Primary-DR environment

This topic describes the Primary-DR environment.

Overview

The standard CyberArk Privileged Access Manager architecture consists of a Primary Vault, Disaster Recovery Vault, PVWA, CPM, PSM and PTA. The components by default will communicate to the primary standalone Vault.

The DR Vault acts as a standby replica of the primary Vault and is available to take its place when the Primary Vault is unavailable, allowing for business continuity.

 

The DR Vault is responsible for four major recovery tasks:

  • Failover Check – Checks that the Production Vault is up and running. The network availability check is carried out using ICMP echo protocol (“Ping”) from the Disaster Recovery Vault.

     

    In an automatic failover configuration, a network failover (loss of communication between the Primary Vault and the DR Vault while the Primary Vault is still up and running) may cause the DR Vault to start automatically even though it is not a Disaster Recovery situation.

  • Data Replication – Replicates the external files (Safe files and Safe folders) from the CyberArk Primary Vault to the DR Vault.

  • Metadata Replication – Replicates the metadata files based on a full backup and incremental backups. Metadata replication from the Primary Vault to the DR Vault occurs at the completion of each event.

  • Failover Process – If the Primary Vault is down or the Production site is unavailable, meaning that there is no network connection between the two servers, a Failover is performed on the DR Vault.

The recovery tasks can be modified and customized using the PADR.ini file.

 

The parameter file, DBParm.ini, and other .ini files are not replicated due to optional hardware changes and different Vault configurations.

In the event the Primary Vault goes down, the DR Vault (which is continuously replicating and checking the status of the Primary Vault), automatically stops replication and becomes an active Vault capable of allowing components to communicate with it. The components are continuously checking the status of the Primary Vault and, in the event that it goes down, the components will connect to the DR Vault and continue to function normally.

The failover procedure for each component during the event of a Primary Vault failure in the standard architecture is described below:

  • PVWAs will automatically begin searching for another active Vault per the configuration in their local Vault.ini configuration file. Existing PVWA sessions will be dropped. Once the DR Vault has activated and the PVWA has connected to it, PVWA functionality will resume for end users.

  • CPMs are not configured for automatic failover per CyberArk best practices. During a recovery scenario, administrators can manually enable the CPMs to work with the activated DR Vault during the outage.

  • PSMs will automatically begin searching for another active Vault per the configuration in their local Vault.ini configuration file. Existing PSM sessions will continue to function during this time. Once the DR Vault has activated and the PSM has connected to it, PSM functionality will resume for end users.

  • PTA will automatically begin searching for another active Vault per the configuration in their local Vault.ini configuration file. Once the DR Vault has been activated and the PTA has connected to it, normal PTA functionality will resume. PTA has a DR instance that is only activated in the event that the primary PTA becomes unavailable.