About cluster architecture and High Availability (RSP, HA)

  • 1 minute(s) read
Prev Next

This document describes the cluster architecture employed by Segura, highlighting the main components and mechanisms that ensure high availability, resilience, and scalability of the privileged access environment. The cluster architecture is essential to guarantee continuous and secure platform operation, even in cases of failures, maintenance, or increased demand.

Cluster architecture overview

Segura employs a cluster-based architecture to ensure high availability, operational resilience, and horizontal scalability. Each cluster consists of multiple Remote Session Proxy (RSP) nodes that act as access points for privileged sessions, balancing load among themselves and enabling transparent failover in case a node fails.

  • RSP Cluster: A set of servers responsible for routing, proxying, and controlling privileged sessions.
  • Nodes: Each node handles connections, authenticates users, enforces policies, and logs session activities.
  • Centralized management: Configuration and orchestration of nodes are performed through a central console, with automatic replication of parameters and policies across all cluster members.

Native high availability (HA)

  • Session distribution: Load balancing among cluster nodes occurs automatically using internal algorithms or integrating third-party load balancers such as F5, HAProxy, and cloud-native load balancers.
  • Transparent failover: If a node becomes unavailable, its active sessions are automatically redistributed to healthy nodes without manual intervention or impact on end users.
  • Real-time synchronization: Configurations, tokens, policies, and audit data are continuously synchronized across all nodes, ensuring consistency and continuity even after failures or restarts.

Benefits of cluster architecture

  • Horizontal scalability: Enables adding or removing nodes according to demand, adjusting processing and access capacity.
  • Operational resilience: Reduces single points of failure (SPOF) and ensures uninterrupted operations during planned maintenance or unexpected failures.
  • Security and compliance: All events, commands, and accesses are logged and audited in a distributed manner, fulfilling regulatory and audit requirements.