Business continuity

Use high availability with U-Series Appliances

High availability (HA) is designed to work in an active / passive configuration. At any time, one of your two servers has the role of the active node, while the other is the passive node. When the passive server detects that the active server has failed, then the passive is promoted to active, and the active is demoted. Setting up high availability for your appliances involves the following steps using the High Availability wizard:

• Configuring pairing between your primary appliance and a secondary remote partner appliance.
• Enabling pairing between partner appliances, which overwrites the database on the secondary partner with the primary partner's database.
• Managing the high availability partnership settings and operations once configured and enabled.

Configure high availability using the wizard

To configure high availability for your appliances using the wizard, follow the below steps:

1. Log in to the U-Series Appliance website on the primary server.
2. From the left sidebar, under Business Continuity, click High Availability.
3. Select the remote appliance you want to pair your primary appliance with from the grid. If you need to register a new appliance:
   • Click the go to Appliance API Keys link above the grid.
   • Select the Register Remote Appliance tab.
   • Paste in the full encrypted registration code value obtained from the remote appliance and provide a description.
   • Click Register Remote Appliance.
   • The appliance is now listed in the grid for you to select as a pairing partner.+
4. The pairing process begins and the status of each step involved in the process displays on the screen. Click Next once all steps are successful, as indicated by green check marks.
5. On the Partner Configuration Complete screen, click Next to continue with configuring the settings for the pairing. Alternatively, click Reset if you must reverse the pairing and start over.
6. On the Pairing Settings screen, we recommend keeping the default settings. Click Next.

ℹ️

Note

If the primary and secondary appliances both have SQL, click the Override Default Settings option to select pairing the databases and services, or to pair only services. If either appliance is SQL free, you can only pair services.

7. Click Set on the pop-up message to enable the pairing between partners. This overwrites the database on the secondary appliance with the primary appliance's database.
8. The Synchronization and Activation screen displays indicating the status of each step involved in this process. Click Next once all steps are successful, as indicated by green check marks.
9. On the Pairing Complete screen, click Next.
10. You are taken to the High Availability Status page where you can:
    • View the status of the mirroring between the appliance pairs and heartbeat details. Warning banners display at the top of the page for any of the following conditions:
      • SQL mirroring is configured and one database is not in a synchronized state.
      • The last heartbeat that failed is more recent than the last heartbeat that succeeded.
      • A heartbeat on secondary appliance is more than 4 minutes old.
    • Manage basic and advanced settings for the pairing, such as:
      • Changing the failover threshold.
      • Setting max time for contacting a partner on start up.
      • Setting how often the passive appliance emails the administrator when a failover has occurred.
      • Setting how often background settings are synced from the active to the passive partner.
    • Manage the operation of the high availability:
      • Suspend: You might want to pause mirroring if you want to perform maintenance tasks on the database server. Click Suspend to pause mirroring. A failover cannot occur when the database is in a suspended state. Click Resume to start mirroring again.
      • Swap High Availability Roles: Click this button to change the passive server to the active server. This is useful for testing high availability. Click the button again to restore the server partners to their original roles. Note that data loss can occur if databases are not synchronized.
      • Turn off High Availability: Click this button to reset the U-Series Appliances to the initial setup state and remove all high-availability configuration settings established between U-Series Appliances. You might want to do this if you want to set up new high-availability pairs.

ℹ️

Note

For more information, please see the following:

• Manage the U-Series Appliance API Key
• Configure Notifications

Use a load balancer in an active / passive configuration

When setting up an active / passive pair, you might want to configure a load balancer that acts as a DNS redirector. Configure the load balancer between two U-Series Appliances so that it can determine which U-Series Appliance is active and which is passive. The load balancer then sends the traffic to the active U-Series Appliance.

You can use the following endpoint API to configure the load balancer. Refer to your load balancer documentation to ensure that it is configured to use the endpoints.

GET https://<ApplianceAddress>/UVMInterface/api/HighAvailability

The code above returns an object with one member:

{
string Role;
}

You can set the formatting of the requested return value in the Content-Type request header.

✅

Example

To return a value in JSON format, you can specify:

Content-Type: application/json;charset=UTF-8

The available values for Role are:

• Off: High Availability is not turned on.
• Active: The U-Series Appliance is in active mode.
• Passive: The U-Series Appliance is in passive mode.

⚠️

Important

Medium Availability Mode for High Availability can no longer be configured as of release 4.1. If this was setup, it will continue to work after upgrading to release 4.1, but new deployments do not have this option.

Prepare for disaster recovery

If you are using high availability as a disaster recovery solution, review the following points as a guide to restoring roles:

• Determine if the active server has failed. Confirm the role of the live server (the primary).
• If a failure has occurred on the primary, investigate and resolve issues on the primary.
• After a failover to the disaster recovery server (the secondary), you can restore roles on the active server's website.

Verify connectivity between servers

From the High Availability Status page, verify that the communication between U-Series Appliances is active. The Mirror State should show as Synchronized. The Last Heartbeat Transmission Succeeded and the Last Heartbeat Transmission Failed are indicated under Details.

Check the database status after a failover

⚠️

Important

In all scenarios, we strongly recommend investigating the cause of the failure. We do not recommend resuming database mirroring until issues are resolved.

The following database status indicators might display after a failover:

• DISCONNECTED: Failover was catastrophic, and the server is completely unavailable or unreachable. Turn off high availability and investigate the issues with the failed server. After the failed server is cleared for use, turn on high availability and synchronize the databases.
• EXPOSED: The other server is still available and possibly still healthy, but the failover was serious or lengthy enough to disable high availability. After the failed server is cleared for use, turn on high availability and synchronize the databases.
• SUSPENDED: The interruption was of a minor or transient nature. While it might be possible to restore connectivity without disabling high availability, we recommend that you turn off high availability and investigate the issues with the server. After the failed server is cleared for use, turn on high availability and synchronize the databases. Optionally, contact BeyondTrust Technical Support to see if mirroring can be restored.

Restore roles after a failover

After a failure has been identified and resolved on a U-Series Appliance, you can restore the roles to the initial state. Log in to the U-Series Appliance, and then from the left menu, under Business Continuity, click High Availability. Then click Swap High Availability Roles.

Review database metrics

On the High Availability Status page, review information about earlier database synchronizations and the size of the current database.

You can then determine from these values how long a synchronization between servers might take.

Also, check the status of the BeyondInsight mirror state to ensure that synchronizations are occurring between the active and passive servers.

Database mirror states

Set up a cold spare U-Series Appliance

You can set up a spare U-Series Appliance that can be used as the primary U-Series Appliance if the primary needs to be taken offline. The cold spare appliance is not actively used by users in your environment. It's an appliance that runs in the background restoring backups from the primary appliance on a schedule.

Requirements

• The BeyondInsight version on the cold spare must be the same or later than the version on the source U-Series Appliance.
• We recommend that both U-Series Appliances are receiving automatic updates from BT Updater.
• The cold spare must receive updates so that it matches the source U-Series Appliance.
• For Analytics & Reporting, ensure SQL Server versions match on both U-Series Appliances.
• The source and spare U-Series Appliances must have the same name.
• If any backup schedules are active for the appliance chosen to be the cold spare, those must be deleted before you can enable the appliance as a cold spare.

ℹ️

Note

If the SQL Server database is remote, the data is not copied to the cold spare.

Configure a cold spare appliance

To set up the cold spare appliance:

1. From the left sidebar, under Business Continuity, click Cold Spare.
2. Toggle the Cold Spare is Active option to enable it.
3. Enter a temporary machine name for the cold spare appliance.
4. Enter a backup password and confirm it.
5. Select the New Backup Location option and enter the path for the restore location where you want the backup files to be saved, and optionally provide authentication credentials. Or, select the Existing Backup Location option and select an existing location from the list.
6. Specify the date, time, and frequency to configure the backup schedule.
7. Click Save Cold Spare Changes.

Configure backup and restore

Save the U-Series Appliance configuration in case of disaster recovery or if you must revert settings to a previous configuration. You can back up the U-Series Appliance immediately or schedule a backup to occur at regular intervals.

A backup contains full packages of all data for all features set up on the U-Series Appliance.

You can add multiple remote or local backup locations to use for your backups, or you can use the default local backup location already created for you in the appliance. When configuring the backup location, you can set the maximum number of backups that can be saved at that location, 0 being unlimited. The default local backup location is set to 5. When the retention number is reached, the oldest backups are deleted and removed from the database permanently.

There is no time limit for how long backups are retained. Backups are only deleted when the retention limit is reached or when they are manually deleted.

Add a backup location

By default, there is one backup location already created and available for saving backups to a local path, named LocalBackups. You can add new backup locations, which are either local or remote network shares, as follows:

1. From the left sidebar, under Business and Continuity, click Backup and Restore.
2. Select the Backup Locations tab.
3. Click Create New Location +.
4. Enter a name and the local or remote path.
5. If the remote share requires credentials, check the box for that option, and enter the credentials.
6. If the remote share is an NFS share, check the box for that option.

ℹ️

Note

We do not recommend storing backup files on an unsecured network share.

7. Enter a value in the Retention box. Retention is the number of backups saved. When the limit is reached, then older backups are deleted and removed from the database permanently.
8. Click Save Location. This process attempts to write and delete a file. If that fails, you cannot create the backup location. Upon failure, we recommend that you verify access permissions.

Schedule a backup

1. From the left sidebar, under Business Continuity, click Backup and Restore.
2. Select the Schedule a Backup tab.
3. Click the + button next to Create Backup.
4. Select Schedule Backup.
5. Enter a backup password and confirm it.
6. Select an existing backup location from the dropdown or leave the default LocalBackups location selected.
   • Alternatively, click the New Backup Location option to add a new location. New backup locations are automatically added to the list on the Backup Locations tab.

ℹ️

Note

We do not recommend storing backup files on an unsecured network share.

7. Select a Schedule Type from the dropdown and set the date, time, and frequency for the schedule.
8. Select the features to include in the backup or select All Enabled Features to include them all.

ℹ️

Note

Features that are not enabled are not included in the backup.

9. Click Save Schedule.
10. The scheduled backup is now listed in the grid on the Schedule a Backup tab, where you can click the vertical ellipsis for it, and select to edit it, deactivate it, or delete it.

Create a manual backup to run now

1. From the left sidebar, under Business Continuity, click Backup and Restore.
2. Select the Schedule a Backup tab.
3. Click the + button next to Create Backup.
4. Select + Create Backup Now.
5. Enter a backup password and confirm it.
6. Select an existing backup location from the dropdown or leave the default LocalBackups location selected.
   • Alternatively, click the New Backup Location option to add a new location. New backup locations are automatically added to the list on the Backup Locations tab.

ℹ️

Note

We do not recommend storing backup files on an unsecured network share.

7. Leave the Schedule Type as Immediate.
8. Select the features to include in the backup or select All Enabled Features to include them all.

ℹ️

Note

Features that are not enabled are not included in the backup.

9. Click Create Backup.

View the details of a backup

1. From the left sidebar, under Business Continuity, click Backup and Restore.
2. Select the Backups and Restores tab.
3. Locate the backup from the list of available backups and click the vertical ellipsis for the backup. Select View Details.
4. The Backup Details panel displays, listing all of the contents in the backup.
5. Click the folder icon in the Details column for an item in the list, to display a list of the specific contents for that item.

Contents of a backup file

What is contained in a backup file:

BeyondInsightAnalytics & Reporting

• ReportServer Database
• BeyondInsight Reporting Database
• ReportServerTempDB Database
• Cube database
• Encryption key

BeyondInsight

• BeyondInsight Database
• BeyondInsight Registry information
• Database Connection String
• Encryption Key
• System files

Event Collector

• Product registry settings

Enterprise Update Server (EUS)

• EUS Database
• EUS webconfig

U-Series Appliance

• Certificates (Client & Server)
• Roles settings
• U-Series Appliance Monitored data
• U-Series Appliance Notification data
• Performance Counters
• Log Export Database

BeyondInsight for Unix & Linux (BIUL)

• BIUL Database
• Product Configuration
• Log File
• Related product settings

BeyondTrust Auto Update:

• Proxy details
• Registration details
• Parent update server endpoint

BeyondTrust Updater

• BeyondTrust Analyzer data
• Client database
• Health check report
• Licenses
• User database
• Product related registry settings

Network Discovery Scanner

• Product Registry settings
• Certificates
• Database audits
• Application settings

Session Archiving

• Session Monitoring files

Download a backup

ℹ️

Note

Downloads greater than 4GB cannot be downloaded from a web browser. Copy downloads greater than 4GB to a network share, or use another way to download.

1. From the left sidebar, under Business Continuity, click Backup and Restore.
2. Select the Backups and Restores tab.
3. Locate the backup from the list of available backups and click the vertical ellipsis for the backup. Select Download.

Delete a backup

1. From the left sidebar, under Business Continuity, click Backup and Restore.
2. Select the Backups and Restores tab.
3. Locate the backup from the list of available backups and click the vertical ellipsis for the backup. Select Delete.This removes the backup from the list and also removes it from the current folder location.

⚠️

Important

Warning: Once a backup is deleted it cannot be undone.

Restore the U-Series Appliance from a backup

1. From the left sidebar, under Business Continuity, click Backup and Restore.
2. Select the Backups and Restores tab.
3. Search through the list of available backups and click the vertical ellipsis for the backup you wish to restore. Select Restore.
   • If the backup was taken on this U-Series Appliance, you are not prompted for a password.
   • If the backup was taken on a different U-Series Appliance, you are prompted for a password.
4. If the browser session remains open when a restore is complete, a notification displays indicating the restore process is complete.

Upgrade the U-Series Appliance Software

Upgrade the U-Series Appliance software while using high availability

There are two upgrade options available, depending on your environment:

• Active / passive upgrade
• Active / active upgrade

High availability with database and services synchronization - active / passive upgrade

Keep the following in mind when running an upgrade:

• Do not turn high availability OFF while doing upgrades.
• Any time an installer or login page for the U-Series Appliance recommends to reboot after installation, reboot before continuing.

Package dependencies

ℹ️

Note

Each new version of U-Series Appliance Management Software might require newer versions of dependent software included in the Supporting Software packages. This typically relates to newer versions of .NET and these should be updated whenever available, but before running any appliance management software updates.

• 2016 and 2022 Environment or Supporting Software packages often depend on a version of Security Update Package Installer (SUPI). It is best to upgrade SUPI to the latest version prior to upgrading the U-Series Appliance software.
• To determine the BeyondInsight upgrade path, visit the BeyondInsight release notes website: https://www.beyondtrust.com/docs/release-notes/beyondinsight-password-safe/index.htm

Start the upgrade

1. Log on to the active U-Series Appliance.
2. Go to the Backup and Restore page and run a backup. This backs up settings and the database.
3. Go to the High Availability page and click Suspend to prevent failover while upgrades are running.
4. Download Software and Security updates using BeyondTrust Updater. Open a case with BeyondTrust Technical Support if you need links to any software not available through BeyondTrust Updater or the Customer Portal.
5. Unlock Security Update packages and installer subscriptions in BeyondTrust Updater:
   • Security Patches for Windows Server 2016/2022
   • Security Patches for SQL 2016/2022
   • U-Series 2016/2022 Environment
   • U-Series 2016/2022 Supporting Software
   • Security Update Package Installer
6. Click Update Now to download all security packages.
7. If one download stops and another does not start, click Update Now again until all are complete.
8. Apply security updates downloaded in step 4.
   • Go to Software and Licensing > Security Updates.
   • Click the vertical ellipsis for the update, and then select + Schedule Security Update.
   • Schedule updates. This provides two options, either to schedule now or at a later date and time.
     • If any new packages are downloaded after the schedule is made they are NOT included.
     • Updates are almost always required and the process resumes without intervention until all packages are installed.
     • Service may become unresponsive during the installation of updates.
     • Progress can also be viewed from this page.
9. Download and install the remaining products from BeyondTrust Updater.
   • Settings in BeyondTrust Updater allow you to configure specific hours to download and install packages.
10. Log in to the passive U-Series Appliance and repeat steps 2 through 7.

*   There is no need to perform a backup, because all the settings are still on the active U-Series Appliance.
*   The database is not accessible on the secondary U-Series Appliance. This is expected, due to SQL mirroring.

11. If needed, set the lock status on the Subscriptions page again.
12. Verify applications were upgraded.
13. Go to the High Availability page, click Resume, and verify database state returns to synchronized.

High availability with services only synchronization - active / active upgrade

Keep the following in mind when running an upgrade:

• Do not turn high availability OFF while performing upgrades.
• Any time an installer or login page for the U-Series Appliance recommends to reboot after installation, reboot before continuing.

Package dependencies

ℹ️

Note

Each new version of U-Series Appliance Management Software might require newer versions of dependent software included in the Supporting Software packages. This typically relates to newer versions of .NET and these should be updated whenever available, but before running any appliance management software updates.

• 2016 and 2022 Environment or Supporting Software packages often depend on a version of SUPI, so it is best to upgrade SUPI to the latest version prior to upgrading the U-Series Appliance software
• To determine the BeyondInsight upgrade path, visit the BeyondInsight release notes website: https://www.beyondtrust.com/docs/release-notes/beyondinsight-password-safe/index.htm

Start the upgrade

1. Go to the Backup and Restore page and run a backup. This backs up settings but NOT any remote databases.
2. Download Software and Security updates using BeyondTrust Updater. Open a case with BeyondTrust Technical Support if you need links to any software not available through BeyondTrust Updater or the Customer Portal.
3. Unlock Security Update packages and installer subscriptions in BeyondTrust Updater:
   • Security Patches for Windows Server 2016/2022
   • Security Patches for SQL 2016/2022 (may not be subscribed if SQL Server is not installed)
   • U-Series 2016/2022 Environment
   • U-Series 2016/2022 Supporting Software
   • Security Update Package Installer
4. Click Update Now to download all security packages.
5. If one download stops and another does not start, then click Update Now again until all are complete.
6. Apply security updates downloaded in step 4:
   • Go to Software and Licensing > Security Updates.
   • Click the vertical ellipsis for the update, and then select + Schedule Security Udate.
   • Schedule Updates. This provides two options, either to schedule now or at a later date and time.
     • New packages downloaded after the schedule is set are NOT included.
     • Updates are almost always required and the process resumes without intervention until all packages are installed.
     • Service may become unresponsive during the installation of updates.
     • Progress can also be viewed from this page.
7. Download and install the remaining products from BeyondTrust Updater.
   • Settings in BeyondTrust Updater allow you to configure specific hours to download and install packages.
8. Log in to the passive U-Series Appliance and repeat steps 2 through 7.
   • There is no need to perform a backup, because all the settings are still on the active U-Series Appliance.
   • The database is not accessible on the secondary U-Series Appliance. This is expected, due to SQL mirroring.
9. If needed, set the lock status on the Subscriptions page again.
10. Verify applications were upgraded.
11. Go to the High Availability page for both active or passive U-Series Appliance and confirm the state is correct (for example, active or passive).
12. If there are other Password Safe worker nodes pointing at the remote database, then those BeyondInsight installations also need to be upgraded.