Overview

This section is an introduction to the SonicWall™ Central Management Server (CMS) with Global High Availability (Global HA) and provides important concepts associated with it. CMS is an add-on product for managing multiple Secure Mobile Access (SMA) VPN appliances. It gives customers with multiple appliances a single administrative user interface from where they can manage all their VPN appliances. CMS is a virtual machine that interacts with the managed SMA appliances. CMS reduces the total cost of operation and simplifies the management of multiple VPN appliances for organizations.

Global HA enables SMA appliances to scale performance by deploying multiple appliances under the same service name (e.g. access.example.com). Global HA eliminates a single point of failure and provides resilience whether customers deploy 2 SMA appliances in the same data center or across multiple data centers around the globe. A distributed data store shares user session state and licensing information across the mesh network of SMA appliances in an active-active cluster. This allows for session persistence across data centers. In the event of a fail-over, users get connected to another appliance in the service. Their experience is frictionless and productivity is not impacted. The distributed data store also allows for central user licenses to be shared across appliances and data centers.

SMA appliances in the Global HA mesh must be able to communicate with each other via their external interface IP addresses, Internal interface IP addressess or Pool IP addresses to facilitate sharing of information in the distributed data store.

The VPN administrator uses the Central Management Console (CMC) of the CMS to manage all the VPN appliances regardless of location. CMS and managed appliances are closely integrated through native communications secured with TLS.

The CMS is a virtual machine, requiring no dedicated appliance or hardware, and provides the following features:

• A single dashboard for managing a distributed VPN infrastructure.
• Simplified license management with a centralized license that eliminates the need for separate appliance licenses. The license is shared by appliances.
• Central Management Console (CMC) to configure, maintain, and monitor appliances.
• Reduced Total Cost of Operation (TCO) of the VPN infrastructure.
• Reduced operator errors associated with managing multiple appliances that may be in different data centers.
• Centralized alerts via the console dashboard and SNMP traps.
• Global High Availability that is enabled with the Global Traffic Optimizer (GTO) service.

This dashboard view in the CMC gives the administrator a summarized view of all managed appliances.

Administrators can apply a common configuration to managed appliances from the CMC. Consolidated monitoring and reporting gives the administrator an overview of all the appliances that are being managed.

An administrator can click on a single appliance in the CMC to launch the Appliance Management Console (AMC) for that appliance because of a single-sign on system.