Failover Dynamics and Options with Bomgar Privileged Access

Bomgar failover enables synchronization of data between two peer appliances, creating a simplified process for secure swap from a failed appliance. Two appliances host the same installed software package for a single site. You can check this from the /login admin web interface. If the Product Version and Product Build match, the same site software package is installed. DNS directs support traffic of the site to one of these peer appliances, the primary appliance, where all settings are configured. The backup appliance synchronizes with the primary, according to your settings configured in the /login interface.

This document describes how to use a second Bomgar PA Appliance as a backup and failover device for a PA site and how to switch operations to the backup appliance in a disaster recovery situation. There are three network configuration methods available with PA failover for redirecting network traffic so that your support site remains available:

  1. Shared IP
  2. DNS Swing
  3. NAT Swing

Configuration details regarding each of these methods follow in this document, and detailed failover steps are also covered. Your Bomgar PA Appliances have a peer relationship, so implementing the Shared IP failover configuration with automatic data synchronization enabled is recommended. Both appliances must be on the same IP subnet to support Shared IP failover; therefore, it may be necessary to use DNS or NAT swing failover methods. Failover can be further managed and automated using the Bomgar API. The pros and cons of each option are covered in more detail later in the best practices.