Secure Mobile Access 12.4 CMS Administration Guide

Choosing a Deployment Model

Before you set up your equipment, you need to choose a deployment model that meets your organization's needs. There are several ways you can set up the network hierarchy of your GTO deployment.

SMA Appliances Located in One Data Center

This model is typically employed by mid-sized organizations with major operations in a single location. All their SMA appliances are located in the organization's primary data center. Users have a single GTO service name (such as access.example.com) to access the network.

GTO eliminates the need for a load balancer in the data center for VPN traffic. User connections are automatically directed to an available appliance in the data center. The CMS and SMA appliances are all located in the data center. If any one of the appliances fails, the CMS detects the failure, and GTO automatically redirects the VPN connections to another appliance.

SMA Appliances Geo-Distributed across Multiple Data Centers

This model is typically employed by mid-sized organizations with operations in more than one geographic location, and their SMA appliances are located in different geographic locations. For example, an organization deploys two SMA appliances, one located in their New York City data center and the second appliance located in their London branch office. The employees in the Americas connect to the appliance in New York City, while the employees in Europe connect to the appliance in London.

The CMS and one of their SMA appliances is located in New York City. The other SMA appliance is located in London and is also managed by the CMS. All the employees in the Americas and in Europe use a single service name: access.example.com, which directs all connections to an available and proximate appliance.

Mixed Mode

This model is typically employed by larger sized organizations with a global workforce. Their SMA appliances are located in multiple geographic locations, and they may have more than one SMA appliance in the data center. For example, an organization has six SMA appliances: three in New York City, two in London, and one in Tokyo. Employees globally use the same service name: access.example.com.

GTO automatically directs connections from employees in the Americas to the SMA appliances in New York City, connections from employees in Europe to the SMA appliances in London, and connections from employees in Asia to the SMA appliance in Tokyo. GTO eliminates the need for a global traffic manager or load balancer in the data center.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.