In this release, Pulse Secure Virtual Traffic Manager has more enhancements for closer integration with Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS), including support for simpler session persistence of RADIUS.
In this release, Pulse Secure Virtual Traffic Manager has additional tools to help with intelligent load balancing of Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS). In addition, new global settings for Session Persistence allow for simpler workload management with timeout of unused session entries in the persistence cache table.
Intelligent LB for PCS/PPS - Traffic Manager now supports intelligent load-balancing for Pulse Connect Secure VPN gateways and Pulse Policy Secure network access control. This capability uses a new built-in service discovery plugin to discover PCS/PPS cluster nodes, and can optimize the license usage across cluster nodes by directing new sessions based on available license capacity. Session Persistence Timeouts - Closer control over the persistence cache in Traffic Manager makes it easier to redistribute workload following node reconfiguration or failure, by providing all session persistence entries with an optional lifetime. After an entry expires it is deleted from the persistence cache: a global timeout value can be set for each of the three persistence methods, Source IP, J2EE and Universal persistence. Note that the timeout value is measured since last use, rather than first use: new SNMP monitors are also available to help track session expiry. Long-Term Support release - For customers who prefer longer support cycles to support their operational model, Pulse Secure is identifying Pulse vTM 19.2 as an LTS (Long Term Support) release. As a result, support for Pulse vTM 19.2 will be available for three years after the release date. For more information, please refer to the release notes, available on the download portal. A complete set of user documentation is also available on http://pulsesecure.net/vadc-docs including getting started guides, installation, configuration and API reference documentation.
Fixed-size licensing works for fixed-sized applications. If your application rarely changes, and sees a steady workload, then you can optimize the costs of the platform to match the resources you need.
by Aidan Clarke
Traditional IT applications were simple: they lived in one place, in your data center. If you wanted more capacity, you added more servers, storage and networks. If you wanted to make the application more reliable, you doubled it to make it highly available: you had one system running “active” - while the other system waited on “standby.” This concept of “redundancy” was simple, so long as you could buy two of everything, and were happy that only half of the infrastructure was active at any one time - not an efficient solution.
But modern applications need a modern approach to performance, security and reliability: which is why Pulse vADC approaches things differently, a software solution for a software world, where distributed applications need an “always-active” architecture.
We often hear from IT professionals that they used to avoid Active/Active architectures; for fear that performance would be compromised under failure. Our customers routinely deploy Pulse vADC in Active/Active, or even Active/Active/Active/Active solutions all the time: they can choose the right balance between node and cluster size, to optimize the availability, while reducing the size of the fault domain.
Similarly, high-availability architectures used to require that HA peers were installed as Layer 2 adjacent (ie: on the same network). These architectures simply don't work in today's clouds; for example, AWS availability zones, by their very design, are on different Layer 3 networks. In order to run a Layer 2 HA pair in Amazon AWS, you need to put your whole solution in a single AWS Availability zone - a practice that Amazon architects strongly discourage.
With Pulse vADC, if you can connect to each other via a network, then you can cluster your application. Which means that you can choose an availability architecture to suit your application - whether it lives in your data center, in a cloud, or both.
Get started with Pulse vADC today, our Community Edition is free to download and try out in your test and development environment.
This article is part of a series, beginning with:
Staying Afloat in the Application Economy
More to Explore:
Prev: One ADC Platform, Any Environment
Next: Intelligent N+M Clustering
In this release, Pulse Secure Services Director offers the capability to deploy Application Templates to automate configuration of clusters. In addition, Services Director supports a new secure websockets connection for more robust management of Traffic Manager instances in Kubernetes and NAT-enabled networks.
In this release, Pulse Secure Virtual Traffic Manager adds a new Wizard to speed up deployment of Optimal Gateway Selection for closer integration with Pulse Connect Secure. Other new features add support for Kubernetes Helm Charts, container networking and more.
Pulse Secure vADC solutions are supported on Google Cloud Platform, with hourly billing options for applications that need to scale on-demand to match varying workloads. A range of Pulse Secure Virtual Traffic Manager (Pulse vTM) editions are available, including options for the Pulse vTM Developer Edition and Pulse Secure Virtual Web Application Firewall (Pulse vWAF), available as both a virtual machine and as a software installation on a Linux virtual machine. This article describes how to quickly create a new Pulse vTM instance through the Google Cloud Launcher. For additional information about the use and configuration of your Pulse vTM instance, see the product documentation available at www.pulsesecure.net/vadc-docs. Launching a Pulse vTM Virtual Machine Instance To launch a new instance of the Pulse vTM virtual machine, use the GCE Cloud Launcher Web site. Type the following URL into your Web browser: https://cloud.google.com/launcher Browse or use the search tool to locate the Pulse Secure package applicable to your requirements, then click the package icon to see the package detail screen. To deploy a new Pulse vTM instance 1. To start the process of deploying a new instance, click Launch on Compute Engine. 2. Type an identifying name for the instance, select the image version, then select the desired geographic zone and machine type. Individual zones might have differing computing resources available and specific access restrictions. Contact your support provider for further details. 3. Ensure the boot disk correspond to your computing resource requirements. Pulse Secure recommends not changing the default disk size as this might affect the performance of your Pulse vTM. 4. By default, GCE creates firewall rules to allow HTTP and HTTPS traffic, and to allow access to the Web-based Pulse vTM Admin UI on TCP port 9090. To instead restrict access to these services, untick the corresponding firewall checkboxes. Note: If you disable access to TCP port 9090, you cannot access the Pulse vTM Admin UI to configure the instance. 5. If you want to use IP Forwarding with this instance, click More and set IP forwarding to "On". 6. Pulse vTM needs access to the Google Cloud Compute API, as indicated in the API Access section. Keep this option enabled to ensure your instance can function correctly. 7. Click Deploy to launch the Pulse vTM instance. The Google Developer Console confirms that your Pulse vTM instance is being deployed. Next Steps After your new instance has been created, you can proceed to configure your Pulse vTM software through its Admin UI. To access the Admin UI for a successfully deployed instance, click Log into the admin panel. When you connect to the Admin UI for the first time, Pulse vTM presents the Initial Configuration wizard . This wizard captures the networking, date/time, and basic system settings needed by your Pulse vTM software to operate normally. For full details of the configuration process, and for instructions on performing various other administrative tasks, see the Cloud Services Installation and Getting Started Guide .