Configuring Transparent HA Mode Parent topic

You can open the Deployment Wizard screen after the appliance is configured and modify deployment mode settings for Transparent HA deployments. Transparent HA mode is a two-node solution. Perform the following procedure on each node.
As part of the configuration, you can enable LACP and use trunked interfaces for data ingress and data egress. To deploy LACP link aggregation for Transparent HA mode, the appliance must be equipped with two bypass cards. You must configure the connected switches with the corresponding LACP configuration.
Important
Important
Configuration and policy settings are synchronized between the two Deep Discovery Web Inspector HA nodes. This synchronization is not implemented by the Deep Discovery Web Inspector itself, but by the Deep Discovery Director appliance to which the Deep Discovery Web Inspector nodes are registered. The synchronization is accomplished by configuring the Deep Discovery Director synchronization scheduling task.
Therefore, to implement a Transparent HA mode deployment, you must integrate and register each of the Deep Discovery Web Inspector HA nodes to Deep Discovery Director.
Note
Note
You can exit the Deployment Wizard at any time by clicking on another menu item in the management console. If you exit the wizard before finishing the configuration process, all data entered will be lost.
If you are performing the initial deployment, see Deployment.

Procedure

  1. Go to AdministrationDeployment Wizard.
    The Welcome page opens.
  2. In the Deployment Mode section, select Transparent HA.
  3. Click Next.
  4. In the Working Mode Settings page, specify the following:
    Option
    Description
    HTTP port
    Scan for HTTP traffic on this port. Default is 80.
    HTTPS port
    Scan for HTTPS traffic on this port. Default is 443.
  5. Click Next.
  6. In the Network page, specify the following details:
    Option
    Description
    Host name
    Specify a host name.
    Primary DNS server
    Specify the IP address of the DNS server. This is a required setting.
    Secondary DNS server
    Optionally, specify the IP address for a secondary DNS server.
    Enable LACP
    Select if using LACP to aggregate network bandwidth.
    Interfaces eth4/eth6 and eth5/eth7 will be teamed to become team0 and team1 respectively.
    Note
    Note
    This field is visible only the appliance is equipped with two bypass cards. The eth4-eth7 ports must be connected to a switch with LACP enabled. Additionally, the switch ports connected to eth4/eth6 must be teamed and the switch ports connected to eth5/eth7 must be teamed.
    LACP bond interface
    This option is visible only if LACP is enabled.
    A read-only field, preset to eth4/eth5/eth6/eth7.
    Data ingress / egress interface
    This is a read-only field and is pre-set.
    • LACP not enabled: Field is pre-set to eth4/eth5
    • LACP enabled: Field is pre-set to team0/team1
    Data interface
    This is a read-only field and is pre-set to br0.
    Enable VLAN ID
    Select whether to enable the VLAN tag for the data interface and enter the VLAN ID number (1-4094).
    IPv4 address, IPv4 mask, and IPv4 gateway
    Specify the IPv4 network settings for the br0 data interface.
    Management interface
    This is a read-only field and is pre-set to eth0.
    Mode
    This is a read-only field and is pre-set to static.
    IPv4 address, IPv4 mask, and Default IPv4 gateway
    Specify the IPv4 network settings for the management interface.
  7. Click Next.
    The Time page opens.
  8. In the Time section, configure the time and location settings for the Deep Discovery Web Inspector appliance.
    Option
    Description
    NTP server
    Enter the NTP server IP address.
    System time zone
    Set the appropriate time zone by selecting the location closest to the Deep Discovery Web Inspector appliance.
    Optionally, instead of selecting a location, you can select Etc and then choose the offset that matches the location closest to the Deep Discovery Web Inspector appliance.
  9. Click Next.
    The Summary page opens.
  10. Review and verify the settings and then perform the appropriate action:
    1. If the settings are not as desired, click on Previous and modify settings as required.
    2. If the settings are verified, click on Done to save the configuration.
      Note
      Note
      After you click Done, a dialog box opens asking if you want to reboot the appliance. After you click OK, the connection to the appliance disconnects and the appliance reboots. After the appliance restarts, the Log On page is displayed.
      If you do not want to reboot, you can click Cancel instead of OK. If you click Cancel, the Summary page reopens.
    Important
    Important
    If you exit the wizard before saving settings, the configuration is not saved.

What to do next

Configure synchronization between the two Deep Discovery Web Inspector nodes on the Deep Discovery Director appliance to which Deep Discovery Web Inspector is registered. The synchronization is accomplished by configuring the Deep Discovery Director synchronization scheduling task.
Please refer to the Deep Discovery Director documentation for procedures about configuring synchronization.
Important
Important
  1. Synchronization supports the replication of the following configuration list:
    Dashboard
    Detections
    Policy
    Alerts/Reports
    Component updates
    System settings
    Active Directory Services
    Virtual Analyzer
    Integrated Products/Services
    Product Updates
    System Maintenance
    Accounts/Contacts
    Audit Log/
    License
    Help…
  2. This type of task does not support periodic tasks.
  3. This type of task does not support synchronization between two Deep Discovery Web Inspector appliances. It only support synchronization from one Deep Discovery Web Inspector appliance to another Deep Discovery Web Inspector appliance.