1.Locate VAs close to sources
2.Restarting the VA cluster is almost always the best first action to resolve problems with a VA
3.Use Static IP addresses to simplify networking setup and monitoring
4.To avoid a single point of failure in your environment, maintain a 1:1 VA-to-VM ratio
5.Create New VAs to Switch Deployment Locations and Platforms
6.Allow inbound communications over SSH (port 22) secure shell access for administrative purposes so you can access the VA from inside your network
7.Deploy a minimum of 2 VAs per cluster
8.Separate Sandbox and Production clusters
9.Allow unrestricted outbound traffic on ports 53 (DNS), 123 (NTP), and 443 (HTTPS). As an alternative, you can set up a proxy or single point of access. (Network proxy, firewalls, and caching products can interfere with VA communications)
10.Optional: for added security within your network, configure VAs to communicate with connected sources over Transport Layer Security (TLS)
No comments:
Post a Comment