Security

Looking on some info on how multiple insight enabled clearpass cluster member interact.

So for each clearpass cluster member you vcan enable insight and then define 1 as an insight master.

On our production cluster I have defined insight on 2 cluster members and then defined which one of them is the insight master.

Been looking for any info on interaction between these two defined insight servers.

In our cluster the i master lives on a dedicated server runnnig ESX with its own hard disk storage. Occasinally we might have to take the server down for system patching disk replacement etc

In this case, what happens to the data from other server nodes that would normally be sent to insight ?

Does it go to the master which then replciated it to the othe insight enabled servers ?

Do each of the cluster nodes send data to each insight defined server ?

If the master insight server is down for 30 mins,60 mins .... is data queued up on the other cluster nodes till it comes back ?

Rgds

Alex

https://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/Does-Insight-need-to-be-enabled-all-the-nodes-in-the-cluster/ta-p/258350

Insight Reports, Alerts, and Administration settings can be configured on a Master Insight node only. To be able to generate a report, enabling the node as an Insight Master (even in a single-node cluster) is mandatory.

If master insight enabled server  is down still netevent data will be sent to other insight enabled server. If you want to configure alerts,reports then you need to enable master insight on second server, if primary master insight server is down for longer period.