Skip to content

Best Practices

Recommended best practices for effective management of cluster:

  1. Perform all HySecure administration from the Active node in the cluster.
  2. Ensure every node in the cluster NTP is configured and running.
  3. Make sure to create any additional host file entries on all nodes as these entries do not sync among the nodes.
  4. To verify the logs, you must log in as a certificate user on the Active or Standby gateway and check the log.
  5. Always reboot or shut down the gateway from the management console or OS console.
  6. Ensure that all maintenance activities, such as HySecure upgrade and failover, must be performed within a 2-hour maintenance window. It is recommended to carry out these activities during off-peak hours.
  7. Do not change the ping settings on the default gateway.
  8. Nodes in the cluster must not have any firewall between them and should be installed within the same subnet.
  9. Take regular backups of configuration by taking User Backup. Also, take System Backup for all certificate backups.
  10. Set up alerts for resource usage, including RAM and disk.
  11. Use the latest TLS protocols for the HySecure gateway.
  12. Configure log archival for optimum disk consumption.
  13. Enable HyID policies to ensure all login into HySecure gateways are secured by MFA.
  14. Enable Device ID policies to allow login into the HySecure gateway through authenticated devices only.
  15. Enable Endpoint Security policies to ensure users log in from secure devices.
  16. Configure Stale user management to revoke policies and authorization for disabled/removed users from a configured authentication server.
  17. Ensure that the HySecure gateway is always configured in high availability mode.