AuthAnvil Two Factor Auth (2FA) and AuthAnvil Single Sign On (SSO) currently support an ability for users to set up redundant authentication servers. This allows it to be used in high-availability scenarios where it is critical that the servers remain up and available.
Value for the Customer
AuthAnvil 2FA represents one of the customer's most critical systems, as it either augments or replaces their existing authentication system. If the AuthAnvil 2FA server is not available, customers cannot log into any AuthAnvil protected resources, such as Windows Desktops and servers, Kaseya, LPI, Connectwise and AutoTask. While the customer should have a back door configured to allow them access to the protected systems in emergencies, it may not be possible to enable this for all users, meaning that users may be unable to log in for hours or days depending on the scope and severity of the emergency.
This is where redundancy comes into play. Computers and servers will eventually fail, so the customer needs to have a plan for that eventuality. It's something that the customer should configure as part of their disaster recovery planning, as well as to consider when planning their authentication infrastructure. If they are in a situation where they need to meet uptime guarantees, such as where they are reselling AuthAnvil as a service using multitenancy mode, or where they are protecting business-critical systems that users need to have access to at all times, they will definitely want to take advantage of this feature.
For customers who only run a single server environment, or only use AuthAnvil 2FA to protect systems that can have some downtime, redundancy is typically not necessary, although a frequent backup plan is always a good idea. The rule of thumb to determine where redundancy needs to be applied is to determine what systems would be affected if the server goes down, and the threshold for how long those systems can be down for before it negatively impacts the company.
A redundant AuthAnvil 2FA configuration is resistant to the loss of an AuthAnvil server, be it due to power issues, hardware failure, or a meteor striking the data center. AuthAnvil is flexible enough that it can be deployed to almost any configuration that will meet the customer's needs.
While many configurations are possible, the following are the most common scenarios that we run into:
The "Warm" Backup: In this scenario, the customer keeps a recent backup of the AuthAnvil database in a safe location, typically in secure offsite storage. If the AuthAnvil 2FA server goes down or its location suffers a catastrophic failure or natural disaster, this backup can be restored to a waiting server in a disaster recovery facility, and the AuthAnvil agents can be set to authenticate to the new server, allowing users to quickly begin authenticating again with their tokens after a short recovery period.
Two web servers sharing the same database: In this scenario, the customer will run multiple AuthAnvil 2FA web servers, all pointing at the same AuthAnvil 2FA database. Many AuthAnvil Agents support a primary and secondary authentication server, and would be able to fail over immediately if one of the servers went down. For additional protection, the customer can set up redundancy on the database side using Microsoft's SQL tools, although the particular configuration of this is outside of the scope of services that we can provide.
Two web servers with multiple databases: In larger deployments, or scenarios where the customer needs more redundancy, such as a configuration where the customer has multiple physical locations that each need a local AuthAnvil 2FA server, AuthAnvil can be configured similar to Scenario 2, and configured to use SQL server's replication tools to synchronize the information across all of the databases so that the user can use the same token at any of the physical locations. Additionally, If one physical location's AuthAnvil 2FA server goes down, the site administrators can simply redirect the authentication attempts to another location's AuthAnvil 2FA server.
Setting up AuthAnvil 2FA for redundancy
The process for setting up an AuthAnvil server for redundancy is described in an article on the web site and involves transfering the encryption keys from the first AuthAnvil 2FA server to all additional AuthAnvil 2FA servers. This allows all of the 2FA servers to access the user and token information that is securely stored in the database. This functionality is available to all customers and does not require any changes to their account status on our end. Additionally, the subscription system is designed to take any of these scenarios into account so that the customer will not get double billed. Finally, while a customer can configure this on their own, we do recommend that they consult with customer service first to determine what the best configuration is for their needs.