TechNote: ZoneRanger Provides High Availability Option

HOME

LITERATURE

TechNotes

The Challenge

The enterprise network operations team is required to have a high availability solution for all management products. This requirement means that all components of the management framework must have a strategy to allow device management to continue even if there is a failure of an individual component.

The ZoneRanger Solution

ZoneRanger provides a high availability option wherein two ZoneRangers are configured to be redundant with each other. Redundant ZoneRangers synchronize their configurations and automatically update the other ZoneRanger when there is a configuration change.

Each ZoneRanger will automatically manage the same set of devices and report any status changes to the same Ranger Gateway residing in the secure area of the network. That Ranger Gateway will deduplicate events coming from the redundant ZoneRangers and forward only a single event to the management applications.

Proxy (SNMP, SSH, ICMP) requests from management applications through the Ranger Gateway are processed by either redundant ZoneRanger. If one ZoneRanger is unavailable, management application requests are handled by the other ZoneRanger, unbeknownst to the application itself.

Thus, ZoneRanger redundancy provides a secure, high availability solution when actively managing devices within an untrusted network.

network diagram

How does ZoneRanger fit into your network?

Sample ZoneRanger Network Diagrams
Does ZoneRanger Work with Your Network Apps?

What others are saying...

"Tavve has developed the ZoneRanger product, in order to enable companies to leverage their centralized management infrastructure across firewall-partitioned networks, while mitigating risks associated with management protocols."
Tavve: ZoneRanger
Subraya Mallya
PrudentCloud.com

"Without a more secure approach to managing the protocols and tools that manage the network - including the 'trusted' internal network - enterprises may be exposing themselves to more risk than they realize."

Scott Crawford, CISSP, ISSAP, ISSMP
Senior Analyst, Enterprise Management Associates

"ZoneRanger effectively extends the reach of management applications to devices located beyond firewalls, eliminating the need for complicated firewall configurations, extensive agent deployments, or expensive application replication. ZoneRanger also provides security, acting as an application layer proxy firewall, inspecting and validating the traffic relayed between applications and devices."

Jim Doble, CISSP
CTO, Tavve