?
*Can I actually put 4 members in 1 Array?
Thanks in advance!
Sincerely,
Enrico Klein
Netherlands
< Message edited by enricoklein -- 6.Mar.2007 2:37:30 AM >
|
|
|
|
|
RE: 2 ISA2006 EE Arrays stretched over 2 datacenters - 7.Mar.2007 10:24:30 AM
|
|
|
redparadox
Posts: 28
Joined: 31.Aug.2006
Status: offline
|
Enrico -
I have a somewhat similiar configuration with our outbound proxy servers. We have two datacenters separated by approximately 20 miles. Each datacenter has a separate internet feed, but they both share a common corporate network backbone.
In answers to your questions.
1) Should I put the CSS on a separate server or one of the ISA Array members?
My recommendation would be to install on a separate server along with an alternate. The CSS is not very resource intensive (basically just an instance of ADAM).
2) Should I leave logging databse on ISA or move to separate SQL?
This is somewhat a question of performance and the amount of traffic you will be logging. For performance reasons, I left logging on the individual servers.
3) Can I put 4 members in an array?
The answer to that one is yes. I can say that one with much certainty.
Good luck...
|
|
|
|
|
RE: 2 ISA2006 EE Arrays stretched over 2 datacenters - 25.May2007 7:55:39 PM
|
|
|
Jason Jones
Posts: 2251
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
|
Good answers!
Don't put the CSS on ISA, especially if you plan to use NLB! Ideally the CSS should be on dedicated servers on an ISA protected network.
I like file logging too, as best for performance, but you lose centralised reporting and if you lose a server, you potentially lose the logs. SQL is good for management, but it is amazing how quick the logs can grow. An example I have is 2GB per day for a simple web proxy pair for 3000 users. Web browsing via proxy generates LOADS of log entries due to the way HTTP works.
Also note that ISA arrays are 'subnet bound' e,g, you will need the same subnet at each datacentre (stretched VLAN) to place servers in the same array. If you have different subnets at each datacentre, you will need two arrays, each with two members.
Some good info can be found here: http://www.microsoft.com/isaserver/techinfo/guides-articles.mspx
Cheers
JJ
< Message edited by Jason Jones -- 25.May2007 8:10:10 PM >
_____________________________
Jason Jones (MVP)
Silversands Limited http://www.silversands.co.uk
My Blog: http://blog.msfirewall.org.uk/
Get our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: 2 ISA2006 EE Arrays stretched over 2 datacenters - 17.Sep.2008 3:47:57 AM
|
|
|
enricoklein
Posts: 49
Joined: 8.Mar.2005
From: netherlands
Status: offline
|
I just came around this old post of mine, and I noticed that I never thanked you guys for your good answers!
So consider this a 'thank you!' :)
Best regards,
Enrico
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
