Skip to content

Best Practices

Recommended best practices for effective management of a cluster:

  1. Perform all HySecure administration from the Active node in the cluster.
  2. Ensure NTP is configured and running on every node in the cluster.
  3. Make sure to create any additional host file entries on all nodes, as these entries do not sync among the nodes.
  4. To verify the logs, log in as a certificate user on the Active or Standby gateway and check the logs.
  5. Always reboot or shut down the gateway from the management console or OS console.
  6. Ensure that all maintenance activities, such as HySecure upgrade and failover, must be performed within a 2-hour maintenance window. It is recommended to carry out these activities during off-peak hours.
  7. Do not change the ping settings on the default gateway.
  8. Nodes in the cluster must not have any firewall between them and should be installed within the same subnet.
  9. Take regular configuration backups by running a User Backup. Also, take a System Backup for all certificate backups.
  10. Set up alerts for resource usage, including RAM and disk.
  11. Use the latest TLS protocols for the HySecure gateway.
  12. Configure log archival to optimize disk usage.
  13. Enable HyID policies to ensure all users logging into HySecure gateways are secured by MFA.
  14. Enable Device ID policies to allow login to the HySecure gateway only from authenticated devices.
  15. Enable Endpoint Security policies to ensure users log in from secure devices.
  16. Configure Stale user management to revoke policies and authorization for disabled/removed users from a configured authentication server.
  17. Ensure the HySecure gateway is always configured in high-availability mode.