File Share Encryption

Hello Encryptors,

I am not sure but I think the latest version of Universal server (3.2.0 MP3, Build 2317) still doesn't have a real failover to the second cluster node?

If not, when will this feature be available?

I've read some earlier posts which offered real failover for version 3.x.

I suppose there is no other possibility for an automatic failover except load balancing at this time?

thx.

As universal server admin guide states:

The benefits of clustering include lower overhead (spreading the system load between the PGP Universal Servers in the cluster means greater throughput) and the ability for email services to continue working even if one of the servers in the cluster goes down.

Source, should have a read:

http://www.symantec.com/business/support/index?page=content&id=DOC4564&actp=search&viewlocale=en_US&searchid=1326228132893

This is also a good read:

http://www.symantec.com/business/support/index?page=content&id=TECH149975&actp=search&viewlocale=en_US&searchid=1326227450175

In fact: If I shutdown the primary PGP universal server key management functionality is not possible.

The secondary node says that the primary is down. (marked as yellow)

Perhaps I forgot something?

If you configure your clients to use a PGP Keyserver the seconday server, they should go there and look up for the keys.

there a written procedure for that?

which server do they enroll with in this case?

can users still enroll with the second server if the primary fails?

if understand this right:

there could be only one keyserver, the second failover server is for data intergiry and clients wont enroll , secondly to get it for failover I need F5 BIG-IP

at least that what i understood from Admin guide

To configure keyserver, go to desktop, options, keyservers...

In universal, go to services, keyserver.

If you download customized client from secondary server, users will enroll to that server.

in this scenario, both servers are keyservers

in scenario of one keyserver and the second is only failover, clients are not able to enroll but receave policy and I able to get WDRT for all the users, correct me if i am wrong, and if both keyserver in case one goes down i should able to enroll, so the difference is whatever i can create new users or not?

okay guys...

I am well known with HA features.

So indeed if I download the Client from the secondary PGP server and deploy users can download there keys from this machine.

But in case of a server downtime I don't want to exchange the client on our client machines. This is not HA. This is manually switching the host. ;-)

So I don't understand why it is so difficult to implement a second PGP universal server into the client. like for NTP, DNS, etc. it's all the same.

I agree with you. This should be implemented easily and it will increment Universal features for production and high availability.

I would ask you to create a new case  so we can send this feature request to Developement team.

Contact Technical Support at (800) 342-0652 or submit your case online at https://mysupport.symantec.com

hehe... creating a support case failed with an error. ;-)

I'll try it tomorrow.