Secure Mobile Access 12.4 CMS Administration Guide

Global High Availability Versus HA Pair

Global Traffic Optimizer (GTO) with Global High Availability (Global HA) is a new solution for SMA 12.4 and later that facilitates high availability and disaster recovery for SMA products.

The High Availability (HA) Pair product is not supported after SMA version 11.4.

The following table compares the features of an HA Pair with the features of GTO with Global HA.

Comparison of HA Pair and GTO with Global HA
HA PairGTO with Global HA
High availability modelActive-StandbyAll appliances in the cluster are active.
Number of appliances in HA clusterAlways 22 to 100
Licensing modelTwo separate appliance-based license filesCMS-based pooled user license obtained from the License Manager Service
Location of appliancesAppliances must be in a single data center less than 3 feet apart.Globally distributed locations
SMA appliances supported

All physical appliances.

Virtual appliances are notsupported.

All SMA physical and virtual appliances are supported.
Virtual infrastructureNot needed


CMS is a virtual machine and must be hosted on virtual infrastructure (VMWare ESX/i, Microsoft Hyper-V, AWS, Azure, or KVM)

Mix of appliancesBoth appliances in the HA Pair must be identical (for example two SMA EX-7200s)The cluster can have any combination of physical and virtual SMA appliances.
Release versions supported

SMA 10.7.2 and 11.4.0

Not supported after 11.4.0 support expires

SMA 12.1 and higher

No plans to back port to 11.4

End of LifeApril 2019 (3 years after release of 11.4)This is the next generation of SMA HA
Disaster RecoveryNot Supported. Appliances in an HA Pair must be in the same data center.


Appliances in the cluster can be globally distributed.

Redirection modelUses a VIP

DNS-based redirection

Requires customers to configure DNS for Global Traffic Optimizer.

Session restorationSession is automatically restored on the paired appliance.VPN reconnection and session restoration is supported with Global HA in SMA 12.4.
Data persistence

Personal Bookmarks, Local User accounts, Device Registration.

Per-app VPN data persists across a failover.

User lock out persists across a failover.

Personal bookmarks, Local User accounts, Device Registration, per-application VPN data, and user lockouts are supported with Global HA in SMA 12.4.
Single Points of FailureHA Pair is installed in one datacenter which is susceptible to power, network or other disasters

CMS server failure.

A CMS outage for a few minutes has little or no adverse affect on HA.

CMS is a virtual appliance and relies on the HA model of the IT department for it virtual infrastructure.

CMS has a relatively low MTTR if a full clone is instantiated or the HA Cluster model is used.

License Manager Service.

CMS queries the License Manager every 24 hours and continues to operate for 30 days without access to the License Manager.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.