Webinar: Access Server Clustering: Maximize Access Server's Uptime and Cost Efficiency

Horizontal Scalability: Adding additional nodes to an Access Server cluster is far simpler than performing an upgrade to a new, more powerful server. This horizontal scaling allows for incremental growth by integrating more nodes as needed without major disruptions or costly hardware overhauls. As demand increases, expanding the cluster to handle the load becomes a straightforward process.

Elimination of Single Points of Failure: A cluster architecture mitigates the risk of single points of failure. In the event one server node goes offline, clients are automatically reconnected to another active node in the cluster. This seamless transition happens without requiring new credentials or creating a new session, enhancing the user experience and ensuring uninterrupted service.

Higher Performance and Cost Efficiency: Deploying multiple nodes across different geographic locations enables the distribution of VPN clients closer to their workforces. This reduces latency and optimizes performance. Additionally, the use of lower-powered hardware nodes can contribute to significant savings in Infrastructure-as-a-Service (IaaS) costs compared to relying solely on a single, high-powered server.

Single Address for Connection: A key feature of clustering is the use of a single connection profile. Users only need one VPN profile to connect, similar to the secure internet access case. This simplifies the configuration process for users and reduces the overhead of managing multiple connection profiles. It is crucial, however, to ensure that all cluster nodes are running the same version of Access Server to maintain compatibility and avoid issues.

Centralized Management and Data Inheritance: When creating a cluster, the first Access Server acts as the master dataset, centralizing configuration and data. Additional Access Servers that join the cluster inherit settings from this centralized database, allowing for consistent configurations across all nodes. This setup streamlines the deployment process and ensures uniformity throughout the cluster.

Isolated Client Subnets for Security: Each node in the cluster is assigned its own VPN client subnet. This means that VPN clients connected to one node (e.g., Node A) cannot directly access VPN clients connected to another node (e.g., Node B). This isolation enhances security by limiting internal network visibility and preventing cross-node communication.

Load Balancing Considerations: While DNS load balancing can be used, it is not recommended to use a load balancer in front of the cluster. Load balancers may introduce latency or interfere with session persistence. Instead, leveraging the built-in DNS capabilities of Access Server ensures a more stable and responsive connection experience for users.

Connection Limits and Resource Management: Setting a local connection limit on each node helps to manage resource utilization effectively. By restricting the number of shared connections, administrators can prevent any single node from being overwhelmed, maintaining consistent performance across the entire cluster.