Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
phlrnnr
Advisor

Identity Collector sending to cluster best practice

I'm working on standing up some new Identity collector servers.  What is the best practice for sending identity info from the IDC to the firewall cluster? 

Options

1. Configure 1 gateway per cluster with the VIP of the cluster.  If this is correct, does the primary member share the identity information with the secondary member?

2. Configure an entry for each member of the cluster. (eg, a 2 member cluster would have 2 gateways configured).  This assumes that the cluster members don't automatically share identity information.

Which option is correct, or is there a different way I should configure this?

Thanks!

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

First option seems most reasonable and yes the information is synced.