Integral FailOver

(Click on images for higher definition view)

Access to the privileged accounts on a UNIX or Linux based system is an essential requirement for managing those systems.  It would not be acceptable for the super user privilege management software that is managing that access to be down.  Essential work could not be carried out.  To that end PUM is architected to provide multiple routes to all resources.

PUM physical architectureAll PUM Users log into a PUM Access Server to validate their proposed access via a Session to a privileged Account on a Managed Server.  Provided that multiple Access Servers are provided, and more than one of these Access Servers is applied to each Session, then there will always be an alternative route through to the Accounts on the Managed Servers if one of the Access Servers goes down.

In the same way, it is important that more than a single Audit Server is specified.  An Access Server or PUM Database Server must be able to audit PUM activity or it will not allow privileged access to take place.  Each Access Server and the Database Server may only send their audit trails to a single Audit Server at any one time, but by assigning a second (or more) Audit Server to each Access Server/Database Server, we provide for automatic failover in the event that the primary Audit Server is down.

So provided that a minimum of two Access Servers and two Audit Servers are specified, privileged access using PUM will not grind to a halt just because a single server goes down.

For the same reason, it is good practice to make sure that the PUM Database resides on a redundant database server and that there is more than a single web application server for the PUMAdmin and PUMClient applications.