Secure Mobile Access 12.4 CMS Administration Guide

Overview

This section is an introduction to the SonicWall™ Central Management Server (CMS) with Global High Availability (Global HA) and provides important concepts associated with it. CMS is an add-on product for managing multiple Secure Mobile Access (SMA) VPN appliances. It gives customers with multiple appliances a single administrative user interface from where they can manage all their VPN appliances. CMS is a virtual machine that interacts with the managed SMA appliances. CMS reduces the total cost of operation and simplifies the management of multiple VPN appliances for organizations.

Global HA enables SMA appliances to scale performance by deploying multiple appliances under the same service name (e.g. access.example.com). Global HA eliminates a single point of failure and provides resilience whether customers deploy 2 SMA appliances in the same data center or clusters of up to 100 physical and virtual appliances across multiple data centers around the globe. A distributed data store shares user session state and licensing information across the mesh network of SMA appliances in an active-active cluster. This allows for session persistence across data centers. In the event of a fail-over, users get connected to another appliance in the service. Their experience is frictionless and productivity is not impacted. The distributed data store also allows for central user licenses to be shared across appliances and data centers.

SMA appliances in the Global HA mesh must be able to communicate with each other via their external interface IP addresses or internet-routable IP addresses to facilitate sharing of information in the distributed data store.

The VPN administrator uses the Central Management Console (CMC) of the CMS to manage all the VPN appliances regardless of location. CMS and managed appliances are closely integrated through native communications secured with TLS.

The CMS is a virtual machine, requiring no dedicated appliance or hardware, and provides the following features:

  • A single dashboard for managing a distributed VPN infrastructure.
  • Simplified license management with a centralized license that eliminates the need for separate appliance licenses. Licenses are shared by appliances.
  • Central Management Console (CMC) to configure, maintain, and monitor appliances.
  • Reduced Total Cost of Operation (TCO) of the VPN infrastructure.
  • Reduced operator errors associated with managing multiple appliances that may be in different data centers.
  • Centralized alerts via the console dashboard and SNMP traps.
  • Global High Availability that is enabled with the Global Traffic Optimizer (GTO) service.

This dashboard view in the CMC gives the administrator a summarized view of all managed appliances.

Administrators can apply a common configuration to managed appliances from the CMC. Consolidated monitoring and reporting gives the administrator an overview of all the appliances that are being managed.

An administrator can click on a single appliance in the CMC to launch the Appliance Management Console (AMC) for that appliance because of a single-sign on system.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.